Analysis of SaaS and On Premise ICT solutions for SMEs
-
Upload
sriharikuttikkatt -
Category
Documents
-
view
43 -
download
0
description
Transcript of Analysis of SaaS and On Premise ICT solutions for SMEs
-
Graduate School of Social Sciences
Department of Business Administration
Analysis of SaaS and On Premise
ICT solutions for SMEs in Turkey
e-MBA Graduation Project
Salih Blent zkr
101112127
Project Advisor:
Yrd.Do.Dr. Levent Aksoy
stanbul, Ocak 2012
-
T.C. MALTEPE NVERSTES
e-MBA BTRME PROJES ONAY FORMU
Proje Konusu : Analysis of SaaS and On Premise ICT solutions for SMEs in Turkey
Projeyi Yapan rencinin;
Ad Soyad : SALH BLENT ZKIR
renci Numaras : 101112127
Maltepe niversitesi e-MBA yksek lisans programnn Proje dersini Baarl olarak
tamamlamtr.
Bu form ile birlikte 2 suret ciltli bitirme projesi ve Bitirme Projesi dosyasn ieren CD ile
Sosyal Bilimler Enstitsne teslim edilecektir.
20 / 01 / 2012
Yrd.Do.Dr.Levent Aksoy
Proje Danman
-
TABLE OF CONTENTS
PREFACE ..................................................................................................................... i
ABSTRACT ................................................................................................................. ii
LIST OF ABBREVIATIONS ..................................................................................... iii
LIST OF TABLES ...................................................................................................... iv
LIST OF FIGURES ..................................................................................................... v
1 INTRODUCTION ............................................................................................... 1
2 DEFINITION AND TAXONOMY ..................................................................... 4
2.1 Overview of Cloud Computing ..................................................................... 4
2.2 Definition of Cloud Computing .................................................................... 6
2.2.1 Deployment Models ............................................................................... 7
2.2.2 Service Models ....................................................................................... 8
2.2.3 Essential Characteristics ........................................................................ 9
2.2.4 Illustration of NIST Cloud Definition .................................................. 10
2.2.5 Differences in Scope and Control among Cloud Service Models ....... 11
2.3 Conceptual Cloud Reference Architecture .................................................. 13
2.4 Possible Services Available to Cloud Consumers ....................................... 16
3 PROBLEM DEFINITION ................................................................................. 20
4 METHODS ........................................................................................................ 24
5 SaaS MARKET AND VENDOR ANALYSIS .................................................. 27
5.1 Changing Sources of Firm Software ........................................................... 27
5.2 Evolution of SaaS - Yesterday, Today, and Tomorrow .............................. 28
5.3 Forrester Research SaaS Maturity Model ................................................... 30
5.4 Key Technology Considerations for SaaS Providers .................................. 33
5.5 In House or SaaS ......................................................................................... 34
5.6 Advantages of SaaS Service Model for Turkish SMEs .............................. 35
5.6.1 Hardware, Software, and IT Staff Cost Savings .................................. 38
-
5.6.2 Easy To Adopt ..................................................................................... 40
5.6.3 Less Problematic Software Updates and Patches ................................ 40
5.6.4 Scalability on Peak Times .................................................................... 40
5.6.5 Pay per Use Financial Model ............................................................... 43
5.6.6 Improved Release Management and Testing of New Releases ........... 43
5.6.7 Rapid Resource Provisioning ............................................................... 44
5.6.8 SLAs .................................................................................................... 44
5.6.9 Security ................................................................................................ 45
5.6.10 Few Technical Skills Required for New Technology .......................... 46
5.7 Disadvantages of SaaS Service Model for Turkish SMEs .......................... 47
5.7.1 Cloud Computing Knowledge and Understanding .............................. 49
5.7.2 Security ................................................................................................ 50
5.7.3 System Integration Capability .............................................................. 51
5.7.4 Ability to Move Among SaaS Providers and Ability to Change
Deployment Models When Necessary ............................................................... 51
5.7.5 Availability and Reliability .................................................................. 52
5.7.6 Adaptability and Task Productivity ..................................................... 54
5.7.7 Regulatory and Compliance Issues ...................................................... 54
5.7.8 Impact on IT Roles and Responsibilities ............................................. 54
5.7.9 IT Governance Issues ........................................................................... 55
5.7.10 Different Cloud Computing Standards among Cloud Providers ......... 56
6 TURKISH ICT MARKET ANALYSIS ............................................................ 59
6.1 Analysis of Current IT Usage, Risks, and Issues in Turkish ICT Market ... 59
6.1.1 ICT in Turkey and SWOT Analysis of the ICT Market ...................... 59
6.1.2 Internet and FaceBook Usage in Turkey and Europe .......................... 63
6.1.3 OECD Outlook for SMEs in Turkey ................................................... 66
6.1.4 Report Stating Turkey's SMEs Lag in IT ............................................. 68
6.2 Turkey Cloud Computing Survey Results .................................................. 69
6.3 SWOT Analysis of Using SaaS for Turkish SMEs ..................................... 71
6.3.1 Strengths of SaaS ................................................................................. 71
-
6.3.2 Weaknesses of SaaS ............................................................................. 73
6.3.3 Opportunities of SaaS .......................................................................... 75
6.3.4 Threats of SaaS .................................................................................... 76
7 DECISION MODEL FOR SELECTING SaaS PROVIDER ............................ 79
7.1 SaaS Provider Qualification Checklist ........................................................ 79
7.2 Multi Criteria Based Cloud Service Provider Selection Scoring Model ..... 81
7.3 Total Cost Of Ownership (TCO) ................................................................. 82
7.3.1 IT Service Costing Model for On Premise .......................................... 83
7.3.2 TCO Calculation Examples ................................................................. 86
7.3.3 TCO of SaaS vs. On Premise Using Simple Approach ....................... 86
7.3.4 TCO Of SaaS vs. On Premise Using another Simple Approach ......... 88
7.3.5 The SaaS vs. On Premise TCO Calculator .......................................... 90
7.3.6 TCO Calculation Comparing SaaS With On Premise Solution ........... 92
7.3.7 TCO for Office 365 vs. On Premise .................................................... 93
7.3.8 TCO for CRM On Demand vs. CRM On Premise .............................. 94
7.3.9 TCO for On Premise and Office 365 online using Microsofts tool .... 95
7.4 Return On Investment (ROI) ....................................................................... 99
7.4.1 ROI Comparisons for Different SaaS Applications Using Complex
Approaches ...................................................................................................... 100
7.4.2 Forrester Researchs Total Economic Impact Model Analysis for
Office 365 ........................................................................................................ 102
8 DISCUSSIONS ................................................................................................ 107
9 CONCLUSION ................................................................................................ 109
10 REFERENCES ................................................................................................ 111
CURRICULUM VITAE .......................................................................................... 113
-
i
PREFACE
This study is written as the final graduation work of the Maltepe EMBA English
program.
First of all, I would like to thank my study supervisor, Yrd.Do.Dr. Levent Aksoy,
for lots of great inspiration, ideas, comments, and feedbacks.
I would like to sincerely thank Serdar Angn, Distance Education Coordinator at
Maltepe University, for his coordination, kindness, guidance, and professionalism
during my EMBA program.
I also want to express my utmost gratitude to my instructors at the program who
helped me to develop and improve my business acumen and skills.
Finally, lots of thanks are due to my wife, Yrd.Do.Dr. Vildan etinsaya zkr, for expertly proof reading this study. Hopefully she has tried to remove all the serious
errors, but any that might be left are wholly my responsibility.
-
ii
ABSTRACT
This study is written to provide guidance for evaluation SaaS solutions and
comparing it with on premise solutions by developing an integrated framework
which includes qualitative and quantitative aspects. The cloud computing is a fairly
new technology that has many facets that remain mysterious to the average person.
This study will seek to help familiarize SMEs and analysts with the SaaS concept
and why it makes sense to subscribe IT applications online instead of owning them
on premise. The variety of options and potential benefits of SaaS make it a
consideration worth making.
