Home
News
CXO Insights
CIO Speaks
Whitepapers
Partner Conferences
Subscribe
About us

Technologies Industries Product Ecosystem

Agile
Artificial Intelligence
Augmented Reality
Big Data
Blockchain
Business Intelligence
Business Process Management
CEM
Cloud
Collaboration
CRM
Cyber Security
Data Center
Digital Technology
Disaster Recovery
Document Management Systems
Enterprise Architecture
Enterprise Asset Management
Enterprise Security
ERP
Gamification
Geographical Information System
HR Technology
Internet of Things
IT Services
Mobility
Networking
Open Source
PLM
POS
Project Management
QA and Testing
Risk Management
SaaS Solutions
Security
Simulation
Smart City
Sports
Startup
Storage
Unified Communication
Virtualization

Workflow
Automotive
Aviation and Aerospace
Banking
Compliance
Construction
Contact Center
E-Commerce
Education
Energy
Engineering
Field Service
FinTech
Fleet Management
Gov and Public
Healthcare
Insurance
Legal
Logistics
Managed Services
Manufacturing
Media and Entertainment
Metals and Mining
Payments
Pharma and Life Science
Procurement
Retail
Sales and Marketing
Telecom
Travel and Hospitality
Utilities
Amazon
CISCO
Corporate Finance
Google
HP
IBM
Intel
IT Service Management
Microsoft
Oracle
Red Hat
Salesforce

SAP
VMware

Menu

Virtualization
Agile
Automotive
Business Intelligence
Cloud
Cyber Security
Data Center

Virtualization
Procurement
Oracle
Healthcare
Media and Entertainment
Manufacturing
Legal

Home
Virtualization

SaaS, Cloud Application, and Security

By John Ang, Director of IT & Education Technology, The Learning Lab, Singapore

content-image

John Ang, Director of IT & Education Technology, The Learning Lab, Singapore

Software As a service (SaaS) has been around for many years in the market. In recent years, it has been very prevalent in using this service with the notion of putting applications on cloud.

SaaS can be useful for general purpose applications (e.g. Dropbox, OneDrive). If a company can use a standard out of the box application with some minor configuration, SaaS will fit them well as it is relatively competitively priced as it is a shared application. All new features will be dependent on the vendor’s roadmap. All maintenance, patches will be well taken care by vendors.

For systems which are critical to its main company operation, it is unlikely SaaS will take place unless it can be customized to fit the business needs. Most vendors who allow customization will make the company pay more in their future yearly maintenance as those customized plug in or components are taken into account as the over application will still need to be patched and upgraded constantly. It is still considered SaaS with customized option.

It is important for a company to deliberate on dedicated and experienced resources, onsite or offsite to ensure the agreed turnaround time for any change request, bug fixes, and the necessary SLAs. A minimum of two resources is needed and it will depend on the criticality and the complexity of the system.

All applications should consider adhering to the OWASP application security risks, CERT secure coding standards, with proper code analysis and application security testing tool (e.g. Check Marx, Veracode). It may be difficult to adhere to secure coding standards for most software as it may have certain legacy components in them. However, it is important to understand their server architecture, including their middleware to sieve through the vulnerabilities that can be at hand.

There are companies who may want to consider to move its on-premise solution to cloud hosting, instead of the traditional rack hosting options. Cost, Tier X, SOC X are important consideration factors. Cloud hosting may not be a cost effective option as hosting in Singapore is still much higher than other places around the globe.

For SaaS vendors, most are likely to have a negotiated bulk discount deal which give them an edge to compete better.

Most Companies Should Consider Traditional Hosting And Cloud Hosting As A Blended Solution To Achieve Highest ROI For The Company

However, companies are still moving towards cloud facilities. It is similar to outsourcing infrastructure to specialized providers.

There are some key benefits in moving to cloud:

1. Less staff to maintain within a company

2. Reduce in the difficulty to recruit and retain technical staff

3. Reduce technical expertise which can be in a shortage to maintain and upgrade the system – applications, servers, and network

4. High Security investment by cloud provider

5. Quick ramp up of server, network specification when required during peak periods

Key areas to consider for Cloud hosting provider (e.g. AWS, Azure) will be their accreditation and certification that they have (e.g. SOC3, PCI compliant).

For cloud hosting services, we need to consider the ease of administration, which includes data transfer between accounts, key features to be turned on, etc.

IT staff should also be trained in cloud provider administration to administer the respective cloud hosting provider if it is infrastructure as a service.

On prem hosting will be less favourable especially with companies where getting talents in server, infra, operations, and security are tougher with many digital transformations being underway by private and government sectors.

Traditional hosting can also be considered with Tier 3 and Tier 4 options given to customers. Their cost may be more competitive with the introduction of cloud, especially if we need dedicated server hosting option.

Most companies should consider traditional hosting and cloud hosting as a blended solution to achieve highest ROI for the company.

There is another possibility to integrate with key cloud provider (e.g. AWS, Azure) together with a company network to make it a private WAN environment. This can be achievable from various provider (e.g. CATO). This will enforce another layer of security between internal & public hosted providers.

Taking into consideration the challenges of human resources in terms of hiring, retention, and the digital transformation that many are embarking, outsourcing seems to be a must have option. We will still need to have a core IT team within each company to work hand in hand with credible vendor to deliver solutions that meet our business demands.

Top 10 Virtualization Solution Providers - 2017

Featured Vendors

Odin

Neil Morarji, VP (APAC)

Virtualization Special

CIO Speaks

Prayson Pate, CTO & SVP of R&D, Overture Networks

Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

Jerry Mcglynn, CIO, Specialized Bicycle Components

Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

Alex Konnaris, Group CIO, RMA Group

David Kennedy, Group CIO, Transaction Services Group
Peter Auhl, CIO, City of Adelaide

Judi Flournoy, CIO, Kelley Drye & Warren LLP

Dave Hudson, CIO, Veritiv Corporation

Chris Moon, CIO, Environment Protection Authority Victoria

Cameron Brill, CIO, St John New Zealand

Dale Rayner, CIO, AJ Park

Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy.

follow on linkedin

follow on twitter

This content is copyright protected

However, if you would like to share the information in this article, you may use the link below:

https://virtualization.apacciooutlook.com/cxoinsights/saas-cloud-application-and-security-nwid-4632.html