Question: New SaaS applications seems to be popping up everywhere in my organization. How can IT address the pressure from the business units to support these ad hoc applications and integrate them into the overall enterprise IT portfolio?
Forrester forecasts the SaaS global market will grow from $25.5 billion in 2011 to $159.3 billion in 2020. With those numbers, there is no question that SaaS applications in the enterprise are here to stay. The plethora of new SaaS (Software as a Service) offerings can be extremely tempting to business managers who are told they can have a functioning system in just a few days, not the three months that IT is promising. Of course the reality is quite different, but the biggest challenge is that since business unit decision makers, not technology leaders, are bringing these applications into the enterprise, they do not have a clear understanding of where they fit in the enterprise big picture. It is not uncommon to find an enterprise that already has a well established and functioning corporate CRM system, has two, three or more rogue SaaS CRM applications lurking out in different marketing or sales departments throughout the organization.
Handled correctly within the IT framework, SaaS applications can significantly increase agility and competitiveness. However, like any powerful tool, handled incorrectly they can be a ticking time bomb. While there is nothing inherently wrong with having SaaS applications out at the edges of the organization, having multiple stealth application outside of the control of IT is at the very least inefficient and at the worse represent a serious threat to the security of the organization as a whole. The main issues boil down to the usual suspects: business, technical, operational and security (which includes data integrity). The following are some of the common problems encountered with “ad hoc” SaaS implementations:
- Technical Issues
- One off” data models that are inconsistent with enterprise standards
- Poor or missing integration with existing enterprise applications
- Business Issues
- Contract issues related to SaaS applications that didn’t deliver the promised functionality
- Poor performance and SLA issues related to up-time, data loss, or service requests
- Vendor lock in, application, data and/or contract
- Operational Issues
- Lack of appropriate DR/BC functionality
- Unclear ownership of support or lack of internal, third party and vendor support services
- Security Issues
- Privacy, Security problems, access management, information security, and compliance
- Unclear or missing Identity Access Management (IAM) – No SSO strategy or federated ID management system in place
The headaches caused by these rogue applications can be endless, but the trick is to first learn what the scope of the problem is. Once it is clear how many SaaS applications are out there, the next step is to spend some time to understand what is driving the business units to install them in the first place. In some ways that is half the battle, because once that has been determined, then the final step is to develop a SaaS governance process to allow business units to leverage the value of the SaaS approach, but also maintain the integration and oversight that staying under the IT organizational umbrella brings.
About the Author
Beth Cohen, Cloud Technology Partners, Inc. Moving companies’ IT services into the cloud the right way, the first time!