This study is written for SMEs particularly who want to use their IT budget and
resources better than their competitors in the future. Although written with SMEs in
mind, large organizations may also benefit from it due to hybrid deployment models.
There are a several options when it comes to SaaS. SMEs must understand the
nuances inherent in the different models they evaluate, along with understanding the
difference between SaaS, hybrid, hosted, and in-house.
If we make analogy such as most companies do not build their own electrical
generating plants or their own water treatment facilities. They purchase only the
utilities they really need without wasting any resources deliberately. Why not do that
with computing in terms of fitness for purpose and fitness for use.
This study covers the in depth analysis of SaaS service model and public deployment
model of cloud computing. SaaS is never one-size-fits-all, however. IT departments
should have a clear framework for evaluating and operating any new model, and a
detailed supply chain IT impact assessment should be performed to determine if the
SaaS model is a good match for the operation. Benefits such as rapid deployment,
lower cost, and scalability must be balanced by other key decision criteria particular
to an organization such as fit for use, fit for purpose, total cost of ownership (TCO),
return on investment (ROI) and risk. Evaluations should consider both long-term
ROI and short-term total cost of ownership.
-
iii
LIST OF ABBREVIATIONS
CAL : Client Access License
COBIT : Control Objectives for Information and related Technology
CRM : Customer Relationship Management
ESB : Enterprise Service Bus
HIPAA : Health Insurance Portability and Accountability Act
HR : Human Resources
ICT : Information and Communication Technologies
IaaS : Infrastructure as a Service
ISO : International Organization for Standardization
IT : Information Technology
NIST : National Institute of Standards and Technology
NPV : Net Present Value
PaaS : Platform as a Service
PV : Present Value
ROI : Return on Investment
SaaS : Software as a Service
SLA : Service Level Agreement
SME : Small Medium Enterprise
SWOT : Strengths Weaknesses Opportunities Threats
TCO : Total Cost of Ownership
TUBISAD : Trkiye Biliim Sanayicileri Dernei
-
iv
LIST OF TABLES
Table 2.1 Actors in Cloud Computing ....................................................................... 15
Table 5.1 Comparison Between In-House And SaaS Solutions ................................ 35
Table 6.1 SWOT Analysis of Turkish ICT Market ................................................... 60
Table 6.2 Internet Penetration in Turkey ................................................................... 64
Table 6.3 Internet and Facebook Usage in Europe, June 2011 .................................. 65
Table 6.4 Internet Usage and Population Statistics in Turkey ................................... 66
Table 7.1 A Scoring Model for SaaS Vendor Service Selection ............................... 82
Table 7.2 TCO Cost Components .............................................................................. 83
-
v
LIST OF FIGURES
Figure 2.1 NIST Cloud Definition ............................................................................. 11
Figure 2.2 Differences in Scope and Control among Cloud Service Models ............ 12
Figure 2.3 Seperation of Responsibilities .................................................................. 13
Figure 2.4 Conceptual Reference Model of Cloud Computing ................................. 15
Figure 2.5 Possible Services Available to Cloud Consumers .................................... 16
Figure 4.1 Integrated Framework for Filtering and Selecting SaaS Providers .......... 26
Figure 5.1 Sources of Software Expenditures ............................................................ 28
Figure 5.2 Possible Evolution Of SaaS from past to future ....................................... 30
Figure 5.3 SaaS Maturity Model according to Forrester ........................................... 31
Figure 5.4 Technology Considerations Regarding SaaS Provider Selection ............. 34
Figure 5.5 Primary Drivers for Considering Cloud Computing ................................ 38
Figure 5.6 Cloud Related Investments Can To Help Reduce ICT Spending ............. 39
Figure 5.7 Provisioning For Peak Load ..................................................................... 41
Figure 5.8 Underprovisioning 1 ................................................................................. 42
Figure 5.9 Underprovisioning 2 ................................................................................. 42
Figure 5.10 Malicious and Potentially Unwanted Software ...................................... 46
Figure 5.11 The Major Concerns And Barriers To Cloud Adoption ......................... 48
Figure 5.12 Key Concerns in Deploying Cloud based Business Solutions ............... 49
Figure 6.1 Breakdown of ICT Spending in Turkey ................................................... 61
Figure 6.2 Hardware Expenditure in Turkey ............................................................. 62
Figure 6.3 ICT Canada Projected Spending on Hardware, Software, Services and
Communications 2010 to 2013 (WITSA) Digital Plant, 2010, (Forecast in US$) .... 63
Figure 6.4 Top 10 Internet Countries in Europe, March 31, 2011 ............................. 66
Figure 6.5 Currently Leveraging Cloud Computing .................................................. 70
Figure 6.6 Leveraging Cloud Computing In These Areas Currently ......................... 70
Figure 6.7 Cloud Computing Initiative In Place Within The Organization ............... 71
Figure 7.1 A model for Calculating the cost of IT Services ...................................... 85
Figure 7.2 IT Service Based Costing ......................................................................... 86
Figure 7.3 The SaaS vs. On Premise TCO Calculator Comparison Data .................. 91
Figure 7.4 The SaaS vs. On Premise TCO Calculator Results .................................. 92
Figure 7.5 TCO For 100 Users SME, Office 365 vs. On Premise ............................. 94
Figure 7.6 TCO For 100 Users SME, CRM On Demand vs. CRM On Premise ....... 95
Figure 7.7 Microsoft Office 365 TCO Tool, Initial Page .......................................... 96
Figure 7.8 Microsoft Office 365 TCO Tool, Inputs Page .......................................... 97
Figure 7.9 Microsoft Office 365 Tool, Results Page ................................................. 98
-
vi
Figure 7.10 Microsoft Office 365 Tool, Cost Comparison Page For Office 365 vs. On
Premise Software ....................................................................................................... 99
Figure 7.11 Model: Total Economic Impact Analysis Summary - SaaS CRM ....... 101
Figure 7.12 Model: Total Economic Impact Analysis Summary - SaaS HR .......... 101
Figure 7.13 Model: Total Economic Impact Analysis Summary - Saas IT
Management ............................................................................................................. 102
Figure 7.14 Composite Organization Three-Year Risk-Adjusted Roi ..................... 103
Figure 7.15 Composite Organization Three-Year Risk-Adjusted Cumulative Cash
Flow ......................................................................................................................... 106
-
1
1 INTRODUCTION
Cloud computing is simply the ability to access files and applications online through
multiple devices, such as computer, browser, or phone. The analogy that derives
cloud computing concept is if somebody needs milk, that person should not buy a
cow.
Forrester Research defines cloud computing as a standardized IT capability
(software, infrastructure, or services) delivered in a pay-per-use self-service way
(Staten, 2009).
Cloud computing is a technology that uses the internet and central remote servers to
maintain data and applications. Cloud computing allows consumers and businesses to
use applications without installation and access their personal files at any computer
with internet access. This technology allows for much more inefficient computing by
centralizing storage, memory, processing and bandwidth.
Businesses around the world are already beginning to make the transition to this new
model of computing. Basically, there are three reasons why this trend is so
overwhelming: agility, focus and economics. Agility, focus, and economics are the
key factors that motivating companies to make the move to cloud computing.
The first is agility, which has several facets. Cloud computing speeds up the ability
to capitalize on new opportunities, and respond to changes in business demand.
Business can deploy applications much faster and more efficiently, and business can
deliver solutions to its end users so they can work from nearly anywhere, at any time,
across devices in ways that are both secure and manageable. Also, with cloud
computing, the entire IT infrastructure business need to operate quickly and
-
2
efficiently is available at the flip of a switch. So, the next time the marketing
department launches a campaign and doesn't tell anybody, its Website is much less
likely to go down. The environment can quickly scale up and down to meet spikes in
demand.
The second factor driving adoption of cloud computing is "focus. By this we mean
the ability to focus on improving the success of the business through better IT. Put
another way, business can focus more on innovation and less on infrastructure.
