IaaS, PaaS, SaaS — modern software distribution / cloud delivery models
A quick explanation on the modern software distribution / cloud delivery models and considerations
With the cloud computing evolution, various software distribution / delivery models have been introduced to fit different business purposes and usages. ‘How to choose the most suitable model’ is the key challenge for most organizations or even individuals.
In this story, the foundational concept and few key considerations will be discussed. However, there is no BEST model that you need to evaluate for every use case based on your business situation.
Key Principle: Ownership vs. Cost
The major difference between On-premise and Software as a Service (“SaaS”) is the ownership that SaaS provider will own the infrastructure, software and maintenance and offer to public an option to consume (e.g. Azure provides a SaaS OCR API that charges by number of document and document size). It provides the lowest Total Cost of Ownership (“TCO”) and high scalability pay-as-you-go charging model to match the user demands.
However, nothing is perfect. SaaS option is heavily limited by the organization security policies and local regulations. Since the applications and data are both under the provider, data transfer is required and it may raise different security concerns especially sensitive information is being transferred.
Then Platform as a Service (“PaaS”) and Infrastructure as a Service (“IaaS”) come with more ownership and flexibility to allow organizations to implement their own security controls / customized components.
PaaS provider will own the infrastructure and responsible for the hardware maintenance. The organizations could own the applications and data to perform limited customization (e.g. Azure managed SQL database instance). IaaS is simply offering the Virtual machine (“VM”) or other instances with highest flexibility. The pay-off of ownership and flexibility is increasing IT management responsibility and cost (e.g. system monitor and maintenance effort).
How to choose the Most Suitable model? What are the Key Considerations?
Every use case will have different requirements which could generally group into 1) Business Needs, 2) Technical Requirements and 3) Security and Compliance. Analysts need to evaluate the requirements, conduce comparison between different models and determine the most suitable model. Below are few key considerations for each category,
Business Needs
- Service Level Agreement (“SLA”)
- Expected volume and volume growth
- Execution frequency
- Customization required
Technical Requirements
- Integration with existing systems / applications
- Maintenance and support (Both software and hardware)
Security and Compliance
- Cloud usage regulations
- Firewall and authentication
- Data encryption and data masking
- Personally identifiable information (“PII”)
- Cross-border data transfer
Again, there is no model answer. There could be other considerations for your business situation and use case. It is an important step to conduce an evaluation before choosing the right model. Otherwise, there will be potential wastage even the subscription for IaaS/PaaS/SaaS could terminate in a short timeframe in most cases.
