There is no doubt that it will take some time before software as a service (SaaS) makes a significant impact in its pervasive availability for enterprises. According to Stephen Ibaraki, there are no clear standards for best practices and he has questions about its reliability. This moves the roadmap for wider scale adoption into the “post-three-year time frame,” he says.
While an option for those SMBs who want to wash their hands of the administration efforts behind — and possibly some of the costs of — the traditional software payment model, it is not an ideal solution if you want to maintain control over all of your mission-critical operations or have seamless integration with every other internal operation. There are also questions about who pays when there is downtime by the host of the software. In a recent example, outages by one vendor led to much teeth-gnashing by customers, especially when they didn’t feel the company’s apology went far enough.
There are several questions you should have answered before you sign on the dotted line of a SaaS agreement. Make sure there are clear documented policies for responsibilities, levels of service and engagement, as well as regular scheduled communication between parties. This should ensure the relationship is professional and aligned with strategic corporate objectives. The key is a collaborative atmosphere where the SaaS provider becomes an extension of your corporate IT structure.
Such concerns mandate a checklist of items and questions that your IT manager should be looking at if your organization is considering SaaS:
- What are the mobility requirements and how are they handled?
- What facilities are there for cross-enterprise collaboration to benefit the business in its strategic objectives?
- Is there a defined and well-established methodology for process integration?
- What are the particulars and metrics for ensuring minimum standards for Quality of Service?
- What mechanisms are in place to provide confidentiality?
- How are regulatory compliance and privacy legislation enabled through the provided services?
- What are the speed measures and guarantees?
- What are the specific cost factors?
- What is the level of domain knowledge to support business agility?
- What sort of integration expertise is provided?
- What sort of customization is possible and what are the costs?
- What kind of assurances is there for 100 per cent uptime?
- What guarantees are provided by the 24x7x365 call centre?
- Is there an established network operations centre, client call centre and ticketing system for problem resolution?
- What are the stated disaster recovery guarantees and business continuity assurances?
- Are there clear guidelines on how the SaaS application is designed to run?
- Are there clear guidelines on how the SaaS application is designed to be accessed; where the users can be located; how many users can access the application concurrently?
- What are the guidelines on how the SaaS application is designed to meet scalability, security, and guaranteed reliability requirements?
- What are the performance and availability commitments from the SaaS provider?
- What are the network and bandwidth capacities?
- What are the security infrastructure/processes and security management guidelines?
- How close is the SaaS infrastructure to the users and will this impact performance?
- Are there multiple network connections to the SaaS application from Tier 1 providers ensuring no bottlenecks and fast minimum response times? What is the performance profile hourly, daily, weekly, monthly, yearly and by region?
- What is the testing frequency for the application?
- What physical security measures are in place?
- What happens in the event of a disaster; how quickly can the application be available after such an event?
- Do end users have a primary point of contact for escalating issues? What is the issue escalation process? What are the minimum/maximum response times for problem resolution?
- What are the policies for application access issues, feature requests, bug reports?
- How are these key service level agreement (SLA) elements specifically addressed? Areas include: application availability, infrastructure alert response time, call centre response time; proactive SLA monitoring and management; SLA-triggered events tracking and resolution; and specific financial credits to end-users for failure to deliver benchmark levels?
- How do application updates impact service and what level of collaboration is available for updates?
Stephen Ibaraki is an award-winning college educator, writer, speaker and IT professional with more than 30 years experience working with technology.
Contact the editor