Today, the typical IT department spends most of its time and money on maintenance
and operations. Cloud computing cuts those costs down dramatically. ICT
infrastructure is abstracted and its resources are pooled, so IT runs more like a utility
than a collection of complicated (and often fragile) software and hardware systems.
When business can pay more attention to ideas than IT complexity, business adds a
new kind of value to the business.
The third factor driving adoption of cloud computing is economics. This means
lowering the cost of delivering IT and increasing the utilization and efficiency of the
datacenter and IT spending. The delivery costs go down because now business can
offer self-service of applications and resources, and business can meter the usage of
those resources in new and very precise ways. Utilization goes up because the
infrastructure resources (storage, compute, and network) are now pooled and
abstracted. So, for example, when a self-service application is finished, the server
and storage resources it used will go right back into the pool. The environment is
highly automated so the ICT systems are not just sitting around idle, they are always
at work as much as needed, not much, not less.
-
3
This study explores and analyzes the benefits and risks of cloud computing for Small
and Medium sized Enterprises (10 < full time employees < 251) in Turkey using
global and local information available. The study will inspects the ROI of public
Cloud Services offerings provided by some SaaS vendors. This study also performs
SWOT analysis of cloud computing for the SaaS market. The study will also exhibit
cost comparison of public cloud services vs. on premise IT including all direct and
indirect costs and benefits over 5 years. However, the keep the scope more
understandable and concise, the study will only focus on public deployment model
and SaaS service model, thus, private and hybrid deployment models as well as PaaS
and IaaS service models are excluded.
-
4
2 DEFINITION AND TAXONOMY
Consumer and business products, services and solutions delivered and consumed in
real-time over the Internet. Cloud services are shared, standard services, built for a
market, not for any specific customer. Cloud computing is a general term for
anything that involves delivering hosted services over the Internet. These services are
broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-
a-Service (PaaS) and Software-as-a-Service (SaaS). A cloud service has several
distinct characteristics that differentiate it from traditional hosting which is on-
premise. A cloud can be deployed as private, public, hybrid, or community.
2.1 Overview of Cloud Computing
Cloud computing, or simply cloud, is changing how IT delivers services and how a
user can access computing resources at work, from home, and on the go. Cloud
enables IT to respond to business opportunities with on-demand deliveries that are
cost-effective and agile in the long run. Much happening in enterprise IT now is a
journey to transform existing IT establishment into a cloud-friendly, cloud-ready,
cloud-enabled environment.
The evolution of cloud computing can be split into 3 phases (Banerjee, 2011).
The Idea Phase: This started in the 1960s and stretched to the pre internet
bubble era. The core idea of computing as a utility computing and grid
computing developed.
The Pre Cloud Phase: This started around 1999 and lasted till 2006. In this
phase internet as the mechanism to provide Application as Service got
developed.
-
5
The Cloud Phase: this phase started in 2007 when the term cloud computing
term became popular and the sub classification of IaaS, PaaS & SaaS got
formalized.
Client computing is one of the most optimum ways of providing computing
resources and software. The concept typically runs on the established convention of
the internet where clients and servers communicate remotely and on demand via
subscription model. The concept can sometimes be referred to as Internet as a
Product since all products provided via Internet infrastructure by commercial
companies can be rent as a kind of cloud computing service.
Cloud computing is a technology that uses the internet and central remote servers to
maintain data and applications. Cloud computing allows consumers and businesses to
use applications without installation and access their personal files at any computer
with internet access. This technology allows for much more inefficient computing by
centralizing storage, memory, processing and bandwidth.
Cloud computing provides new services ranging from data storage to end-to-end
computing. Cloud computing takes away the task of infrastructural deployment and
makes technology, platform or just software readily available commodities just like
electricity or water or gas or TV. One pays as per the usage besides other set up
costs, which when combined, are far less than the conventional ways of acquiring
technology.
Cloud computing is broken down into three segments: "application" "storage" and
"connectivity." Each segment serves a different purpose and offers different products
for businesses and individuals around the world.
-
6
Community cloud shares infrastructure between several organizations from a specific
community with common concerns (security, compliance, jurisdiction, etc.), whether
managed internally or by a third-party and hosted internally or externally. The costs
are spread over fewer users than a public cloud (but more than a private cloud), so
only some of the benefits of cloud computing are realized.
2.2 Definition of Cloud Computing
For Information Technology (IT) technical professionals, Cloud Computing may
mean utility computing, high speed grids, virtualization, automatic configuration and
deployment, on-demand and remote processing, and combinations of them. For
business users, Cloud Computing is simply the Internet, a cable form a service
provider or just something out there networked with my computer. Either public,
private, or in between, the conventional wisdom, as published in The NIST
Definition of Cloud Computing, assumes noticeable characteristic regarding how
computing resources are made available in Cloud.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand
network access to a shared pool of configurable computing resources (e.g., networks,
servers, storage, applications, and services) that can be rapidly provisioned and
released with minimal management effort or service provider interaction. This cloud
model is composed of five essential characteristics, three service models, and four
deployment models (Mell & Grance, 2011).
The National Institute of Standards and Technology (NIST) explain these essential
characteristics, service models and deployment models as in the following
subsections.
-
7
2.2.1 Deployment Models
A cloud deployment model represents a specific type of cloud environment,
primarily distinguished by ownership and size. These can be summarized as private
cloud, community cloud, public cloud, and hybrid cloud (Mell & Grance, 2011).
Private cloud: The cloud infrastructure is provisioned for exclusive use by a
single organization comprising multiple consumers (e.g., business units). It may be
owned, managed, and operated by the organization, a third party, or some
combination of them, and it may exist on or off premises.
Community cloud: The cloud infrastructure is provisioned for exclusive
use by a specific community of consumers from organizations that have shared
concerns (e.g., mission, security requirements, policy, and compliance
considerations). It may be owned, managed, and operated by one or more of
the organizations in the community, a third party, or some combination of them,
and it may exist on or off premises.
Public cloud: The cloud infrastructure is provisioned for open use by the
general public. It may be owned, managed, and operated by a business, academic, or
government organization, or some combination of them. It exists on the premises of
the cloud provider.
Hybrid cloud: The cloud infrastructure is a composition of two or
more distinct cloud infrastructures (private, community, or public) that remain
unique entities, but are bound together by standardized or proprietary technology
that enables data and application portability (e.g., cloud bursting for load
balancing between clouds).
-
8
2.2.2 Service Models
A cloud delivery model represents a specific combination of IT resources offered by
a cloud provider. These can be summarized as Software as a Service, Platform as a
Service, and Infrastructure as a Service (Mell & Grance, 2011).
Software as a Service (SaaS): The capability provided to the consumer
is to use the providers applications running on a cloud infrastructure. The
applications are accessible from various client devices through either a thin client
interface, such as a web browser (e.g., web-based email), or a program interface. The
consumer does not manage or control the underlying cloud infrastructure including
network, servers, operating systems, storage, or even individual application
capabilities, with the possible exception of limited user-specific application
configuration settings.
Platform as a Service (PaaS): The capability provided to the consumer is to
deploy onto the cloud infrastructure consumer-created or acquired applications
created using programming languages, libraries, services, and tools supported
by the provider. The consumer does not manage or control the underlying
cloud infrastructure including network, servers, operating systems, or storage, but
has control over the deployed applications and possibly configuration settings for the
application-hosting environment.
Infrastructure as a Service (IaaS): The capability provided to the
consumer is to provision processing, storage, networks, and other fundamental
computing resources where the consumer is able to deploy and run arbitrary
software, which can include operating systems and applications. The consumer
does not manage or control the underlying cloud infrastructure but has control over
-
9
operating systems, storage, and deployed applications; and possibly limited control
of select networking components (e.g., host firewalls).
