Three “must have” requirements for enterprise SaaS and PaaS

Image source: Adobe Stock / Tierney.

To get to market faster, IT teams evaluating SaaS/PaaS in 2021 must focus on security, interoperability, and customization without adding new tech risks.

We have come a long way since 2002, when Amazon Web Services launched its first public cloud. Back then, most mainstream IT organizations would not even think about trusting customer data to any third party outside their on-premises data centers. Fast forward almost 20 years — now cloud computing is ubiquitous, with a few exceptions. for certain mission-critical applications.

As the pandemic created urgent new requirements — like the need to support millions of employees working from home and ramp up digital commerce — enterprises rushed to adopt new cloud services, especially software as a service and platform as a service (SaaS and PaaS). Overall, spending on public cloud services is forecast to reach $304.9 billion in 2021, up from $257.5 billion in 2020.

But this increasing reliance on SaaS and PaaS presents its own challenges. Criteria for choosing a quality SaaS/PaaS solution are more rigorous in a climate that demands continuous agility and adaptability. Meanwhile, IT has much less time for systems selection. “In today’s environment, accelerating time to value is priority number one,” says Klaasjan Tukker, director of product management for Adobe.

To get to market faster, IT teams evaluating SaaS/PaaS in 2021 must zero in on top concerns like security, interoperability, and customization — all without adding new technology risk.

Key consideration #1: Will your data be secure?

IT has a perennial concern over data security and privacy, regardless of where that data is created and resides. Already, more than 107 countries — including 66 developing and transitional economies — have enacted data privacy regulations. Most recently, in the US, Virginia looks poised to pass its Consumer Data Protection Act. This patchwork of rules typically covers the collection of consumer data as well as where and under what conditions it can be stored.

“It’s important to have a conversation with your SaaS and PaaS providers about privacy regulations that affect your customer data. Adobe, for example, builds compliance into our service contracts,” explains Tukker. “We cannot move customers’ data from one place to another. It would be violating the terms of our license.”

He adds that another key consideration is ensuring that your data is easily portable if and when you leave your SaaS or PaaS provider. “Vendor lock-in is a major concern. You want to be able to easily move your data without a lot of pain.”

Questions to consider when you are evaluating the data security of a SaaS or PaaS solution include:

• What types of encryption will be used?
• Who will have access to your data?
• Could your customer data be moved to another country or jurisdiction without your knowledge? What safeguards are in place to prevent this?
• If you decide to move away from a particular SaaS or PaaS solution, how quickly will you be able to get your data and in which formats? What will this process look like?
• What are the disaster recovery/business continuity protocols?

Key consideration #2: Can your new solution fit into a multi-vendor environment?

Most enterprises prefer multi-cloud, multi-platform, multi-vendor environments to avoid vendor, application, and even organizational lock-in. It is no surprise, then, that more than three-quarters (76 percent) of enterprises use multiple cloud providers.

If you are operating a diverse computing environment, any new solution you bring on should easily fit in with everything else. Ideally it should offer an open API that is easy to use and scale. A growing number of “as-a-service” (aaS) providers are building their services around powerful and open APIs. This is known as API-first development.

“Adobe Experience Platform is an API-first platform,” notes Tukker. “API-first development prioritizes connectivity. It allows Adobe Experience Platform to make customer profile data securely available to thousands of third-party solutions,” notes Tukker.

Questions to consider when you are evaluating how well a SaaS or PaaS solution will fit into your existing environment include:

• What type of data interchange format does it use — XML or JSON — and why?
• Is the API well documented and easy to understand?
• How does it handle API calls? What is the maximum number of calls allowed per minute, hour, etc.? What happens if you exceed that number?
• What platforms and applications have been successfully integrated with it?
• Are pre-built connectors available for it?

Key consideration #3: How does your solution support custom development?

While many SaaS solutions are marketed as having rich out-of-the-box functionality, most enterprises will require some level of customization. Even if 80 percent of SaaS features work well as is, the other 20 percent will need to be adjusted. Or you might choose PaaS if you need to build a unique solution.

Either way, this is a lot of work for IT. It requires working with business units to identify requirements, writing specifications, building wireframes, etc., as well as writing and testing code. Any solution you choose, then, should come with developer-friendly features such as a well-documented API, SDKs, and a developer-friendly sandbox.

It is also helpful if your cloud solution either comes with its own low-code development tool or works with an existing one. Low-code development that allows business users to mock up functionality or even build their own simple customizations can help take the load off IT. By 2024, low-code application development will be responsible for more than 65 percent of application development activity.

“Adobe Experience Platform works seamlessly with low-code development tools like Microsoft’s PowerApps. Ideally, any SaaS or PaaS you select should offer this kind of integration,” says Tukker.

Questions to consider when you are evaluating how well a SaaS or PaaS solution supports customization include:

• Is it designed for rapid development? Is it built around an open API? Does it come with SDKs, rich documentation, and a “sandbox” for testing?
• Does it work with popular low-code development tools like Microsoft PowerApps, Mendix, etc.? What kinds of apps/reports/features are your customers building with them?
• Does it come with its own low-code development option? If so, how does it work? What kinds of apps/reports/features are your customers building with it?
• How much can the UI be customized? Is a “headless” version of your solution available?

What’s next?

When you look for a new SaaS/PaaS to meet emerging needs and fit into your current environment, data security and privacy, interoperability, and ease of customization are all critical considerations. To streamline your selection process, you may also want to create companywide standards for new cloud computing capabilities.

Download a PDF version of our platform selection cheat sheet.