SaaS Challenges

Top Challenges for Enterprise SaaS Adoption

Leading analysts estimate that SaaS functionality is developing so quickly that in a few years, enterprises will be able to satisfy more than 50% of their application need via SaaS offerings. While this is good news, it also presents challenges to IT departments trying to deal with control and governance issues:

While there are many challenges for enterprise SaaS adoption, almost all of them can be summarized by a single word: control. In more detail, challenges typically fall into the following categories:

  • Data security. Not all SaaS providers will treat your data as carefully as you will. Sometimes, your employees don’t even know which data is sensitive to the business and which is not. You could easily end up storing sensitive enterprise data in an insecure SaaS application without even knowing it.
  • Stovepipe buying behavior. SaaS applications are so easy to purchase and consume, often with just a credit card, that individual departments can start using SaaS applications before you even realize it. In addition to the other challenges listed here, this can result in stovepipe buying patterns, where many groups are paying full price for applications that could be purchased for much less if the buying volume was aggregated.
  • Toothless SLAs. With SaaS usage growing, SaaS applications are becoming more important to everyday business transactions. If SaaS applications go down, your business may stop. Do you know the SLA your SaaS provider has committed to? Do you have the monitoring infrastructure to know whether the SLA was met?
  • SaaS data silos. Your business will inevitably adopt a number of SaaS solutions to solve specific business problems. If you aren’t careful, you could end up with orphaned data stored in each application and provider, disconnected from the others and from your core internal business applications.
  • Security. In the SaaS model, you access the application over the Internet. Does the network infrastructure and application implement your requirements for data encryption both in-flight and at-rest?
  • Policy definition and enforcement. Without some notion of policy, on-demand computing technologies can become a free-for all. Who is allowed to access a given SaaS application?
  • Governance and audit capabilities. In moving to SaaS technologies, enterprises run the risk of losing control and subjecting themselves to unacceptable legal and regulatory risks. Does the SaaS provider implement the correct governance and audit capabilities?
  • End-to-end lifecycle management. One advantage of the SaaS model is that it is relatively quick and painless to get started with a new SaaS application. With a credit card, you might be up and running in a matter of minutes. The corresponding challenge is to realize when you are done using a particular application and to ensure that it is decommissioned properly so you can stop paying.

The problem for IT organizations is how to deal with these challenges while not completely eliminating the agility and cost benefits from the equation. For instance, it would be simple to enact a corporate policy that all cloud provisioning requests should be submitted in triplicate to the IT organization using typical processes in place today. Requests would get fulfilled and controls could be put in place, but all the agility benefits and many of the cost benefits would be lost.

Instead, enterprises need a set of tools that allow individual business units to decide when SaaS resources should be used. The tools should implement the control policies, governance, and audit requirements that the business needs. Once the control requirements are met, however, the tools should speed the implementation of new business applications so that enterprise business units fully realize the gains from agile IT infrastructures. The ServiceMesh Agility™ Platform implements these features and many more.