2.2.3 Essential Characteristics
A cloud is a distinct and remote IT environment designed for the purpose of remotely
provisioning scalable and measured IT resources. In order to remotely provision
scalable and measured IT resources in an effective manner, an IT environment
requires a specific set of characteristics. These characteristics need to exist to a
meaningful extent for the IT environment to be considered an effective cloud. These
can be summarized as on-demand self-service, broad network access, resource
pooling, rapid elasticity, and measured service (Mell & Grance, 2011).
On-demand self-service: A consumer can unilaterally provision
computing capabilities, such as server time and network storage, as needed
automatically without requiring human interaction with each service provider.
Broad network access: Capabilities are available over the network and
accessed through standard mechanisms that promote use by heterogeneous thin
or thick client platforms e.g., mobile phones, tablets, laptops, and workstations.
Resource pooling: The providers computing resources are pooled to serve
multiple consumers using a multi-tenant model, with different physical and
virtual resources dynamically assigned and reassigned according to consumer
demand. There is a sense of location independence in that the customer generally
has no control or knowledge over the exact location of the provided resources but
may be able to specify location at a higher level of abstraction e.g., country, state,
or datacenter. Examples of resources include storage, processing, memory, and
network bandwidth.
-
10
Rapid elasticity: Capabilities can be elastically provisioned and released,
in some cases automatically, to scale rapidly outward and inward
commensurate with demand. To the consumer, the capabilities available for
provisioning often appear to be unlimited and can be appropriated in any quantity at
any time.
Measured service: Cloud systems automatically control and optimize
resource use by leveraging a metering capability at some level of abstraction
appropriate to the type of service e.g., storage, processing, bandwidth, and active
user accounts. Resource usage can be monitored, controlled, and reported,
providing transparency for both the provider and consumer of the utilized
service.
2.2.4 Illustration of NIST Cloud Definition
The NIST cloud definition shown in the Figure 2.1 below recognizes several types of
cloud deployment models, service models, essential and common characteristics.
This figure lists Common Characteristics which is not part of the NIST essential
definition additional quality attributes in the lower section that can help to prioritize
what cloud features are important to organizations.
-
11
Figure 2.1 NIST Cloud Definition
Source: Joyner., J. (2011). How cloudy is your cloud - The NIST offers a cloud standard,
http://www.techrepublic.com/blog/networking/how-cloudy-is-your-cloud-the-nist-offers-a-
cloud-standard/4635
2.2.5 Differences in Scope and Control among Cloud Service Models
The following Figure 2.2 illustrates the differences in scope and control between the
cloud subscriber and cloud provider, for each of the service models discussed above.
Five conceptual layers of a generalized cloud environment are identified in the
center diagram and apply to public clouds, as well as each of the other
deployment models. The arrows at the left and right of the diagram denote the
approximate range of the cloud providers and users scope and control over the
cloud environment for each service model. In general, the higher the level of support
available from a cloud provider, the more narrow the scope and control the cloud
subscriber has over the system (Jansen & Grance, 2011). The two lowest layers
shown denote the physical elements of a cloud environment, which are under
the full control of the cloud provider, regardless of the service model.
-
12
Heating, ventilation, air conditioning (HVAC), power, communications, and other
aspects of the physical plant comprise the lowest layer, the facility layer, while
computers, network and storage components, and other physical computing
infrastructure elements comprise the hardware layer.
The remaining layers denote the logical elements of a cloud environment.
The virtualized infrastructure layer entails software elements, such as hypervisors,
virtual machines, virtual data storage, and supporting middleware components used
to realize the infrastructure upon which a computing platform can be established.
While virtual machine technology is commonly used at this layer, other means of
providing the necessary software abstractions are not precluded. Similarly, the
platform architecture layer entails compilers, libraries, utilities, and other software
tools and development environments needed to implement applications. The
application layer represents deployed software applications targeted towards end-
user software clients or other programs, and made available via the cloud.
Figure 2.2 Differences in Scope and Control among Cloud Service Models
Source: Jansen, W. Grance, T. (2011). Guidelines on Security and Privacy in Public Cloud
Computing, http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-
computing.pdf
-
13
2.3 Conceptual Cloud Reference Architecture
One way to describe cloud computing is to base on the service delivery models.
There are three, namely SaaS, PaaS and IaaS and depending on which model, a
subscriber and a service provider hold various roles and responsibilities in
completing a service delivery.
A schematic is shown below in Figure 2.3 highlighting the various functional
components exposed in the three service delivery models in cloud computing
compared with those managed in an on-premises deployment. Essentially, cloud
computing presents separation of subscribers roles and responsibilities from those of
a service providers. And by subscribing a particular service delivery model, a
subscriber implicitly agrees to relinquish certain level of access to and control over
resources.
Figure 2.3 Seperation of Responsibilities
Source: Chou, Y. (2010). Cloud Computing Primer for IT Pros,
http://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-for-it-
pros.aspx
-
14
In SaaS, the entire deliveries are provided by a service provider through cloud. The
benefit to a subscriber is there is ultimately no maintenance needed, other than the
credentials to access the application, i.e. the software. At the same time, SaaS also
means there is little control a subscriber has on how the computing environment is
configured and administered outside of a subscribed application. This is the user
experience of, for example, some email offering or weather reports in Internet.
In PaaS, the offering is basically the middleware where the APIs exposed, the service
logic derived, the data manipulated, and the transactions formed. It is where most of
the magic happens.
A subscriber in this model can develop and deploy applications with much control
over the applied intellectual properties. Out of the three models, IaaS provides most
manageability to a subscriber. Form OS, runtime environment, to data and
applications all are managed and configurable. This model presents opportunities for
customizing operating procedures with the ability to on-demand provision IT
infrastructure delivered by virtual machines in cloud.
As shown in the Figure 2.4, the NIST cloud computing reference architecture defines
five major actors: cloud consumer, cloud provider, cloud carrier, cloud auditor and
cloud broker. Each actor is an entity (a person or an organization) that participates in
a transaction or process and/or performs tasks in cloud computing.
-
15
Figure 2.4 Conceptual Reference Model of Cloud Computing
Source: Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L. & Leaf, D. (2011). NIST
Cloud Computing Reference Architecture,
http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505
The following Table 2.1 briefly lists the actors as defined in the NIST cloud
computing reference architecture.
Table 2.1 Actors in Cloud Computing
Actor Definition
Cloud
Consumer
A person or organization that maintains a business relationship
with, and uses service from, Cloud Providers.
Cloud Provider A person, organization, or entity responsible for making a
service available to interested parties.
Cloud Auditor A party that can conduct independent assessment of cloud
services, information system operations, performance and
security of the cloud implementation.
Cloud Broker
An entity that manages the use, performance and delivery
of cloud services, and negotiates relationships between
Cloud Providers and Cloud Consumers.
Cloud Carrier
An intermediary that provides connectivity and transport of
cloud services from Cloud Providers to Cloud Consumers.
Source: Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L. & Leaf, D. (2011). NIST
Cloud Computing Reference Architecture,
http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505
-
16
2.4 Possible Services Available to Cloud Consumers
The documentation inside Cloud Reference Architecture outlines several cloud
computing examples depending on the service models (Liu et al., 2011).
Depending on the services requested, the activities and usage scenarios can be
different among cloud consumers. The Figure 2.5 below presents some possible
cloud services that can be provided to cloud consumers by cloud providers.
Figure 2.5 Possible Services Available to Cloud Consumers
Source: Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L. & Leaf, D. (2011). NIST
Cloud Computing Reference Architecture,
http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505
List of possible services that can be consumed by a typical cloud consumer are
documented in the NIST Cloud Computing Reference Architecture as below.
SaaS services: SaaS is a model where an application is available on demand.
It is the most common form of cloud computing delivered today.
