The Cloud SPI Model Part 1: Software As A Service, What You Really Want From the Cloud
For the most part cloud products have sorted themselves into three classes: Software-As-A-Service (SaaS), Platform-As-A-Service (PaaS) and Infrastructure-As-A-Service (IaaS). These three offerings are now being referred to as the SPI Model of Cloud services. So what are the differences, what should you get and who offers what?
As we started deliberating the thinking around SPI, it became apparent that this would be a very long post, so it’s broken into three parts, one for each offering.
It’s important to realize that SaaS, PaaS and IaaS are not mutually exclusive – they build on each other. SaaS is only possible because under the hood there is platform and infrastructure that SaaS depends on. The platform and infrastructure may or may not be available for sale as PaaS and IaaS offerings, but they are there.
All Cloud offerings are ultimately SaaS, it’s just a question of how much you build yourself. With SaaS, you’re building nothing – the application is finished, you just configure it the way you want to use it. Some of these applications have been around longer than the term “Cloud”. Products like Salesforce.com have been sold under the Application Service Providers (ASP) moniker for a long time. As the larger concept of the Cloud came to the forefront, they jumped onto the bandwagon, but it didn’t really change the product.
Changing the moniker didn’t change the application, and the users couldn’t care less. Users don’t care about Cloud or any other technology – they care about getting their work done. How you deliver the tools to them that let them get that work done isn’t important to them. If that tool happens to be software, and that software is delivered via Cloud technology, and it is effective for the user, then the user will like Cloud. But that begs the question, what makes a given technology (like software) a Cloud offering?
The best definition we’ve found for determining whether a given technology is “Cloud worthy” comes from Dave Neilsen of Platform D. The acronym is OSSM (“awesome”): On-Demand, Self-Service, Scalable and Measured. On-Demand means the product is available whenever you want in whatever quantities you want. Self-Service means that you can order the product without needing any support from anyone else (especially the vendor selling the service). Scalable means you can order as much or as little as you want, it works the same regardless. And finally, Measured means that the product is measured in reasonable increments so that you know exactly what you’ve bought and how much it cost. You’ll pay only for what you use.
Using the OSSM standard, it’s easy to see that Salesforce.com qualifies as a Cloud SaaS offering – you are able to order it yourself without any assistance and get to work immediately. You can buy as many seats as you want, enter as many leads as you want, run as many reports as you want. And you only pay for what you use.
Other SaaS offerings including Google Docs and Microsoft Office 365. In fact, mail in the Cloud is arguably the definitive SaaS product. Why go to the expense and effort of operating your own mail servers when you get everything you want from a SaaS offering, typically at a fixed rate per mailbox?
There are a couple of challenges with SaaS. The first is security. For the most part, security for SaaS applications is sufficient, even if it’s nothing more than SSL. But if the security features of a SaaS application don’t comply with your organization’s requirements, there’s often no recourse. The security the application has is the security the application has, take it or leave it.
A more complex issue is regulatory compliance. This is a huge subject unto itself, depending on the industry you’re in, the countries you’re working in and the work you are doing. There are whole web sites dedicated to the topic of regulatory compliance like the Compliance Authority that also talk specifically about compliance and Cloud. Smart SaaS vendors are helping their customers get through regulatory compliance concerns with great documentation and even features – for example, Microsoft’s Office 365 allows mailboxes to be stored outside the cloud so that a customer can fulfill compliance requirements for mail from a particular country to be stored in that country. There’s also sophisticated mail retention policies and auditing.
Beyond these issues, there’s almost no downside to SaaS. And there is a huge upside – all the things you don’t have to do. You don’t own the hardware, the operating system or even the software you’re running. Someone else is responsible for all of that, you just utilize the product as you see fit. From an ROI perspective, SaaS is a no brainer.
Ultimately, SaaS is what we want from Cloud – the maximum potential with the minimum of ownership and responsibility. But what if the application you need doesn’t exist in the Cloud already? That’s where Platform-As-A-Service (PaaS) comes into play. It’s the next layer down the SPI Model stack, and is the subject of the next blog post.
Cloudminds 