How Do I Choose Between SaaS Vendors?

SaaS is the abbreviated name of Software-as-a-Service, which means software as a service, that is, providing software services through the network. ^[1]

SaaS platform providers deploy application software on their servers uniformly. Customers can order the required application software services from manufacturers based on the actual needs of the work, and pay the manufacturers according to the amount and duration of the ordered services, and pay the manufacturers through the Internet Get services from Saas platform vendors. ^[2]

SaaS application software has three models: free, paid and value-added. The payment is usually a "all-inclusive" fee, which includes the usual application software license fee, software maintenance fee, and technical support fee, which are unified into a monthly rental fee for each user. ^[3]

SaaS is not only suitable for small and medium-sized enterprises. Enterprises of all sizes can benefit from SaaS. ^[3]

Chinese name: Software as a service
Foreign name: Software as service

Foreign short name: SaaS
Application mode: Internet-based software services

saas profile

SaaS or Software-as-a-Service (Software as a Service) is a completely innovative software application model that has emerged in the 21st century with the development of Internet technology and the maturity of application software. In the traditional model, vendors use software to deploy software products to multiple customer terminals within the enterprise for delivery. SaaS defines a new delivery method, which also makes software return to the nature of services. The essence of enterprises deploying information-based software is for their own operation and management services. The appearance of the software is an informatization of business processes. The essence is still the first service model. SaaS has changed the way of providing traditional software services, reducing the need for local deployment. A large amount of up-front investment, to further highlight the service attributes of information software, or to become the mainstream delivery model of the future information software market. ^[4]

saas features

saas internet features

On the one hand, SaaS services provide services to users through an Internet browser or WebServices / Web2.0 program connection, which makes SaaS applications have typical Internet technical characteristics; on the other hand, SaaS greatly shortens the user and SaaS provider The time and space between them makes the marketing and delivery of SaaS services very different from traditional software. ^[5]

For example, the online ERP, online CRM and other module products provided by the well-known product in the SaaS software industry NetSuite are based on the network. This has the advantage of not having to invest any hardware costs, and without having to ask a professional system maintenance person to be able to access the Internet. A browser You can use the ERP and CRM systems. Quick implementation, convenient use, and low price all depend on the Internet features of SaaS products. ^[5]

(Multi-tenancy) saas Multi-tenancy Features

SaaS services are typically based on a standard software system that provides services to hundreds of different customers (also known as tenants). This requires that the SaaS service can support the isolation of data and configuration between different tenants, thereby ensuring the security and privacy of each tenant's data, as well as the user's personalized needs for interfaces, business logic, and data structures. Since SaaS supports multiple tenants at the same time, each tenant has many users, which poses a great challenge to the performance, stability and scalability of the infrastructure platform supporting the software. SaaS is an Internet-based software delivery model. Optimizing the performance and operating costs of software after large-scale application is the core task of the architect. ^[5]

(Service) saas service

SaaS enables software to be used by customers in the form of Internet-based services, so many issues such as the signing of service contracts, measurement of service use, guarantee of online service quality, and collection of service fees must be considered. These issues are usually not considered by traditional software. ^[5]

(Scalable) saas Scalable

Scalability means maximizing system concurrency and using system resources more efficiently. For example, applications: optimize the durability of resource locks, use stateless processes, use resource pools to share key resources such as lines and database connections, cache reference data, and partition large databases. ^[5]

saas application bottleneck

saas technical aspects

SaaS software personalized customization technology is not yet mature: ^[6]

With the increase of the degree of enterprise informatization, the universal SaaS platform has been unable to meet the personalized needs of enterprises, and SaaS products are

The issue of multi-tenant architecture is very important. Traditional software often adopts customized methods to meet personalized customer needs, of course, it can also be used for SaaS software. However, SaaS software and traditional software have large differences in customization technology: customization of traditional software only needs to be performed for a specific user, while customization of SaaS requires software to meet the respective needs of multi-tenants, and multiple customizations are required. Traditional software customization services are completed during the software development phase, and SaaS needs to update customizations in response to changes in requirements during the use of the software, and it cannot affect the use of other users during customization. In addition, the SaaS customization process must be simple and easy for users to complete on their own. These differences make the technical design of SaaS applications more complicated, and traditional personalized customization cannot be applied in the SaaS field. Therefore, the improvement of SaaS personalized customization technology is one of the bottlenecks restricting its development. ^[6]

saas market

The current chaotic state of the SaaS market restricts its development: ^[6]

Due to greater market profit opportunities for large customers, SaaS service providers focus on large customers, and small and medium customers are ignored. Companies similar to UFIDA, Kingdee, and other companies that have transitioned from the traditional software industry to develop SaaS platforms occupy high quality and large customer resources, but are subject to their revenue models and cannot accelerate the promotion of SaaS platforms. For small SaaS service providers, difficulties in financing and market expansion are always their difficulties. In addition, the driving force of the SaaS market has always been foreign experience rather than the real needs of domestic enterprises. Many SaaS companies have not achieved true communication with users, resulting in products that cannot meet the actual needs of users. In order to compete with the market, the advertising of SaaS service providers is everywhere, making the immature SaaS market more mixed. ^[6]

saas system

Relevant laws and regulations are incomplete: ^[6]