-
17
o Email and Office Productivity: Applications for email, word
processing, spreadsheets, presentations, etc.
o Billing: Application services to manage customer billing based on
usage and subscriptions to products and services.
o Customer Relationship Management (CRM): CRM applications
that range from call center applications to sales force automation.
o Collaboration: Tools that allow users to collaborate in workgroups,
within enterprises, and across enterprises.
o Content Management: Services for managing the production of and
access to content for web-based applications.
o Document Management: Applications for managing documents,
enforcing document production workflows, and providing workspaces
for groups or enterprises to find and access documents.
o Financials: Applications for managing financial processes ranging
from expense processing and invoicing to tax management.
o Human Resources: Software for managing human resources
functions within companies.
o Sales: Applications that are specifically designed for sales functions
such as pricing, commission tracking, etc.
o Social Networks: Social software that establishes and maintains a
connection among users that are tied in one or more specific types of
interdependency.
o Enterprise Resource Planning (ERP): Integrated computer-based
system used to manage internal and external resources, including
tangible assets, financial resources, materials, and human resources.
-
18
PaaS Services: PaaS is a platform available on demand for development,
testing, deployment and on-going maintenance of applications without the
cost of buying the underlying infrastructure and software environments.
o Business Intelligence: Platforms for the creation of applications such
as dashboards, reporting systems, and data analysis.
o Database: Services offering scalable relational database solutions or
scalable non-SQL data stores.
o Development and Testing: Platforms for the development and testing
cycles of application development, which expand and contract as
needed.
o Integration: Development platforms for building integration
applications in the cloud and within the enterprise.
o Application Deployment: Platforms suited for general purpose
application development. These services provide databases, web
application runtime environments, etc.
IaaS Services: IaaS is an IT environment with ability for a subscriber to on
demand provision infrastructure. This infrastructure is, for example, delivered
with virtual machines in which a subscriber maintains the OS and installed
applications, while the underlying fabric is managed by a service provider.
o Backup and Recovery: Services for backup and recovery of file
systems and raw data stores on servers and desktop systems.
o Compute: Server resources for running cloud-based systems that can
be dynamically provisioned and configured as needed.
-
19
o Content Delivery Networks (CDNs): CDNs store content and files to
improve the performance and cost of delivering content for web-based
systems.
o Services Management: Services that manage cloud infrastructure
platforms. These tools often provide features that cloud providers do
not provide or specialize in managing certain application
technologies.
o Storage: Massively scalable storage capacity that can be used for
applications, backups, archival, and file storage.
-
20
3 PROBLEM DEFINITION
IT investment is still very risky for SMEs. The results of this research revealed that
SME owners or managers are quite dissatisfied with their existing IT investment and
IT infrastructure (Turan & rkmez, 2011). Many issues related to IT usage and
adoption in worldwide SMEs is also valid for Turkey. Findings of the study are as
follows (Kutlu & Ozturan, 2008):
Increased use of IT in SMEs is mainly for operational and administrative
tasks. Proof of this is the dominant use of accounting and office software.
Development of internal IT skills produce high levels of success with IT
adoption.
Evidence for this is the increase in usage of production applications
indicating a higher level of adoption in parallel with an increase in number of
program developers.
Business owners and managers with positive attitude are inclined to be more
successful in adopting and implementing new technology.
Verification of this is the positioning of SMEs in a higher level of adoption
among the ones that encouraged their employees for IT usage.
One of the factors affecting the usage and adoption of IT in SMEs is the
expected benefits of IT. The findings of this study, which is an indication of
this item, point out that, expected increase in the accuracy of information,
comfort level with technology and expected increase in the processing speed
are the major factors affecting IT implementation decisions.
-
21
We have analyzed the Comscore metrics reports and Email Tracker 2010 usage data
reports. We have identified the following problems for SMEs worldwide. We believe
the same issues apply to the Turkish SMEs as well.
Most of the SMEs are still running old servers in terms of hardware and
software.
One or two employees oversee whole IT operations for growing company, so
they dont have the luxury to apply proven best practices timely.
The SMEs dont have strong backup, restore, and disaster recovery
capability.
SMEs cannot provide high availability or reliability targets.
Performance issues such as delays in mail delivery and email not
downloading properly on smartphones.
Calendars not synchronizing correctly.
SMEs have distributed remote workforce to compete with other SMEs and
large companies.
SMEs can go global if they have new opportunities abroad.
SMEs can merge with other SMEs or can be acquired by large organizations.
SMEs dont have enough IT resources to take on new projects.
If employees change their cell phones, then their directory of contacts do not
work properly sometimes.
SMEs need to share and collaborate with peers and partners over the internet
with fewer clicks in a secure way. For example, they need to share large files
with advertising agencies.
Companies spend a lot of time in custom reporting using old technology and
disintegrated enterprise applications.
-
22
Employees cannot collaborate over internet. For example, they need to edit
same documents simultaneously.
Most of the SMEs have not obtained ISO 20000 and ISO 27001 certifications
which are related to ICT. Therefore they lack security standards.
Internet facing servers are not patched timely which poses security risks.
As a consequence of these research studies, we can deduce that today most of SMEs
have some pains related to their ICT including Software Adequacy, Timeliness,
Software Maintenance, Security and Integrity, Information Content, Productivity,
Information Accuracy, Documentation, Information Format, Vendor Support, Ease
of Use, and Training and Education, which are related to new technology adoptions
and operational costs. SMEs need to focus on higher priority projects related to core
business instead of supporting IT capital investments. SMEs also need to pay only
for services used as they have limited ICT budget. The SMEs have limited
operational ICT employees so they need to reduce IT complexity. Most of the startup
companies and SMEs often try different business opportunities but very few of them
become successful, most of these initiatives fade away. Some of these new products
require extensive ICT spending due to the nature of technology. For SMEs it should
be possible to add computing resources without building new infrastructure for these
new initiatives and research efforts. SMEs mostly dont have enough ICT budget to
apply or upgrade to the latest ICT technology so they lack competitiveness and have
relative poor productivity gains compared to large organizations. Access to leading-
edge technology for a decent cost and effort will allow SMEs to use the latest and
brightest ICT technology similar to large organizations without making huge capital
and operational expenses.
-
23
To alleviate these problems for SMEs, cloud computing is becoming very popular
every day because customers only pay for the computing infrastructure that they
actually use. In many cases users experience lower IT costs than if they had to buy
all the equipment, hire the technical staff to run it and maintain it, and purchase
software applications. This type of on-demand computing is beneficial to small and
medium-size companies since they can easily scale up and down their IT
requirements as the pace of their business demands it. Larger organizations however,
may not want their most sensitive data stored on servers which they dont control.
System reliability is also a special concern to all businesses. The unavailability of
business data and applications for even a few hours may be unacceptable. The SaaS
model means that SMEs can get the latest software and required infrastructure at a
low, monthly cost, rather than having to go through the headaches of upfront
investments, installation and upgrades themselves.
-
24
4 METHODS
In this study, I propose an integrated framework with qualitative and quantitative
aspects. The elements of this methodology can be summarized as follows:
SaaS Evolution of Technology: SaaS technology has been around for a while.
We will investigate where it came from in the last decade and how it will be
evolving in the future.
SaaS Market Analysis and SWOT Analysis: SWOT analysis of SaaS
solutions are documented to give the knowledge about Strengths,
Weaknesses, Opportunities, Threats of SaaS vendors and solutions for
evaluators about the situation of the technology. Evaluators should check this
guidance to see different angles and perspectives.
Checklist for qualifying SaaS provider: There are several checklists when
checking the solution is adequate or not. There are several components to a
successful SaaS purchase, including Functionality, Implementation Process,
and Cost. There are multiple factors to consider when making the deal.
Scoring table for evaluation SaaS provider: The organization which selects
the SaaS solution from different vendors can score each SaaS vendors rating
for 1-9 for several characteristics to quantify criterion. The higher the score
the better for that SaaS vendor.
On Premise ICT costing model: In this section, all the direct and hidden costs
of having ICT on premise are revealed.
TCO Total Cost of Ownership: Total Cost of Ownership calculation
examples help us to compare total cost of on premise ICT vs. SaaS solution.
ROI Return on Investment: In this section, we focus on the net present
value of current SaaS investments return.
