Had a great time presenting to the audience at NZCS last night on the topic of SaaS Tools for 21st Century Service Providers – lots of great questions and knowledge about the pros and cons of taking a wholly SaaS approach to IT. Thanks for the invite, guys! For those that attended the talk, and those that didn’t here are my slides.
(I’ve been looking forward to writing this post for a while… ) 
Exciting news from cornerstone Memia customer Letstrade International who announced the start of their beta programme starting in October. Access will be free to Xero users during the beta period.
Letstrade provides a powerful Sales, Procurement and Inventory solution for businesses of all sizes, and has been (beautifully!) designed from the ground up to meet the needs of today’s complex trading operations. Take a look at the video below to see a bit more info on the product and go to http://letstrade.com to sign up. Also, take a look at Xero’s blog post Be the first to try Letstrade.
Over the last 6 months Memia has successfully operationalized and proved a new (for us!), scalable cost model for our software application development business, almost exclusively using cloud infrastructure and services throughout. I’m sure there are a lot of other folks out there who have done the same, but having worked in software for 15 years I wanted to share our experiences – and ask how can you do it for even less? The near-zero financial capital requirements of this model implies that the barrier to entry for software (…as-as-service) is now based almost entirely on how smart your team is rather than how much capital you have.
Business Principles
The business principles we’ve used to guide our Technology architecture are pretty simple:
The first couple of financial principles strongly push towards buying our applications as a service, not as a capital expense. However, when we started out, we still weren’t absolutely sure what “acceptable” meant for security or usability: but after trialling some services and reading through the SLAs we decided to see if using the common SaaS collaboration applications which are currently available (in particular Google Apps) would be “usable enough” (they are. With spades on) and “secure enough” (the jury’s still out but looking good so far…)
Technology tactics
- Bring your own laptop and softphone (each staffmember / contractor gets a monthly allowance to provide and support their own equipment – this is the 21st century everyone has their own laptop, why double up?)
- Cloud for everything. No servers anywhere in our business
- HTTPS and, where necessary, certificate-based authentication for all internet-based communications
- Everything in a browser. (Where possible: most IDEs, application runtimes don’t allow for this. There are some examples such as Heroku (Rails) and Force.com are getting there, although that’s not so practical yet).
- Wireless internet only
- Work remotely outside core hours if you want (Note: this has implications for Business continuity = go home and work from there!)
- Think of the trees before you print anything – collaborate electronically and round a projector where possible
- Skype is “good enough” for non-sales conference calls
- All integration, system, performance, load and UAT testing is done on Cloud IaaS (either Amazon or GoGrid). Once the testing has finished we wind the virtual servers back down and stop leaking $$$
This means we’ve ended up with an infrastructure technology architecture that looks (simply!) like this:
…that is, the only capital expenditure on IT Equipment required was:
Again: No servers, no datacentre. Everything else is opex.
Services Architecture
Abstracting up a level from the networking and infrastructure technology, we’ve developed a reference services architecture for an software development organisation, shown in the diagram below. This basically enumerates all of the input technology services (ie excluding sales, marketing, HR, real estate) which go into delivering a working increment of the software on a monthly iterative cycle, together with associated artefacts like project management reports and requirements documentation (the output services).
The input application services are divided into two main categories:
1. Collaboration and productivity applications
We have become solid users of Google Apps for collaboration as a team – Google Sites especially is a great way for the team to post content and documentation for the rest of the team to collaborate on together. We also use it for our requirements documentation and our BAs work directly with customers to get Use Case and UI screenshots right. It meets most of our requirements, and the real-time collaboration beats client-side productivity tools hands down. We also use Skype for conference calls and, for the most part, it’s ok. (And we’re at the end of a long thin pipe under the Pacific Ocean here in New Zealand!)
2. Software development applications
Depending upon what the target application technology is that’s being developed, you can mix and match on the software dev apps. (For example for developing ASP.NET applications developers will generally use Microsoft’s integrated Visual Studio and Team System toolset, installed on cloud IaaS, but for Ruby on Rails for example you could use Netbeans or Aptana for the IDE, GitHub for source control and then choose your own flavours of continuous integration and defect management).
What I’m still on the lookout for is the best SaaS requirements management tool – any suggestions?
Fundamentally, our experience is that this technology model *works*, and furthermore it *scales*. It cuts the technology costs of running a software development organisation to the bone, and provided that the business in question is satisfied with the security and reliability of using services in the Cloud provides easily the best value solution.
So this is how you design and operate IT for a software development business. How many other industries does this model apply to….?
On my way back home to NZ now, time to collate some thoughts on the last couple of days here at the Cloud Futures SaaS migration conference.
There were some really great speakers here – including the first time in a long while when Amazon and Salesforce have spoken together in the same room. In particular, my main takeaways from the speakers were:
Keynote from Bill McNee, Saugatuck Technology: Valuable fact-based market research:
- Despite current economic crisis, purchasing for Cloud IaaS and SaaS remain strong through 2011
- However, financial benefits around cloud IaaS potentially illusory? (=> position around other business benefits than price).
- A new ecosystem is forming around Cloud Computing, will transform IT sector
- Sweet-spot: 100-499 employee count, then 500-1000. But there is significant demand from Enterprise.
- Highly interwoven: hybrid app architectures emerge
- Cloud dev via PaaS providers has begun to open up
- A new SaaS based business services delivery model is emerging
- While roughly 35% of ISVs have begun transition to SaaS, will be long and rocky road for most (expect around 70% eventually.) Totally new model for traditional ISVs – many not prepared financially or operationally for the changes needed.
