4. Subscribed
Self subscribe
Hosted to the software
or parts of
Hosted (ASP)
Affordability
software.
Software Software Customizable
In-house Owned and rented, but by tenants to an
H/W, S/W Managed, not designed extent
owned and Infrastructure to scale
managed. rented
Time
5. Multi Tenancy
Subscription based service
Scalability
Manageability
Self Service Sign-up
Tenant specific customization
6. Attribute Traditional SaaS
Application Delivery Installed Hosted
Updates / Release Cycle Larger / Longer Smaller / Shorter
Pricing One Time + Maintenance Subscription
Accounting CAP-EX OP-EX
Implementation Engage Partners / Simple, end user
consultants configurable
Operating Platform Multiple Single
Value proposition Once at the time of selling Continuous
7. Pay per use
Any where Access
Subscription to service not software
Least or no investment on infrastructure
8. Stronger protection for IPR
Operational control of the environment
Recurring revenue stream
Shared Infrastructure – PaaS / IaaS
9. Microsoft – 4 level
Scalability, Multi- Tenancy and Configuration
Forrester – 6 Level
SEI – for assessing the organization and not the
application
Euro Cloud Star Audit
None of them are popular
10. Level 0 – Outsourcing
Level 1 – Manual ASP
Level 2 – Industrial ASP
Level 3 – Single-app SaaS
Level 4 – Business Domain SaaS
Level 5 – Dynamic Business Apps
11.
12. Solution Design to address
Internationalization
Cloud Infrastructure
Support business & operating model
Multi-tenancy
Extensibility
Security and Audit
Wider scope - cover industry needs
13. Must Support
Larger impact
SLA driven
Disclaimers
Increased Focus on
Reliability
Availability
Extensibility
Scalability
Quality, etc
14. Migration from existing software
Application Integration
Data Integration
Data Mining
Authentication, Single Sign-on
Network infrastructure
15. Areas of support to include
Hosting infrastructure
Data center operations
Systems and network monitoring
Billing
Customer education
Longer customer retention for better RoI
16. Agile approach
Rapid releases and upgrades
Primary focus on
Rapid action on feedbacks
Usage statistics
Predict industry trends
Platform and tools used
Automated testing
Service aggregation
17. Driving Contracts online
Termination and Migration
Security, Privacy and related risks
Country specific regulations
SLAs
18. Data Security
IdM & SSO Data
Seggregation
Back up & Deployment
Recovery Model
SaaS Security
Availability Deployment
Environment
Regulatory Network
Compliance Security
19. Data Security
Data Location
Data Encryption
Data Integration APIs
Access Logs
Return / destruction of data upon exit
20. Data
Seggregation
Understand the Data & Application Architecture
Separate Physical / Virtual Server(s)
Separate Instance on shared hardware
Separate Database
Shared Database
Authentication and Authorization
21. Deployment
Model
Security aware developers
Application Design
Application / Data Partitioning
Information Sensitivity
Design for Performance & Scalability
Configuration Management
Security Testing
Threat Remediation
Build & Release Cycles
23. Network
Security
Transmission Integrity
Secure Data in transit (SSL)
Intrusion Detection & Prevention
Other standard security measures
Man-in-the-middle
IP Spoofing
Port Scanning
Packet Sniffing
24. Regulatory
Compliance
Global Legal compliance
SAS 70
SOX
HIPAA
…
Contractual obligations
Need for Logs and Audit Trails
Data Retention needs
26. Back up &
Recovery
Infrastructure
Protection of back up location
Encryption
Access control to Backup location
Recovery
Documented process
Drills
27. IdM & SSO
Who manages it?
Checks & Controls
Id provisioning
Secure storage
Password Policies
Federated IdM
Trust relationships with tenants
Secure federation of user identities