What is SaaS? SaaS Review

1. About SaaS

SaaS platform suppliers deploy application software uniformly on their own servers. Customers can order the required application software services from manufacturers through the Internet based on actual work needs , pay manufacturers according to the amount of ordered services and duration, and obtain services provided by SaaS platform suppliers through the Internet.

SaaS applications are available in three models: free , paid, and value-added . The paid model is usually an "all-inclusive" fee that includes the usual application software license fee, software maintenance fee, and technical support fee, which are unified into a monthly rental fee for each user.

SaaS is not only suitable for small and medium-sized businesses , but businesses of all sizes can benefit from SaaS.

II. Introduction

SaaS, or Software-as-a-Service, is a completely innovative software application model that has emerged in the 21st century with the development of Internet technology and the maturity of application software. In the traditional model, manufacturers deploy software products to multiple customer terminals within the enterprise through licenses to achieve delivery. SaaS defines a new delivery method and also makes software return to its service essence. The essence of enterprise deployment of information software is to provide its own operation and management services. The appearance of software is a kind of informatization of business processes, and its essence is still the first service model. SaaS has changed the way traditional software services are provided, reducing the large amount of initial investment required for local deployment, and further highlighting the service attributes of information software. It may become the mainstream delivery model of the future information software market.

3. Features

1. Internet characteristics

On the one hand, SaaS services provide services to users through Internet browsers or WebServices/Web2.0 program connections, giving SaaS applications typical Internet technology characteristics; on the other hand, because SaaS greatly shortens the time and space distance between users and SaaS providers, the marketing and delivery of SaaS services are very different from traditional software.

For example, the online ERP and online CRM modules provided by NetSuite, a well-known product in the SaaS software industry, are all based on the Internet. The advantage is that you don't need to invest in any hardware costs or hire professional system maintenance personnel to access the Internet. You can use the ERP and CRM systems with a browser. The rapid implementation, convenient use, and low price all rely on the Internet characteristics of SaaS products.

2. Multi-tenancy feature

SaaS services are usually based on a set of standard software systems to provide services to hundreds or thousands of different customers (also known as tenants). This requires SaaS services to support the isolation of data and configurations between different tenants, thereby ensuring the security and privacy of each tenant's data, as well as the user's personalized needs for interfaces, business logic, data structures, etc. Since SaaS supports multiple tenants at the same time, and each tenant has many users, this poses a great challenge to the performance, stability, and scalability of the infrastructure platform that supports the software. As an Internet-based software delivery model, optimizing the performance and operating costs of software after large-scale application is the core task of architects.

3. Service characteristics

SaaS enables customers to use software in the form of services carried out over the Internet, so many issues such as the signing of service contracts, the measurement of service usage, the guarantee of online service quality, and the collection of service fees must be considered. These issues are usually not considered by traditional software.

4. Scalable features

Scalability means maximizing the concurrency of the system and using system resources more efficiently. For example, applications: optimize the persistence of resource locks, use stateless processes, use resource pools to share key resources such as threads and database connections, cache reference data, and partition large databases.

4. Application bottleneck

1. Technical aspects

SaaS software customization technology is not yet mature:

With the improvement of enterprise informatization, the general SaaS platform can no longer meet the personalized needs of enterprises.

For multi-tenant architecture, this issue is very important. Traditional software often uses customization to meet personalized customer needs, and of course, SaaS software can also use it. However, there are big differences in customization technology between SaaS software and traditional software: the customization of traditional software only needs to be carried out for a specific user, while the customization of SaaS requires the software to meet the needs of multiple tenants, which requires multiple customizations. The customization service of traditional software is completed during the software development stage, while SaaS needs to update and customize according to changes in needs during the use of the software, and the customization should not affect the use of other users. In addition, the SaaS customization process must be simple and easy so that users can complete it by themselves. These differences make SaaS applications more complex in technical design, and traditional personalized customization cannot be applied in the SaaS field. Therefore, the improvement of SaaS personalized customization technology is one of the bottlenecks restricting its development.

2. Market

The current chaotic state of the SaaS market restricts its development:

Since large customers have greater market profit opportunities, SaaS service providers focus on large customers, while small and medium-sized customers are ignored. Companies such as UFIDA and Kingdee, which have transformed from the traditional software industry to develop SaaS platforms, have a large number of high-quality customer resources, but are constrained by their revenue model and cannot accelerate the promotion of SaaS platforms. For small SaaS service providers, difficulty in financing and market expansion has always been their problem. In addition, the driving force of the SaaS market has always been foreign experience rather than the real needs of domestic companies. Many SaaS companies have not achieved real communication with users, resulting in products that cannot meet the real needs of users. In order to compete in the market, SaaS service providers' advertisements are everywhere, making the immature SaaS market even more mixed.

3. System

The relevant laws and regulations are not perfect:

In recent years, although the Chinese government has vigorously promoted cloud computing and SaaS platforms, they are still in a stage of rapid development and lack legal protection. On the one hand, for users, user data under the SaaS platform is stored in the cloud, and users do not know its processing process and storage location. The lack of legal protection of data makes users have low trust in service providers; on the other hand, the imperfect system allows criminals to take advantage of it. SaaS service providers bear the risk and responsibility of user data loss, which greatly restricts the enthusiasm of SaaS service providers to innovate and expand the market.