Mark Trang from Salesforce:
- 7 secrets of SaaS success, a small set of moves from Benioff’s playbook
Allan Leinwand from Panorama Capital giving the VC perspective:
- Enablers of Cloud Computing such as networking are continually getting cheaper: run CC on the “Taiwan Inc” model – eg Vyatta, a firm that Allan is invested in can provide networking equipment equivalent to an $6000 router for $10! The landscape changes. Expect costs to keep coming down.
- Cloud Services Market: Gartner : Cloud Services market triples from $56.87 -> $150.5 2009 -> 2013 (mainly SaaS)
- Obstacles: Security, Management,Performance,Economics
- VCs are looking for Cloud startups who understand how to measure performance / SLAs
- Q: What will drive exits for Cloud startups? A: Monetization of customer growth.
- Being “cloud” is sexy and doubles your valuation multiple. (Eg Rackspace cheap acquisition of Slicehost (<$10m?) made them a "Cloud" company overnight, their multiple went up to 4x compared to 1.2-2.7 for their competition.
Rick Nucci from Boomi
- “API is not optional” – all SaaS must come with API AS STANDARD. (There is NO DATABASE!)
- All SaaS-to-SaaS integration can now be done in the Cloud
- SaaS API Blueprint recommends Object.Operation naming convention
Sumatrar Sarkar from TechStrategyLabs: The Economics of Cloud Migration
- Demand side economics: NO MORE CAPEX
- Supply side economics split between Supplier and VAR
- Very impressive (if slightly incomprehensible!) TCO model which models optimum allocation of costs between Customer, Supplier and VAR.
Doug Harr, CIO of Ingres:
- Ingres decided to run with totally SaaS-based IT (except desktop productivity and directory services from Microsoft)
- Successful implementations, rapid agile delivery
- Have implemented SSO across their SaaS apps using MyOneLogin
- Leading frontrunner in “IT Free Business” model
- Enables the role of CIO to be more involved in enabling business strategy, not day to day operations.
- CIO is more involved in understanding risk model: auditors still learning how to audit control objectives for security and management when it’s consumed via SaaS.
Erik Novikoff, Enki (previously director of software dev, Netsuite)
- Enki provide “people on demand”
- Enki have done 50-60 customer deployments from on-premise to the Cloud.
- Enki customers enjoy increased revenue, new opportunities,delight their customers. (He says).
- With SaaS, can calculate costs as fraction of total revenue
- Retrain some traditional sys admins to be cloud admins
- Charging for service:
Model – Enki charges based on “cost plus”
Pricing
- Start with equal 2-year NPV (ie equal to boxed software) and upsell
- Gotchas / one time costs/tasks:
-Moving to Cloud
- Web presentation platform
- Single to multitenant conversion
- Redesign for scaling
- Adding API / mashup
- Monitoring (SLA) – internal and external
- Billing system
- Upgrading support offering (24×7)
- Financing your move: Covering delayed time-to-value
- Marketing: whole new world with different competitors/comms channels
Ramon Chen, Rainstor
Rainstor is a vendor of Cloud-based archiving solution. Useful for the following use cases:
- Storage of archived data for compliance purposes
- Escrow of data held in 3rd party SaaS services
- Log and security event data retention
Interesting product (service!), launched in US today.
Richard Reiner @ Enomaly
Richard woke up the room with more specialized detail on the security question than I’ve seen to date. Cloud IaaS is potentially compromisable because software is the *only* security control – a compromised virtualization layer therefore means that your data and applications are not secure. He characterizes all current cloud IaaS vendors as saying “Trust me” based on their quality people and processes. (The “Trust Me” cloud). Enomaly is (about to?) launch a product which provides the “Verified” cloud, and provides a direct channel from a browser plugin to the underlying hardware layer to verify that the software installed (eg virtualization / hypervisor layer) has not been tampered with. Good communication of the issues, but does the cost outweigh the risk?
Nolan M. Goldberg, Proskauer: Legal Issues of Cloud Computing- Case law is behind the technology
- Make sure legal issues are covered off in service agreement (which is a contract!). In particular, make sure that responsibility for paying costs to comply with legal requests is assigned.
- Went through the standard legal risks of privacy, data security, geographical location / jurisdiction
Gowri Subranium, Aspire Systems:
- Aspire are a Chennai-based SI / development partner specialising in building SaaS. (Bit like us!)
- Gowri introduced three main strategies to build SaaS:
1. Ground up build
2. Build on top of PaaS
3. “Solution Accelerator” – effectively a set of code libraries which enable delivery of the platform out of the box.
You can see the Twitter stream for the conference at http://twitter.com/#search?q=%23cfsj09 (mostly me, natch…)
From my side, the conference was worth it in that it:
- Validated my thinking that the industry is at the same early stages of development across the globe, and ISVs / IT Services Vendors are still unclear as to which business models will work and which ones won’t. “How do you make money out of SaaS / Cloud?” – there’s only one data point so far and that’s Salesforce. The costs and risks for traditional ISVs to make the move are substantial, and maybe better strategy is to “enhance” an existing on-premise offering with SaaS rather than “migrate”. (Begs the question what do you do when a SaaS competitor for your core offering takes your customers a couple of years down the road….)
- Enabled networking with a (surprisingly small) number of key players in the industry in the US (particularly enjoyed catching up with @MichaelDunham of Scio – who are an agile outsourced SaaS vendor much as ourselves – and trading war stories, and the other guys from outside the border Luc and Stephan from C3Wave from Belgium).
- Overall, the trip has provided some solid new insights into the risks, opportunities, strategies and challenges with moving from on-premise to SaaS and Cloud. Useful, all in all.
