(Updates below)
One of the exciting parts about watching SaaS companies gain critical mass, is seeing the business that start up around them offering a related, but not core, piece of functionality.
It’s always a relatively risky place for a vendor to be – they’re reliant on the “parent app”, and the more successful their add-on feature becomes, the more likely the parent vendor is to just introduce the functionality themselves and therefore cut of the accessory app’s air supply – that said it’s still fun to watch!
The other day Duane Jackson from KashFlow pinged me and explained that user permissions is a feature that KashFlow is quite light weight – at the moment one can have multiple users logged in but their access is “all or nothing”. He explained that it’s a huge amount of work to set up and outside of their current focus (and, one assumes, sufficiently enough of an edge case as to not be seen as core functionality). He did tell me however that a third party had created an application that leveraged the openness and breadth of the KashFlow API to provide user permissions as an add-on.
For £2 per user per month businesses can sign up to KashGuard and set granular permission for different users – allowing, for example, an accounts clerk to create invoices but not create customers. The granularity of permission options is detailed in the image below;
Simon Swords, manager of Atlas Computer Systems who created KashGuard is looking at this application as the beginning of a series of add-on applications for KashFlow, ones which can leverage KashFlow’s existing customer base, offer them useful features, and dribble in some revenue in the process.
As I mentioned earlier – being this tied to one particular application is a little risky but given the size of the market for SaaS accounting applications, it makes more sense for vendors like KashFlow to broaden their customer base rather than trying to cannibalize their ecosystem partners. Watch this space…
This post seems to have caused something of a storm, to say the least. An AccMan post referencing it has generated a flood of comments, some positive, some negative. It was followed by another post discussing SaaS issues in general, and a retort on the KashFlow blog
[..] I read a piece at CloudAve that stunned meto the point where I had to read it several times, rub my eyes, swig a cup of tea and then lie down. This is what CloudAve is saying: [..]
Xero needs to get on sorting out user permissions fast. At the moment, it’s a real pain with high level management not being able to give full access to staff and having to be real hands on with approving invoices…
[..] You can head over to Cloud Avenuewhere they have released an article about the new service. [..]
Just lost an hour of my life reading the Kashflow/KashGuard thread from Accman. As usual, people with too little to do and too much to say. My sympathies for the abuse you had to take. FWIW, I chose to join the Kashflow partner program and, yes, I put multi-user permission access at my top need, coming from a 30 year IT career in multi-user commercial systems. Since I own and control my customer’s access which I sub-let, I set the passwords (auto-generated complex strings) and can prevent them accessing VAT, journals and nominals. Kashguard really should have been called KashFront since that’s all it is and I could write an Access application to mimic it in short space of time… What Kashflow is good at is :-
)
1) It’s on the Web
2) It’s cheap
3) It has a fuller API than most
4) It has many third-party apps giving my customer flexibility
5) I get all the backup copies each week in Sage format
6) They listen and fix things quick – I’ve had many suggestions added
7) Let me know when Sage get’s anywhere near this anytime in the next 10 years.
Cheers (and no need to reply
Thanks Martin – while there’s no need for me to reply as you mentioned, I always like to reach out and thank people for their support. Stay in touch!
[..] While not overly exciting, SaaS escrow services are becoming ever more important. Recently Ipostedabout a new third party application providing granular user permissioning for a particular SaaS accounting application. My post caused something of a storm, the net result of which was users and influencers of SaaS accounting software balking at the fear of data loss and lack of security for the core application. [..]
Don’t confuse authentication and authorisation!
Compare this to online banking.
Many online retail banks allow multiple users (joint account holders) to log on to the same account – but offer no control beyond that. Business banking and corporate banking systems typically offers a more granular authorisation model.
I’m sure Duane has done his market research and his users, perhaps typically smaller enterprises, do not require this.
Although we have fine grain control in Fusion Accounts, we typically find that it is only larger businesses with multiple users doing Sales Order and Purchase Order processing who really take advantage of it.