Cutting Through the Fog with Cloud-based SaaS Solutions

Dec 01, 2011 10:30 PM  By

Cloud computing is enabling all kinds of businesses to buy Internet-based access to hosted software, infrastructure and platform services on an on-demand, elastic basis. For multichannel merchants, software as a service (SaaS), in particular, is fast becoming a driving force in systems management.

SaaS can provide levels of functionality, flexibility, cost control and management rigor unmatched by traditional inhouse solutions. The potential downsides: None of these benefits are guaranteed — and without a sound strategy, SaaS can become an operational straightjacket.

This article focuses on laying out (in layman’s/non-IT language) the strategic benefits and risks of cloud-based solutions for multichannel merchants, and outlining the SaaS vendor options currently out there.

Traditional hosting vs. cloud environments

In traditional IT infrastructures, all hardware and software are located and managed within the user’s physical plant, or within its wide-area network.

In a traditional hosting relationship — a first step toward a cloud environment — the user outsources one or more solutions to a third-party host at a remote location, accessing the services through a virtual private network (VPN) or dedicated telecommunications link. The host brings value by running the applications on state-of-the-art hardware (user realizes speed/responsiveness benefits without the capital investment) and by providing basic systems management (e.g., frequent backups or database administration) for users who are unwilling to do the tasks internally or are unable to do so cost-effectively.

The user pays an initial fee to its software vendor and retains the software user license or outright ownership. The services available through the host and their access terms are specified and locked in for the length of the host/user contract.

When the host company is also the software vendor, the user may have the option of paying the host for software use on a periodic (usually monthly) basis through a closed- or open-ended contract (no initial license/acquisition fee). While this edges closer to a “true” cloud-services infrastructure, service types/access terms are still inelastic during the contract periods.

In a true cloud environment, the services are sold on demand. Users needn’t make a long-term commitment to any one, specific solution/solution set; they can designate one or more remote locations to manage what could be a swap-in/swap-out solution set on an as-needed basis.

You might pay for each solution based on usage alone. Or it might be a usage-plus structure: a basic fee plus either a percentage of revenue generated, or a flat fee plus a percentage. Rather than delve deeply into the financial aspects here, I’ll stress two key points: Everything is negotiable; and all usage must be accountable and auditable.

It’s also critical to negotiate the best possible service-level agreement (SLA). SLAs set the number of hours of downtime per period (week, month, year) during which the system can be unavailable due to announced or unannounced outages, as well as the minimum data throughput for upload/download speeds supported by the service. If the host fails to perform within the contractual parameters, you are entitled to invoice adjustments.

But remember: Even a 99.9% uptime requirement gives your provider a window of nine hours per year for an unannounced outage. That’s a whole day, and it could well happen during your peak season.

Solutions “swapping” vs. enhancements

The useful life of any software, platform, language or database is now about three to five years, making software/systems flexibility a greater advantage than ever.

The cloud’s flexibility range includes not only software (SaaS), but infrastructure- and platform-as-a-service elements. Infrastructure-as-a-service refers to the ability to use/pay for only as much virtual server/storage capacity as needed, on demand. Platform-as-a-service refers to a set of software and product development tools hosted on the provider’s infrastructure.

However, few multichannel merchants (or other users, for that matter) would be likely to employ the cloud’s swap-in/swap-out capabilities frequently. The time-intensive planning and implementation involved in changing an ecommerce or other core platform don’t go away because the system is managed remotely by a third party (although an experienced cloud services provider should be able to handle such migrations more efficiently and cost-effectively than the user company).

Generally, multichannel merchants’ most aggressive leveraging of SaaS is focused on add-on tools and technologies. Why? These have the biggest pay-off potential. They can yield very significant competitive advantages, even though they’re literally “peripheral” to primary solutions.

For example, let’s say your current solutions don’t enable having the same gift-registry functionality in your call center and retail stores as in your ecommerce site. If you’ve adopted an SaaS strategy within a cloud platform, systems deployment is on a services model — meaning that application programming interfaces (APIs) provide access to key parts of the system to exchange data with external solutions that enhance/extend the basic system’s functionality. Therefore, implementing a cross-platform gift-registry application (presumably as a third-party tool) through the SaaS provider may well be faster and cheaper (no added overhead) than developing or managing development of a solution inhouse.

Actually, services-based solutions can be (and frequently are) managed inhouse. However, if you anticipate swapping technologies and lack sufficient inhouse expertise in managing new components, it makes sense to rely on a service provider that has that expertise.

