IaaS, PaaS, and SaaS: The Good, the Bad and the Ugly

We asked 32 IT experts to share their insights on the differences between IaaS, PaaS and SaaS.


Cloud computing is a broad term for the various IT-related services that can be provided on demand using a consumption based model.


The three most common cloud computing models:

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)


There are countless articles covering cloud services. Yet, you might still be confused about what the heck all these “as a service” terminologies are. You are not alone, we hope that after you read what 30+ cloud experts have to say about their value, advantages, benefits and best practices things will be much clearer.



Which one of these rapidly adopted terms is the “Good”, the “Bad” or the “Ugly”?


Finding the Right Fit


The SaaS model is very simple because there is nothing to set up. You simply access applications online that previously would have been hosted locally. While it’s the easiest cloud model to set up, you have no control over the cloud infrastructure your SaaS applications run on. PaaS provides a little more control, as it provides a predefined software environment, such as SQL server or .NET, that IT professionals can use to run applications on. While PaaS gives you control over what you set up on top of the platform, you have no control over the underlying hardware or operating system that powers it.


For IT departments that need more control, IaaS gives you access to low-level computing resources like storage, memory, and CPUs, in addition to control over which OS runs on cloud infrastructure. IaaS cloud instances behave much like physical computers in that you can reboot them as needed or shut them down if they are no longer used. But with great power comes great responsibility, as you’ll have to worry about securing every aspect of your instances. For example, you have to manually patch the OS every time there’s a critical update.


While these cloud models offer a lot of convenience and flexibility, they do all have downsides. Things can go horribly wrong with either SaaS, PaaS, or IaaS when the provider hosting your instances has an outage.


For example, when AWS has an outage, popular services that rely on it like Airbnb and Reddit also go down. In the case of IaaS or PaaS, where users are charged by usage, a runaway process or faulty software that hogs resources could drive costs sky high. Additionally, SaaS is so easy that anyone can set it up, which could lead to employees starting up their own services behind IT’s back. This phenomenon, known as shadow IT, is dangerous as many fail to properly evaluate or implement a cloud service’s security features (or lack thereof), potentially putting a company’s sensitive data at risk.


Contributed by Peter Tsai, IT Analyst, Spiceworks



Balancing IaaS, PaaS, and SaaS


At CGI, we value the three cloud models – IaaS, PaaS, and SaaS, maintain an agnostic perspective on all cloud technologies, and endeavor to ensure that the right solution meets or exceeds customer expectations. However, we are very cognizant of the fact that each of these models has benefits and features that are both positive and negative with respect to the client’s cloud strategy, and long term implications that can mistakenly drive incomplete or incorrect solutions.


One of the key risks organizations take when they adopt one or more of these models is the lack of mobility, and to some lesser degree, transparency. For example, SaaS may provide the lowest cost per seat serviced, but incompatible data formats and incomplete support for data migration in and out of the service may leave an organization trapped and unable to select a different SaaS provider for similar services. Additionally, the client may be unable to create custom reports, dashboards, or defining metrics for a client’s specific KPIs.


Some reports and analytics may not be a good match for client requirements, and may, unwittingly, provide faulty insights into business operations. Furthermore, data may be trapped in proprietary formats and require substantial decrypting and analysis to migrate to alternative solutions. Remedies for system performance or reliability may be unavailable, leaving the client to fight it out with the SaaS provider over penalties for failure to meet SLAs.


With PaaS, proprietary platform features may leave a client with little recourse should new requirements arise that the platform cannot address. Brain drain or loss of key personnel and skillsets may leave future updates and adaptations delayed or deferred, increasing technical debt. And wringing the most performance out of a PaaS solution may require specific (and expensive) expertise that cannot be easily scaled. When taking on PaaS, clients must entered with eyes wide open to the stickiness that closed or proprietary PaaS services incur.


IaaS is also fraught with risks. Essentially, the client is still on the hook for providing key personnel who understand how to manage and govern the IaaS service provider. However, IaaS offers the most flexibility, as the customer can design and build solutions utilizing best practices for security, data retention, and gain the ability to migrate workloads to other providers. With proper planning and preparation, moving workloads from one provider to another is certainly possible. The key to getting the most out of IaaS is to ensure workloads and data can be migrated to another provider in case that the cost or delivery provided by the current provider no longer proves worth the price.