4. Security

Data security and network security are difficult to ensure:

Although there are many different data encryption methods, the SaaS platform requires dynamic security for user data, which not only ensures that data is not lost, but also ensures that users can flexibly adjust security requirements when security requirements change due to business increases or decreases. At the same time, because the platform is shared by multiple tenants, data information interaction is complex, and the requirements for data permissions are extremely high. For network security, the stability of the Internet poses a huge challenge to the application of SaaS. The uncertainty of the connection between the enterprise intranet and the Internet is too high. No matter what factors cause fluctuations in network stability, it will affect the use of the software and even cause the loss of user data.

V. Development Suggestions

1. Increase R&D efforts to solve personalized customization issues

In terms of personalized customization technology, it is currently divided into four aspects: data customization, function customization, interface customization and business logic customization, and business logic customization is the biggest difficulty. At present, many methods of personalized customization at home and abroad have failed to completely solve the problem of SaaS online customization, so software providers should continue to research and develop to find the most suitable personalized customization method.

2. Multiple parties help to jointly regulate the competition order in the SaaS market

First, each SaaS service provider should clearly define its target customers, go deep into the market, and customize its promotional points according to user needs; second, the government needs to strengthen supervision while actively promoting SaaS innovation, standardize market competition order, and protect the interests of small and medium-sized enterprises.

3. The government should play its role and improve relevant laws and regulations

The government should guide legislation to create a secure network environment for SaaS services, such as formulating rules and regulations on information security, data protection, etc. related to cloud computing to ensure the legality and standardization of SaaS services.

4. Strengthen data and network security precautions

Service providers should take corresponding measures at the physical layer, network layer, and system layer to improve the security of data and networks; users can protect the security of their own financial data by choosing large and reliable SaaS platforms and understanding the service provider's data backup mechanism and how to restore data.

6. Advantages

1. From a technical perspective: SaaS is easy to deploy and does not require the purchase of any hardware . All you need to do is simply register. Enterprises no longer need to hire IT professionals, but can still get the latest technology applications to meet their information management needs.

2. From the investment perspective: enterprises only need to invest in the form of relatively low "monthly fees" without having to invest all at once, and do not occupy too much operating capital, thus alleviating the pressure of insufficient funds for enterprises; there is no need to consider cost depreciation issues, and they can obtain the latest hardware platforms and the best solutions in a timely manner.

3. From the maintenance and management perspective: Since enterprises adopt a leasing approach to manage logistics business, they do not need dedicated maintenance and management personnel, nor do they need to pay extra fees for maintenance and management personnel. This can greatly alleviate the human and financial pressures of enterprises, allowing them to focus on the effective operation of core businesses; SaaS can make users a completely independent system in the world. If you are connected to the Internet, you can access the system.

7. Security

To determine whether a specific SaaS is safe, you need to grasp the following points:

1. Transmission protocol encryption

First, you need to look at the protocol used by the SaaS product, whether it is https:// or the general http://. Don’t underestimate the “s”, which indicates that all data is transmitted.

The process is encrypted. If it is not encrypted, there may be a lot of "sniffer" software on the Internet that can easily obtain your data, even your username and password; in fact, many online chat software accounts are stolen mostly because of "sniffers".

Secondly, the transmission protocol encryption also depends on whether it is fully encrypted, that is, all parts of the software are accessed through the https:// protocol. Some software only has the login part, which is far from enough. For example, Salesforce and XToolsCRM both adopt full encryption.

2. Server Security Certificate

The server security certificate is an important mark for users to identify the server. Some irregular service providers do not use globally certified server security certificates. The user's confirmation of the server security certificate indicates that the server is indeed the server the user is accessing. At this time, you can safely enter your username and password to completely avoid "phishing" websites. Most bank card password leaks are caused by "phishing" sites.

3. URL data access security code technology

For ordinary users, complex URLs look like a string of meaningless characters. However, for some IT experts, these strings may hide some secrets about data access. By modifying the URL, many hackers can break into the system through methods such as SQL injection and obtain user data.

4. Data management and backup mechanism

The data backup of SaaS service providers should be complete, and users must understand what kind of data backup mechanism their service providers provide for them, and how to restore data in case of major problems. How service providers can ensure that user data is not leaked by service providers in internal management also requires communication between users and service providers.

5. Security of operation service system

When evaluating the security of SaaS products, the most important thing is to look at the company's server layout settings. Only such a layout can be trusted, including: separation of operating servers and website servers.

The dedicated nature of a server is the most important guarantee for server security. Imagine if a server has a SaaS system installed, but also has a website system, mail system, and forum system installed at the same time, can it still be safe? From a hacker's perspective, more systems mean more vulnerabilities, and most websites use website systems, mail systems, and forum systems that are free products whose source code can be found online. With the source code, hackers can easily break in. Many websites are hacked because of vulnerabilities in the forum system.

Therefore, for an excellent software SaaS operator, the operation server and website server should be completely isolated, and even the domain names should be separated.

References

• 1. SaaS: Baidu Encyclopedia