Third-party integration benefits/limitations

An SaaS approach makes even more sense if your company relies on third parties for some basic services, such as call-center management for order entry and customer service, and/or a 3PL for warehousing and fulfillment. Indeed, companies increasingly are relying on the supply chain, inventory vendors and even product manufacturers to do some/all order fulfillment on a drop-ship basis (particularly helpful when suppliers are back-ordered on needed products).

So, going back to the gift-registry example, if you want that tool to be available to all of your points of order entry, an SaaS option not only makes sense it may be the only way to make this happen.

In an ideal scenario, all of your third parties would be cloud-oriented. This makes interfacing your order management system to back-end fulfillment providers — and getting all of your order entry/customer service providers on the same page — that much easier.

This will be standard operating procedure within a few years. In the meantime, current cloud/services-based capabilities can still enable easier data exchange with service providers, as well as more flexible, cost-efficient systems enhancement or solutions replacement — up to a point.

Modification limitations

There’s a trade-off for the streamlined systems enhancement/solutions swapping possible within an SaaS platform: Modifications/customization capabilities are limited.

Unless you’re using a third-party host for a system you own or license elsewhere (which is atypical), you will be among multitudes of multichannel merchants using the same core system. A host can’t support numerous, highly customized versions. The user fees would be astronomical, and managing the architecture would be a nightmare, if not downright impossible.

Since the biggest failure points in any system are in the customized portions, changing your business rules to accommodate the system, rather than the other way around, may work to your benefit over the long term. However, most companies are loathe to do this to the extent required. Of course, any cloud solution will evolve, and if you are aggressive enough, you can help to shape that evolution. But you can’t bank on it.

The primary takeaway: Shop carefully for your cloud partner. Look for a system or suite with a strong focus on user-configurable options that can better accommodate your business rules or requirements. Or perhaps opt for a solution in which you can manage the provider’s system inhouse.

Legacy-applications integration challenges

Such integration can be more cumbersome in a cloud/services-based environment than when all systems are managed inhouse. Just as APIs can enable mix-and-match solutions that are web-services-enabled, they can limit integration options with non-web-enabled external systems.

A variety of major system providers offer integration tools to address many of these issues. Further, much of the “integration” required comes down to a simple exchange of flat-file data (for reporting or financial tracking, in particular), which shouldn’t be problematic with a cloud solution.

However, if you have an inhouse system, such as a legacy CRM package, that needs to interact with your cloud applications to complete transactions, you’ll need to think this through carefully. It’s not a show-stopper, but it’s definitely a management challenge.

Addressing potential data issues

Assuming that you’ve determined that a cloud/services-based environment makes strategic sense for your company, potential user downsides generally fall into two categories:

  • Data security/privacy issues

    These represent the biggest area for potential exposure/negative consequences.

    Obviously, service-provider candidates must be able to demonstrate basic PCI compliance for safeguarding credit card data. However, it pays to probe further, to determine the level of sophistication of the provider’s safeguards/systems for protecting not just creditcard numbers, but all customer contact information, purchase histories and profiles. If an unethical individual or company manages to hack into the host servers and gain access to your company’s databases, you are at substantial risk for major financial losses through operational interruptions/ shutdowns, lost customers and, possibly, customer lawsuits.

    Further, as in any server-based environment, your host company’s hardware is potentially at greatest risk from internal threats (e.g., rogue or terminated employees). Data-security methods that make this extremely difficult are readily available. Be sure to ascertain that your data-managing service has implemented these effectively, and do periodic checks of this on an ongoing basis.

  • Data ownership/access issues

    While such scenarios occur fairly infrequently, it’s always possible that your service provider could go out of business — or that the provider could be acquired, resulting in game changes that make you want to go elsewhere. You must ensure that you will have seamless access to your data.

    Having daily data backups on a server to which you have independent access (perhaps through another cloud provider) should be a given. However, we all know that such backups can turn out to be of limited value, or even useless, because of poor execution, corrupted or missing data and administration slip-ups.

    Therefore, the contract with your service provider needs to be specific about your data ownership, and how you will gain possession of/access to your data. With due-diligence planning, this should be a smooth business transaction that causes no disruption.

    Finally, make sure you have a strategy in place for coping with the rare, worst-case scenario of a service provider shutting its doors abruptly, without warning.

Ernie Schell (ernie@schell.com) is executive director of Marketing Systems Analysis, which specializes in all aspects of third-party systems acquisition consulting for multichannel merchants.