-
25
Based on these methods, I have developed a simple SaaS Evaluation Framework for
SMEs as listed below:
Is SaaS the right technology for my company?
o SaaS Evolution today and future
o SaaS Market Analysis
o SaaS Maturity Model
o Advantages and Disadavantages of SaaS model
o SWOT Analysis of SaaS
How should I filter the SaaS providers?
o SaaS Provider Qualification checklist
How should I select the right SaaS providers?
o Multi Critearia Based SaaS Provider Scoring tool
How much do I spend for On Premise ICT Services? How much will I pay for
online SaaS solutions? How much will I save if go for SaaS over On Premise?
o Direct and Indirect Costs per ICT Service calculation model
o Simple TCO calculation models
o Complex TCO calculation models
Will my costs outweigh my benefits if I invest in SaaS solutions?
o Complex ROI calculation models
If we illustrate the workflow of this model using a flowchart, it can be designed as in
the following Figure 4.1:
-
26
Is SaaS the
right technology
for my company?
START
END
Will my costs
outweigh my benefits
if I invest
in SaaS solutions?
How should
I filter the
SaaS providers?
How should
I select the right SaaS
providers?
How much do I spend
for On Premise ICT Services?
How much will I pay for online SaaS
solutions?
How much will I save
if go for SaaS over
On Premise?
Qualitative Methods:
SaaS Evolution today and future
SaaS Market Analysis
SaaS Maturity Model
Advantages and Disadavantages of SaaS model
SWOT Analysis of SaaS
Qualitative Methods:
SaaS Provider Qualification checklist
Quantitative Methods:
Multi Critearia Based SaaS Provider Scoring
tool
Quantitative Methods:
Direct and Indirect Costs per ICT Service
calculation model
Simple TCO calculation models
Complex TCO calculation models
Quantitative Methods:
Complex ROI calculation models
Figure 4.1 Integrated Framework for Filtering and Selecting SaaS Providers
-
27
5 SaaS MARKET AND VENDOR ANALYSIS
The rapid adoption of all forms of Cloud IT, from IaaS to PaaS to SaaS, is changing
the way that organizations evaluate and manage the concerns related to the selection
of SaaS solutions for business operations and management. But most of all, it is
changing how firms of all sizes, and in all markets, see and manage IT. Software-as-
a-Service (sometimes referred to as Cloud-based business solutions) is a means of
acquiring and using software via the Internet. With SaaS, users do not need to buy,
install, and maintain applications. All maintenance and upgrades are performed by
the SaaS provider. As a result, the key benefits of SaaS center on reduced upfront
cost and simplified software management. These benefits are helping to drive very
rapid and widespread SaaS adoption in all aspects of business, from desktop
applications to departmental solutions (such as sales force automation) to core
business systems such as finance and human resources. SaaS may be acquired, used,
and paid for in a variety of ways. The provider may charge per-use or through a
periodic subscription fee. Most providers offer volume license discounts that reduce
the cost per-user significantly. As a result, the software cost is typically an operating
expense rather than a capital expense (this is of particular interest to firms who need
to conserve their capital) (Saugatuck Technology Inc Report, 2010).
5.1 Changing Sources of Firm Software
Today many business firms continue to operate legacy systems that continue to meet
a business need and that would be extremely costly to replace. But they will purchase
or rent most of their new software applications from external sources. The following
Figure 5.1 illustrates the rapid growth in external sources of software for U.S. firms.
There are three external sources for software: software packages from a commercial
software vendor, outsourcing custom application development to an external vendor,
-
28
and cloud-based software services and tools. In 2010, U.S. firms will spend over
$291 billion on software. About 40 percent of that ($116 billion) will originate
outside the firm, either from enterprise software vendors selling firm wide
applications or individual application service providers leasing or selling software
modules. Another 10 percent ($29 billion) will be provided by SaaS vendors as an
online cloud-based service (Laudon & Laudon, 2011).
Figure 5.1 Sources of Software Expenditures
Source: Laudon, K.,& Laudon, J. (2011). MIS Managing the Digital Firm 12th Edition, New
Jersey: Prentice Hall, p. 192
5.2 Evolution of SaaS - Yesterday, Today, and Tomorrow
There is a dispute among analysts whether SaaS would displace standard on premise
software and hardware in the future or not. The classical software license model has
still a lot of strengths and will still find enough people that prefer this solution. But
the market share of SaaS applications will grow so that these two software
-
29
distribution models will complement each other. SaaS offer so many fundamental
advantages to the customer that it will not just become another IT hype that will not
last for a longer time. The strength of the one model is the weakness of the other
model and the other way round.
But SaaS is still just in the beginning of its evolution. The following Figure 5.2 whos
how SaasS evolved since 2003, and how it is expected to evolve by 2014. The huge
disadvantage of the SaaS model is the limited customizing. If the SaaS providers
make the provided software solutions more customizable to fit it to the special needs
of the customers -which will be quite possible - it will be much more interesting to
many companies. Many companies still do not see the potential of SaaS, especially
SMEs, or they just do not know what SaaS is at all. They often do not see that SaaS
has limited customizability. But every company that deals with the idea of using
SaaS must make itself clear what kind of restrictions - besides all advantages - SaaS
has got. So if the costs do not matter every company would get just the best
individual software solution. But in real the cost do matter so this is why standard
software is primary there and the logical continuation for the future would be SaaS.
But already today SaaS is at least an option that has to be checked before achieving
new software for a company.
All in all it will be a question of time when SaaS offers so many different add-ons
and customizing possibilities that it converges to the old application service provider
model without repeating the mistakes so that it could be called as real software
through the line. If this is done SaaS will be a very profitable business part and a
huge part of the current revenues for software implementation and integration will go
to the SaaS providers. Prospectively the customer will get the best software solution
for his company and can although source out operative IT services. That minimizes
-
30
the companies risk. But the future will not be completely without individual or
customized standard software. There is still a need for these specialized software
applications for the companies to achieve competitive business process advantages.
And finally, for the customer it does not matter if the IT services were handled inside
the company or external, important is that the business processes will run perfectly.
So this is the huge goal that both standard software producer as well as SaaS provider
should have. The one who makes it the best will finally rule the market.
Figure 5.2 Possible Evolution Of SaaS from past to future
Source: Saugatuck Technology Report. (2010). Software-as-a-Service Managing Key
Concerns and Considerations, http://www.sagesaleslogix.com/Products-and-
Services/~/media/Category/CRM/SalesLogix/Assets/Collateral/SaaS_Concerns_and_Consid
erations_072610_Sage.pdf
5.3 Forrester Research SaaS Maturity Model
SaaS is the hottest trend in both CRM and SME market in general. While SaaS
appears to be a threat to software vendors with traditional perpetual-license models,
-
31
it is also an opportunity for competitive advantage. The question is how independent
software vendors and service providers can capitalize on this opportunity. Forrester's
SaaS maturity model provides an assessment of the solutions and underpins our
guidance on realistic strategy transformation for those software vendors and services
providers considering a SaaS business model. Targeting the highest maturity level is
not necessarily the best fit for every vendor. Forrester classifies the maturity of SaaS
solutions on six levels. We define each level according to its answer to the question
of who provides what to whom (see the following Figure 5.3).
Figure 5.3 SaaS Maturity Model according to Forrester
Source: Ried, S. (2008). Forrester Research SaaS Maturity Model,
http://www.forrester.com/rb/Research/forresters_saas_maturity_model/q/id/46817/t/2
The explanations of these 0-to-5 SaaS Maturity Levels are listed below:
-
32
Level 0: Outsourcing is not SaaS. In outsourcing, a service provider operates
a major application or a unique application landscape for a large enterprise
customer. As the outsourcing company can't leverage this application for a
second customer, outsourcing does not qualify as SaaS.
Level 1: Manual application service provider business models target midsize
companies. At level 1, a hosting provider runs packaged applications like
SAP's ERP 6.0, which require significant IT skills, for multiple midsize
enterprises. Usually, each client has a dedicated server running its instance of
the application and is able to customize the installation in the same way as
self-hosted applications.
