Image by
cyanocorax
via Flickr
This is my second post in the SaaS Risk
Reduction Series. In my previous post titled “What is your
Cloud Strategy”, I talked about the need for diversification and it met with
some serious opposition from my fellow Cloud Avenuans, Zoli and Ben. In this
post, I am going to dig up the concept again and offer better insights than the
last time.
First, as I told in my introductory post in this series, my approach is more
like a system admin in a company while theirs is from a pure business
convenience perspective. Both are valid from the proponents point of view. In
fact, this is nothing new and it was a classic problem from the previous desktop
era. We are always confronted with the security vs convenience problem. Well, it
is true in many real world issues too. The tug of war between security and
convenience has been going on from time immemorial. As a system admin in my
previous avatar, I have always faced the wrath of business managers but I have
always insisted on my security over convenience mantra. I take the same approach
in my current avatar too.
Second, SaaS applications are supposed to work out of box without any need
for user side configuration. I don’t see any inconvenience in using Google for
Email and Calendar (where they excel their competitors by a wide margin) and
Zoho for productivity apps (where they really rock. BTW, let me make it clear
here that it is my personal opinion and Zoho being this blog’s sponsor has no
role in it). With SaaS, there is absolutely no reason to stick with one
provider. For example, I can store all my files in Syncplicity and either send
them to Google Docs or open directly with Zoho Docs. This is the beauty of SaaS
and with further adaption of Open Standards (about which I will talk further in
my future posts), interoperability, data portability, etc., the idea of using a
single provider or keeping all the eggs in one basket becomes old fashioned.
Even now, mashups makes it easy for you to diversify your cloud use. Gmail
labs now allows you to add any gadget (their name for widgets) to Gmail sidebar.
For example, I can add Remember The Milk or any other gadget to my Gmail sidebar
and work as if it is delivered from a single provider. Mashups are still in
early stages and Gartner predicts a bright future for them. With the passage of
time, mashups will emerge as a much more useful tool, changing the way how we
use apps.
Finally, I want to point out where Ben and Zoli’s arguments fits better than
my argument. It depends on whether your business is in the free part or mium
part of the freemium model. If it is in the free part, as it is the case with
many individual consultants and smaller side of the small business, my
suggestions about not keeping all the eggs in the same basket becomes all the
more important because you don’t get any technical support and you are at the
mercy of SaaS vendors. If you are in the mium part, which is the case with some
of the consultants and the other end of the small business spectrum, Ben and
Zoli’s arguments about convenience of a single provider plays a big role. You
just want to keep a single provider and deal with them for all your problems.
This works well if they offer telephone support for their premium customers (as
it is the case with Google Apps Premium Plans and few other vendors). If the
SaaS vendor offers only email based support, I will still suggest that it is not
advisable to keep all eggs in one basket.
Again, we need to keep in mind that we are considering security vs
convenience and every business has different priorities. I have offered my view
from a point of view of someone who plans for the worst case scenario over
someone who worries about speed. I am sure Ben and Zoli might offer their
insights over the importance of speed in business and how SaaS strategy can be
devised to fit such an approach. As a small business owner, you should consider
both these approaches and devise a strategy that fits the needs of your
business. If you have any suggestions, feel free to add in the comments.
Previous articles in the series:
Nice post.
1: “Security” over “convenience” – it’s NEVER IT’s call, it’s the businesses.
If an organisation opens up everything for 10 seconds to win a $10 million piece of business then IT will have to cost the risk at $10million+$1 otherwise go away (a gross simplification, I know, but you get my point).
2: So you’re talking about “vendor lock-in” which doesn’t seemed to have bothered the majority of the business world so far. Are you suggesting that they got it wrong, the PC is so far entrenched that we should give up on it and fight the good fight afresh with “SaaS/cloud computing”?
I agree that there is an opportunity for a much more “open” and “sharing” world but I doubt if that opportunity is high on any business priority list (especially right now). IF, being “open” and/or “SaaS driven” has a direct effect on a known business outcome then it will factored in otherwise it’s merely philosophy to make the world a happier place and not what companies are in the business to do.
As for having all your “eggs in on basket”. What’s the worry? Like I said I it’s not bothered people so far … is it the inherent “flakiness” of web services, the apparent ase with which $10 companies can appear like a multi-nantional organisation, the threat of vendor lock-in.
None of this takes away from your posting which remains great stuff.
(PS: “E-mail ID” in the comment form – WTF, why not just say “email”, what is the “ID” bit for??)
Hi Mikw,
Thanks for the comment.
1. Regd. your first point, you have definitely made an oversimplification. The security vs convenient part is just not an issue of opening up the firewall and getting $10 million where the business decision may triumph the IT guys. There are issues like whether we should allow the staff to login without VPN, whether we can allow the staff to login from any browser and from any location, whether to allow company wide FTP just because it is useful for a particular task, etc. etc. etc. In some cases, relaxing the security might fetch some extra bucks for the company due to the increasing speed of business process but it could have drastic consequences due to big time hack attack. There are several instances like this where IT can stand up to Business Managers and change decisions. Thatz why they have IT Dept. in the first place.
2. Regarding your point 2, you cannot compare the vendor lock-in in the desktop world with the SaaS world. In the desktop world, you will have your data with you in your computers even if you can’t open it with any other software. If you are patient enough to reverse engineer stuff, you may be able to use your data. In the SaaS world, vendor lock-in implies losing your data altogether. The implications are much more drastic and the comparison to desktop world is not right. This should be an important factor in any vendor’s SaaS strategy. If not, they are going to lose out.
PS: Regd. your PS, I don’t have any idea and it is Zoho who are doing it. Plus, it is a pre-alpha version of blogging software and things will change a lot before it is released to public. I can’t do anything about it except telling Zoho folks about your problems.
It should be *Mike*. Sorry for the spelling error.
the recent trend does seem to be putting all eggs in the same basket. all the mega players like microsoft with its “online productivity suite”, oracle with webex, cisco with beehive, IBM with bluehouse – seem to be aiming towards offering integrated messaging, collaboration and conferencing solutions. Smaller players like HyperOffice also have great all in one solutions for small businesses.
but there is still relatively low risk as you would like to see it, because data is contained in standard formats like MS Office files, HTML etc.