In recent years, although the Chinese government has vigorously promoted cloud computing and SaaS platforms, it is still at a stage of rapid development and is still a cloud that lacks legal protection. On the one hand, for users, user data under the SaaS platform is stored in the cloud, users do not know its processing process and storage location, and the lack of legal protection of data makes users have low trust in service providers; on the other hand, The imperfect system makes it possible for criminals to take advantage of it. SaaS service providers bear the risk and responsibility of user data loss, which greatly restricts the initiative of SaaS service providers to innovate and develop markets. ^[6]

saas security aspects

Data security and network security are more difficult to guarantee: ^[6]

Although a variety of data encryption methods are available, SaaS platforms require user data security to be dynamic and not only ensure that data is not lost, but also ensure that users can respond to changes in security requirements caused by business additions and decreases. Flexible adjustment. At the same time, because the platform is shared by multiple tenants, data information interaction is complex, and the requirements for data permissions are extremely high. For network security, the stability of the Internet poses a huge challenge to the application of SaaS. The uncertainty of the corporate intranet and Internet connections is too high, and fluctuations in network stability caused by any factor will affect the use of software and even cause loss of user data. ^[6]

saas development suggestions

1. Increase research and development efforts to solve the problem of personalized customization

In terms of personalized customization technology, currently it is mainly divided into four aspects: data customization, function customization, interface customization, and business logic customization, and business logic customization is the most difficult point. At present, many methods of personalization at home and abroad have not completely solved the problem of SaaS online customization. Therefore, software providers should continue research and development to find the most suitable personalization method. ^[7]

2. Multi-party assistance to jointly regulate the competition order in the SaaS market

First, each SaaS service provider should clearly identify its target customers, go deep into the market, and customize its own publicity points according to user needs. Second, the government must strengthen supervision while actively promoting SaaS innovation, regulate market competition order, and protect small and medium-sized businesses. The interests of the business. ^[7]

3. The government should play its role and improve relevant laws and regulations

The government should guide the legislative work to create a secure network environment for SaaS services, such as formulating rules and regulations on information security and data protection related to cloud computing to ensure the legality and standardization of SaaS services. ^[7]

4. Strengthen data and network security precautions

The service provider should take corresponding measures at the physical layer, network layer and system layer to improve data and network security. Users can choose a large and reliable SaaS platform to understand the service provider's data backup mechanism and how to restore data. Protect your own financial data. ^[7]

saas advantage

1. From a technical point of view: SaaS is simple to deploy and does not require the purchase of any hardware. It only requires simple registration at the beginning. Enterprises do not need to be equipped with professional IT technicians, and at the same time can get the latest technology applications to meet the needs of enterprises for information management. ^[4]

2. From the perspective of investment: the enterprise only invests in a relatively low-cost "monthly fee" method, and does not need to make a one-time investment and does not occupy too much working capital, thereby alleviating the pressure of insufficient capital; it does not need to consider the issue of cost depreciation, and Get the latest hardware platform and best solutions in time. ^[4]

3. From the perspective of maintenance and management: As the enterprise adopts the leasing method for logistics business management, there is no need for special maintenance and management personnel, and there is no need to pay extra costs for maintenance and management personnel. To a large extent, it relieves the pressure on enterprises in terms of human and financial resources to enable them to focus their funds on the effective operation of core business; SaaS enables users to be a completely independent system in the world. If you are connected to a network, you can access the system. ^[4]

saas security

How to identify whether a specific SaaS is safe or not requires the following: ^[7]

1.Transport protocol encryption

First of all, it depends on the protocol provided by the SaaS product, whether it is https: // or general http: //. Do not underestimate this s, which indicates that all data is being transmitted.

SaaS (Software as a Service) The process is encrypted. If it is not encrypted, there may be a lot of "sniffer" software on the Internet that can easily get your data, even your username and password; in fact, most of the stolen chat software accounts on the Internet are mostly "sniffer" "Tricks". ^[7]

Secondly, the encryption of the transmission protocol depends on whether it is fully encrypted, that is, all parts of the software are accessed by the https: // protocol, and some software only does the login part, which is far from enough. For example, Salesforce and XToolsCRM are all encrypted. ^[7]

Server security certificate

The server security certificate is an important indicator for the user to identify the server identity. Some irregular service providers do not use the globally certified server security certificate. The user's confirmation of the server security certificate indicates that the server is indeed the server accessed by the user. At this time, you can safely enter the user name and password to completely avoid "phishing" websites. Most bank card password leaks are caught by "phishing" stations of. ^[7]

3. URL data access security code technology

To the average user, a complex URL looks like a string of meaningless characters. But for some IT masters, there may be some secrets about data access hidden in these strings. By modifying the URL, many hackers can break into the system through SQL injection and other methods to obtain user data. ^[7]

4.Data management and backup mechanism

The data backup of the SaaS service provider should be perfect. Users must understand what kind of data backup mechanism their service provider provides for you, and if there are major problems, how to restore the data. How the service provider internally guarantees that user data is not leaked by the service provider also requires communication between the user and the service provider. ^[7]

5. Security of operation service system

When evaluating the security of SaaS products, the most important thing is to look at the company's setup of the server pattern. Only this pattern can be trusted, including: the operation server is separated from the website server. ^[7]

The dedicated server is the most important guarantee for server security. Just think, if a server has a SaaS system, but it also has a website system, email system, and forum system, can he still be safe? From a hacker's perspective, more systems means more vulnerabilities, and more The website system, email system and forum system used by most websites are free products where source code can be found on the Internet. With the source code, hackers can easily access it. Many websites were compromised because of a loophole in the forum system. ^[7]

Therefore, an excellent software SaaS operator, the operation server and the website server should be completely isolated, and even the domain name should be separated. ^[7]