Level 2: Industrial ASPs cut the operating costs of packaged applications to a
minimum. At level 2, an application service provider uses sophisticated IT
management software to provide identical software packages with customer-
specific configurations to many SME customers. However, the software
package is still the same software that was originally created for self-hosted
deployment.
Level 3: Single-app SaaS is an alternative to traditional packaged
applications. At level 3, software vendors create new generations of business
applications that have SaaS capabilities built in. Web-based user interface
(UI) concepts and the ability to serve a huge number of tenants with one,
scalable infrastructure are typical characteristics. Customization is restricted
to configuration. Single-app SaaS adoption thus focuses on SMEs.
Salesforce.com's CRM application initially entered the market at this level.
Level 4: Business-domain SaaS provides all the applications for an entire
business domain. At level 4, an advanced SaaS vendor provides not only a
-
33
well-defined business application but also a platform for additional business
logic. This complements the original single application of the previous level
with third-party packaged SaaS solutions and even custom extensions. The
model even satisfies the requirements of large enterprises, which can migrate
a complete business domain like "customer care" toward SaaS.
Level 5: Dynamic Business Apps-as-a-service is the visionary target.
Forrester's Dynamic Business Application imperative embraces a new
paradigm of application development: "design for people, build for change."
At level 5, advanced SaaS vendors coming from level 4 will provide a
comprehensive application and integration platform on demand, which they
will prepopulate with business applications or business services. They can
compose tenant-specific and even user-specific business applications on
various levels. The resulting process agility will attract everyone, including
large enterprise customers.
5.4 Key Technology Considerations for SaaS Providers
The following figure shows Global SMEs Executive SaaS Survey results from
Saugatuck Technology Inc. This survey results in Figure 5.4 illustrates top
technology considerations when selecting SaaS providers.
-
34
Figure 5.4 Technology Considerations Regarding SaaS Provider Selection
Source: Saugatuck Technology Report. (2010). Software-as-a-Service Managing Key
Concerns and Considerations, http://www.sagesaleslogix.com/Products-and-
Services/~/media/Category/CRM/SalesLogix/Assets/Collateral/SaaS_Concerns_and_Consid
erations_072610_Sage.pdf
5.5 In House or SaaS
The following Table 5.1 compares criterion based advantages of in house solutions
and SaaS. Since these qualitative comparisons can be different for each organization,
therefore every SME should create a similar chart for its IT expectations and outlook
for the technology.
-
35
Table 5.1 Comparison Between In-House And SaaS Solutions
Source: Orminski, F. (2008). Does Software as a Service (SaaS) displace standard
software?, http://www.iwi.uni-
hannover.de/upload/lv/sosem08/seminar/www/orminski/HTML%20Homepage/index.html
5.6 Advantages of SaaS Service Model for Turkish SMEs
SaaS is an on-demand solution that provides businesses an affordable way to use a
software application without having to purchase it. This is done by leasing the
program from a provider and either accessing or subscribing to it through the
internet. As an IT business solution, SaaS has become an increasingly popular choice
since companies only rent the software, rather than committing to the purchase price
of the application and user licensing. Regardless of the type of business, it will
realize several benefits if it chooses any SaaS solution. Advantages include the
following:
-
36
Affordable: With SaaS, business won't have a large up-front capital expense as it
would if it chooses to purchase the software. A reasonable monthly fee is all
business will pay to have the latest version of the favorite software. Business
won't need to spend money purchasing and installing software. Business won't
have to worry about the cost of upgrading it, either. The SaaS provider will take
care of it so business doesnt have to.
Flexible: Because SaaS is offered as an on-demand service, business can adjust
its contract to fit its staffing needs.
Stable: The SaaS applications are installed on more powerful, secure, and
redundant hardware infrastructure than business could afford to own.
Quick deployment: Because most SaaS solutions are web-based, deployment is
instantaneous, giving business immediate access to the business solutions it
needs.
Accessible: Regardless of where it does business, it will always have access to its
SaaS applications as long as it has access to the internet.
Compatible: Most SaaS applications are compatible with most systems and
smart phones.
Vendors Responsibility: SaaS providers are responsible for managing and
maintaining both the software and hardware components of the application. The
network issues such as data redundancy, data backup and recovery are also
planned and managed by the vendors. They upgrade the software on regular
intervals.
Ownership: Since SaaS vendors charge a set price per user per month, the firms
dont have to pay extra money for modules they dont even use. It literally
removes the maintenance, end user support, and administration costs of the
-
37
software. The implementation and customization costs of SaaS are also lower
than the traditional software. All this results in a very low TCO.
Scalability: Hosted software, another term for SaaS offers business more
scalability in using the software. By utilizing SaaS business is free to use as much
or as little part of any software as it needs. This gives business easy and
economical access to many programs.
Regular Upgrading: SaaS Vendors regularly upgrade their software, so that the
users dont have to put any effort into installing and upgrading the applications.
Easy Access: A major advantage of SaaS is it can easily and quickly be accessed
from anywhere with a web browser. This gives users a great facility even when
they are at home or in another country. They can access real time synchronized
applications from Laptops and Smart Phones.
SLA adherence: reported bugs can be fixed minus any rollout overhead. Sure
the provider actually has to fix the issue, but assuming theyve deployed a
moderately efficient SaaS application the rollout of a patch or fix should happen
in the blink of an eye.
Ease Internal IT Pains: SaaS offloads a great deal of IT pains incurred by
software consumers in the traditional client and server model. This leaves IT
personnel to focus on improving the day-to-day technical operations of the
company instead of being called upon to troubleshoot 3rd party software or
maintain aging infrastructure.
Redistribute IT Budget: by outsourcing software functionality to a provider, the
enterprise realizes a cost savings in infrastructure requirements and IT personnel
knowledge requirements. This allows the enterprise to focus on core
-
38
competencies. It also means that the cost savings from using SaaS applications
can be flat out saved, or reallocated to boost productivity through other services.
According to Forrester Researchs survey conducted in Middle East Africa (MEA)
region including Turkey, the top 3 important motivations for moving to cloud
computing in Turkey are Reduce Hardware Infrastructure Costs, Scalability on
Demand to Meet Business Needs, and Simplified Server/Resource Provisioning,
respectively (Hamad and Erickson, 2011). The following Figure 5.5 lists all the
drivers with their overall percentage.
Figure 5.5 Primary Drivers for Considering Cloud Computing
Source: Forrester Research MEA and Turkey Cloud Computing Survey. (2011).
5.6.1 Hardware, Software, and IT Staff Cost Savings
Traditionally, deploying large-scale business-critical software systems, such as ERP
and CRM application suites, has been a major undertaking. Deploying these systems
across a large enterprise can cost hundreds of thousands of dollars in upfront
licensing cost, and usually requires an army of IT personnel and consultants to
customize and integrate it with the organization's other systems and data. The time,
staff, and budget requirements of a deployment of this magnitude represent a
-
39
significant risk for an organization of any size, and often puts such software out of
the reach of smaller organizations that would otherwise be able to derive from it a
great deal of utility. The on-demand delivery model changes some of this. SaaS
applications don't require the deployment of a large infrastructure at the client's
location, which eliminates or drastically reduces the upfront commitment of
resources. With no significant initial investment to amortize, an enterprise that
deploys a SaaS application that turns out to produce disappointing results can walk
away and pursue a different direction, without having to abandon an expensive on-
premise infrastructure. Additionally, if custom integration is not required, SaaS
applications can be planned and executed with minimal effort and roll-out activities,
creating one of the shortest time-to-value intervals possible for a major IT
investment. This has also made it possible for a number of SaaS vendors to offer
risk-free "test drives" of their software for a limited period, such as 30 days. Giving
prospective customers a chance to try the software before they buy it helps eliminate
much of the risk surrounding software purchase.
The following survey results in Figure 5.6 clearly illustrate these savings.
Figure 5.6 Cloud Related Investments Can To Help Reduce ICT Spending
Source: Forrester Research MEA and Turkey Cloud Computing Survey. (2011).
