Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Whitepapers
  • Partner Conferences
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Business Intelligence

    Business Process Management

    CEM

    Cloud

    Collaboration

    CRM

    Cyber Security

    Data Center

    Digital Technology

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    Enterprise Security

    ERP

    Gamification

    Geographical Information System

    HPC

    HR Technology

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    PLM

    POS

    Project Management

    QA and Testing

    Risk Management

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

    Workflow

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Fleet Management

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Managed Services

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Payments

    Pharma and Life Science

    Procurement

    Retail

    Sales and Marketing

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Corporate Finance

    Google

    HP

    IBM

    Intel

    IT Service Management

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

Menu
    • Data Center
    • Automotive
    • FinTech
    • IBM
    • SAP
    • Amazon
    • Big Data
    • Education
    • HPC
    • Simulation
    • Unified Communication
    • Web Development
    • AI
    • EPM
    • ERP
    • Project Management
    • Salesforce
    • Sports
    • Travel and Hospitality
    • CISCO
    • IT Services
    More
    Education HPC Simulation Unified Communication Web Development AI EPM ERP Project Management Salesforce Sports Travel and Hospitality CISCO IT Services
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Virtualization
    Editor's Pick (1 - 4 of 8)
    left
    CIOs Need To Know Their Business, Not Just Tech

    John Sadowski, EVP & CIO, Sandy Spring Bank

    Your Next Law Firm Website Project

    Vic Peterson, CIO, Stinson Leonard Street LLP

    Essentials for a Compliant Environment

    Seevali Fernando, Group CIO, Hoya Corporation

    The Digital Agency

    Ralph Chivers, CIO, Ministry of Business Innovation and Employment, New Zealand

    E-commerce and the Data behind it

    Klemen Drole, CIO, Lazada Group

    Need and Importance of IT in the Shipping Industry

    Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

    At the Crossroads of Sports and Technology

    Jerry Mcglynn, CIO, Specialized Bicycle Components

    Proliferative Innovation via Platform+Agile

    Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

    right

    SaaS, Cloud Application, and Security

    By John Ang, Director of IT & Education Technology, The Learning Lab, Singapore

    content-image

    John Ang, Director of IT & Education Technology, The Learning Lab, Singapore

    Software As a service (SaaS) has been around for many years in the market. In recent years, it has been very prevalent in using this service with the notion of putting applications on cloud.

    SaaS can be useful for general purpose applications (e.g. Dropbox, OneDrive). If a company can use a standard out of the box application with some minor configuration, SaaS will fit them well as it is relatively competitively priced as it is a shared application. All new features will be dependent on the vendor’s roadmap. All maintenance, patches will be well taken care by vendors.

    For systems which are critical to its main company operation, it is unlikely SaaS will take place unless it can be customized to fit the business needs. Most vendors who allow customization will make the company pay more in their future yearly maintenance as those customized plug in or components are taken into account as the over application will still need to be patched and upgraded constantly. It is still considered SaaS with customized option.

    It is important for a company to deliberate on dedicated and experienced resources, onsite or offsite to ensure the agreed turnaround time for any change request, bug fixes, and the necessary SLAs. A minimum of two resources is needed and it will depend on the criticality and the complexity of the system.

    All applications should consider adhering to the OWASP application security risks, CERT secure coding standards, with proper code analysis and application security testing tool (e.g. Check Marx, Veracode). It may be difficult to adhere to secure coding standards for most software as it may have certain legacy components in them. However, it is important to understand their server architecture, including their middleware to sieve through the vulnerabilities that can be at hand.

    There are companies who may want to consider to move its on-premise solution to cloud hosting, instead of the traditional rack hosting options. Cost, Tier X, SOC X are important consideration factors. Cloud hosting may not be a cost effective option as hosting in Singapore is still much higher than other places around the globe.

    For SaaS vendors, most are likely to have a negotiated bulk discount deal which give them an edge to compete better.

    Most Companies Should Consider Traditional Hosting And Cloud Hosting As A Blended Solution To Achieve Highest ROI For The Company

    However, companies are still moving towards cloud facilities. It is similar to outsourcing infrastructure to specialized providers.

    There are some key benefits in moving to cloud:

    1. Less staff to maintain within a company

    2. Reduce in the difficulty to recruit and retain technical staff

    3. Reduce technical expertise which can be in a shortage to maintain and upgrade the system – applications, servers, and network

    4. High Security investment by cloud provider

    5. Quick ramp up of server, network specification when required during peak periods

    Key areas to consider for Cloud hosting provider (e.g. AWS, Azure) will be their accreditation and certification that they have (e.g. SOC3, PCI compliant).

    For cloud hosting services, we need to consider the ease of administration, which includes data transfer between accounts, key features to be turned on, etc.

    IT staff should also be trained in cloud provider administration to administer the respective cloud hosting provider if it is infrastructure as a service.

    On prem hosting will be less favourable especially with companies where getting talents in server, infra, operations, and security are tougher with many digital transformations being underway by private and government sectors.

    Traditional hosting can also be considered with Tier 3 and Tier 4 options given to customers. Their cost may be more competitive with the introduction of cloud, especially if we need dedicated server hosting option.

    Most companies should consider traditional hosting and cloud hosting as a blended solution to achieve highest ROI for the company.

    There is another possibility to integrate with key cloud provider (e.g. AWS, Azure) together with a company network to make it a private WAN environment. This can be achievable from various provider (e.g. CATO). This will enforce another layer of security between internal & public hosted providers.

    Taking into consideration the challenges of human resources in terms of hiring, retention, and the digital transformation that many are embarking, outsourcing seems to be a must have option. We will still need to have a core IT team within each company to work hand in hand with credible vendor to deliver solutions that meet our business demands.

    Top 10 Virtualization Solution Providers - 2017

    Top 10 Virtualization Solution Providers - 2017

    Featured Vendors

    Odin

    Neil Morarji, VP (APAC)

    Virtualization Special

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy.

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://virtualization.apacciooutlook.com/cxoinsights/saas-cloud-application-and-security-nwid-4632.html