How to Get Strategic About SaaS: 5 Key Considerations
The siloed, business-led SaaS deployments of the 2000s are yielding to greater due diligence, planning, and integration with existing sourcing and IT processes, says Forrester Research. Here are 5 considerations for sourcing professionals trying to get the most from SaaS.
Tue, November 23, 2010
CIO — Over the first half of 2010, Forrester's IT clients asked more than 350 questions about Software-as-a-Service (SaaS). Buyers are no longer just asking "What is SaaS?" "Who offers SaaS?" and "Is SaaS secure?" Rather, we're hearing more sophisticated questions about how to incorporate SaaS into the overall application footprint, best practices for implementing SaaS, how to build governance and due diligence around purchases, and where to invest in organization skill sets as firms make greater use of the service.
A deeper look into these inquiries shows that firms are approaching SaaS more strategically and in a more centralized way compared to prior years. In fact, 37 percent of questions centered on actively embracing SaaS. This means the siloed, business-led SaaS deployments of the 2000s are yielding to greater due diligence, planning, and integration with existing sourcing and IT processes.
To better understand current concerns around SaaS implementation, here's an idea of the types of questions we've received and suggestions for sourcing professionals to achieve a successful SaaS strategies:
1. What new categories exist for SaaS applications?
SaaS has come a long way since its early roots more than a decade ago, where it primarily gained traction in vanilla deployments of contact management, SFA, and HR. Today vendors are offering SaaS across almost every major software category—and buyers are considering SaaS for a wide range of applications, from email to ERP to IT management. Given the changing landscape, sourcing execs should educate themselves and their organizations on the evolving options across categories. It will also be important to keep in touch with suppliers (like EMC (EMC), IBM (IBM), Oracle (ORCL), and SAP)—as many of these software giants are aggressively investing in SaaS through organic growth as well as acquisition.
2. How should governance be structured for SaaS?
SaaS has always offered fast deployment and the ability to roll out incrementally, which has often meant SaaS buyers fly under the radar screen of corporate governance. But SaaS is more than just an alternative deployment model; it has unique characteristics that require new ways of thinking about vendor selection, contracting, risk tolerance and organizational skill set requirements. Beyond these skill set shifts, leading sourcing execs are working to educate the business on SaaS and cloud, as well as developing SaaS position papers that business execs can reference, and contract templates and guidelines for SaaS and cloud deployment.
3. How does SaaS affect identity management, security standards, and business continuity?
Buyers are becoming increasingly comfortable with the concept of SaaS, but there are still concerns around key areas such as physical and logical security, as well as disaster recovery. SaaS buyers should work with their security experts to outline what levels of security they require for various categories of SaaS. Security minimums may be higher for customer or employee data; retention and audit requirements may be higher for categories like e-mail. Sourcing and security experts should work to understand emerging SaaS standards (like SAS 80 Type II or ISO 27001) as well as emerging technologies that can help track or improve security.