-
40
5.6.2 Easy To Adopt
SaaS applications are available from any computer or any device, anytime, and
anywhere. Because most people are familiar with using the Internet to find what they
need using MSN, Hotmail, or use FaceBook applications, SaaS apps tend to have
high adoption rates, with a lower learning curve.
5.6.3 Less Problematic Software Updates and Patches
Because the SaaS provider manages all updates and upgrades, there are no patches
for customers to download or install.
5.6.4 Scalability on Peak Times
The management burden of anticipating and building out excess capacity IT
infrastructure decreases. The result is less management, maintenance, and
deployment time, with the additional benefit of greater scalability to more easily
handle peaks in demand. The key observation is that Cloud Computings ability to
add or remove resources at a fine grain and with a lead time of minutes rather than
weeks allows matching resources to workload much more closely. Real world
estimates of server utilization in datacenters range from 5% to 20%. This may sound
shockingly low, but it is consistent with the observation that for many services the
peak workload exceeds the average by factors of 2 to 10. Few users deliberately
provision for less than the expected peak, and therefore they must provision for the
peak and allow the resources to remain idle at nonpeak times. The more pronounced
the variation, the more the waste (Armbrust et al., 2009).
Assume our service has a predictable daily demand where the peak requires 500
servers at noon but the trough requires only 100 servers at midnight, as shown in
Figure 5.7. As long as the average utilization over a whole day is 300 servers, the
-
41
actual utilization over the whole day (shaded area under the curve) is 300 x 24 =
7200 server-hours; but since we must provision to the peak of 500 servers, we pay
for 500 x 24 = 12000 server-hours, a factor of 1.7 more than what is needed.
Therefore, as long as the pay-as-you-go cost per server-hour over 3 years4 is less
than 1.7 times the cost of buying the server, we can save money using utility
computing (Armbrust et al., 2009).
Figure 5.7 Provisioning For Peak Load
Source: Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee,
G., Patterson, D.A., Rabkin, A., Stoica, I. & Zaharia, M. (2009). Above the Clouds: A
Berkeley View of Cloud Computing,
http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html, p.13
In addition to simple diurnal patterns, most nontrivial services also experience
seasonal or other periodic demand variation (e.g., e-commerce peaks in December
and photo sharing sites peak after holidays) as well as some unexpected demand
bursts due to external events (e.g., news events). Since it can take weeks to acquire
and rack new equipment, the only way to handle such spikes is to provision for them
in advance. Even if service operators predict the spike sizes correctly, capacity is
wasted, and if they overestimate the spike they provision for, its even worse. They
may also underestimate the spike as shown in the Figure 5.8, however, accidentally
turning away excess users (Armbrust et al., 2009).
-
42
Figure 5.8 Underprovisioning 1
Source: Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee,
G., Patterson, D.A., Rabkin, A., Stoica, I. & Zaharia, M. (2009). Above the Clouds: A
Berkeley View of Cloud Computing,
http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html, p.13
While the monetary effects of overprovisioning are easily measured, those of under
provisioning are harder to measure yet potentially equally serious: not only do
rejected users generate zero revenue; they may never come back due to poor service.
The following Figure 5.9 aims to capture this behavior: users will desert an under
provisioned service until the peak user load equals the datacenters usable capacity,
at which point users again receive acceptable service, but with fewer potential users
(Armbrust et al., 2009).
Figure 5.9 Underprovisioning 2
Source: Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I. & Zaharia, M. (2009). Above the Clouds: A
Berkeley View of Cloud Computing,
http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html, p.13
-
43
5.6.5 Pay per Use Financial Model
SaaS vendors are compensated by users for the use of the hosted software. Payments
can be either on a pay-per-use basis or as a monthly payment. Some SaaS
applications are available completely free of charge while others are open source (the
customer decided where to host the application). But the one thing all SaaS
applications have in common is that they are all delivered as web applications to the
browser.
5.6.6 Improved Release Management and Testing of New Releases
In the earliest stages of assessing the feasibility of a Cloud Computing solution it is
key for the business and Cloud delivery provider to understand the requirement
for a Cloud solution within that business context. The business must carefully
document what they require from such a solution clearly and unambiguously. As
with the development of any solution, business requirements are the key driver
to the success of the solution. As business look more and more often to third
parties to deliver these solutions, the foundations for the delivery must be solid.
Business requirements are these foundations. Static Testing on business
requirements will ensure that these are concise and complete. Undergoing the
process of reviews and workshops to understand what is being asked for in
business requirements will save time and money later in the development lifecycle
by removing potential software defects before they are built. Cloud Computing
solutions claim to be scalable on demand. How does the business verify that the
solution delivered is capable of coping with the workload which it is required to
undertake? Load or Stress testing can be used to prove that the developed solution
can scale as required. By using test techniques and tools which are capable of
applying huge amounts of load on the solution the Cloud can be accurately
-
44
measured and its capacity verified. Using a distributed Cloud Computing solution
should mean that the delivery will perform to a high standard. Performance
testing techniques allow the systems performance to be measured and verified
accurately. Using performance testing and load testing techniques in tandem allows
an accurate image of the solutions ability over the cloud to be created. This in turn
provides the comfort that the system is constructed so as to be capable of acting as
delivery mechanism for the business requirement. Security testing can provide
assurance that business critical data is stored and transported safely. Techniques such
as Penetration Testing can prove that the mechanisms, which have been developed to
maintain security, will remain intact during potential attempts to compromise the
Cloud solution (AppLabs Report, 2009).
5.6.7 Rapid Resource Provisioning
A cloud model gives business the ability to respond to business demands more
effectively and helps ensure employees have on-demand access to critical business
information, customers, partners, and each other, using nearly any device, from
virtually anywhere. The result is they can give priority to the most critical business
tasks first.
5.6.8 SLAs
Businesses must exercise caution when using software outsourcing or SaaS
providers. If things can go wrong, they likely will. Service level agreements (SLA)
help protect both customers and the service providers. Here are the main points of
SLAs (Laudon & Laudon, 2011).
Defines responsibilities of the service provider and level of service expected
by the customer
-
45
Specifies the nature and level of services provided
Criteria for performance measurement
Support options
Provisions for security and disaster recovery
Hardware and software ownership and upgrades
Customer support, billing and conditions for termination
SME executives are attracted to all types of Cloud Computing solutions primarily for
strategic reasons such as flexibility and speed to market, in addition to potential cost
savings. To achieve these strategic and operational goals, SMEs need to change the
way they manage IT, including the organizational structure and skills of the IT
support staff. There is a need to manage SLAs, data access, subscriptions, and license
management through a robust vendor management process. Additionally, whether
business is going to replace one, some, or all of its business applications with a SaaS
solution, it will need a realistic plan and timeframe to securely implement, migrate,
and then turn off legacy applications. Further, a well-defined process may be
required to optimize key consulting resources to work with the business in
prototyping workflows and building requested customizations (Saugatuck
Technology Inc Report, 2010).
5.6.9 Security
The following Figure 5.10 shows that Turkey SMEs are way above the world
average in terms of Malicious and Potentially Unwanted Software according to
Microsoft Security Intelligence Report in 2010. The higher the security risk exposed
the more motivation for moving to SaaS service model. This is due to reason that
-
46
high security risk is an indicator for SMEs not managing their ICT well in terms of
Security.
Figure 5.10 Malicious and Potentially Unwanted Software
Source: Microsoft Security Intelligence Report. (2010).
5.6.10 Few Technical Skills Required for New Technology
With SaaS, the job of deploying an application and keeping it running from day to
day such as testing and installing patches, managing upgrades, monitoring
performance, ensuring high availability, and so forth, is handled by the SaaS
provider. By transferring the responsibility for these "overhead" activities to a third
party, the IT department can focus more on high-value activities that align with and
support the business goals of the enterprise. Instead of being primarily reactive and
operations-focused, the chief information officer and IT staff can more effectively
function as technology strategists to the rest of the company, working with business
-
47
units to und