The real key to adoption of cloud services is to allow the client organization to consume the right amount of IT resources, on demand, and at the right time. By maintaining only key core functions in-house, clients can focus on their core competency. Clients should strive to separate application lifecycles from hardware lifecycles, which is greatly enhanced by allowing cloud service providers to handle the challenges of maintaining capacity and services in the face of unknowns. But CSPs like to sell services that help ensure their customers remain sticky, thus the increase in assistive technologies from Amazon, Azure, Rackspace, Google, etc. While such tools and services eliminate the need for clients to manage those technologies, they are especially hard to get out of should requirements change.


Contributed by Niels Goldstein, Director of Hybrid IT Management and Modernization Practice, CGI Federal



 How Do You Get the Most Out of XaaS?


Anything-as-a-Service (XaaS) is a beautiful thing – consume the best of breed services or the service de jour that your business organization wants, at the scale that it’s needed, anytime, anywhere.


The good in this is clearly the agility, availability and scalability of services. In addition, on-demand services mean that one only pays for the services consumed at the time of consumption.


There are other consumption models, such as reserved and spot, that can be utilized based on an organization’s objectives. In addition, as new services are added, an organization has the option to quickly pivot and adopt the consumption of those services. Technology debt and technology inertia can be lessened to a certain extent, too. Finally, the goal of XaaS is frictionless consumption, and as such, service providers strive to ensure that customers face zero to little barriers in order to consume any service.


The bad is that organizations have to trust their service providers. Organizations are trading the control of parts or an entirety of their services stack and the customizability of these services for the goodness that XaaS provides. They also have to abide to a service level agreement that pays pennies on the dollar for service miss or disruptions. Next, although they are more agile versus technology debt, they can get locked in with a cloud service provider, especially as their application architecture and delivery becomes intertwined with a provider’s services. Lastly, many organizations lack the talent in terms of their personnel to seamlessly and continuously integrate and deliver services constructed from XaaS and their own derived services.


There are a few examples of -as-a-Service going horribly wrong. These include service providers shutting down their operations, like cloud storage companies such as Nirvanix and Cyphertite, and even Cisco’s Intercloud and HP’s Helion Public Cloud.


So, how can one protect their investment and their career while maximizing consumption of XaaS? Trust but verify with foundational skills like IT monitoring with discipline. The concept of monitoring with discipline focuses on the fundamentals, and can help abstract away the layers of complexity associated with XaaS. Leveraging monitoring with discipline and a proper tool set, a clear, single point of truth can be surfaced that shows the connected context of the entire XaaS ecosystem.


Contributed by Kong Yang, Head Geek, SolarWinds



 Staying Ahead of the Curve: How Do You Choose?


Both users of cloud services and providers will agree that there are just too many options to choose from. Iaas/PaaS/SaaS – each of these have their own characteristic features and applications. While an end-user or business user would be interested in SaaS, there are high chances that a system administrator or a DevOps professional would be into IaaS. On the other hand, if you’re a true developer and want to focus on your code and not the rest, PaaS is the best choice for you.


However, the future of cloud computing depends upon factors that go way beyond the many services it offers. It’s not just about understanding what will work, won’t work, or what will fail terribly – it’s about thinking about the big picture, and noticing the obvious, which is getting ignored. For example, IT organizations determining their budget for services like IaaS/PaaS/SaaS need to have a clear understanding of the value of business agility versus IT cost reductions. They must realize that cloud computing is less of an area of innovation and more about the requirements of any new IT project and the consequent changes or upgrades that it demands.


On the other hand, as public cloud providers like AWS, Google, and Azure roll out new services, development teams at IT organizations must push them to keep up with the pace of innovation as automated, software-centric, and API-driven technologies are going to drive the agenda for future IT projects.


Trends over the past 4-5 years show how venture capital firms are primarily investing in SaaS startups. In the dot-com period of the late 1990s and early 2000s startups followed a CAPEX model and spent around one fifth of the money they raised on building infrastructure. Today, these startups direct their spending to public cloud services and other OPEX spending models. This would lower the entry barriers for startups. So it’s time IT organizations prepared themselves to deal with SaaS directly or through platforms that can integrate SaaS applications with the existing applications.


Cloud computing is moving beyond digital products and websites – it’s beginning to get embedded in almost every physical product. For example, BMW and Mercedes, companies that differentiated their products based on gas mileage or sleek external engineering, are now talking about enabling new applications that will deliver a better in-vehicle experience. The Dell acquisition of EMC is a glaring example of how cloud computing has a significant impact on all aspects of the IT industry.


Cloud computing is no longer a technology discussion – it’s a core competency, and every business needs to embrace it and excel at it. Stronger relationships must be built between the IT organizations and their internal business groups to understand how technology is impacting their business, products, and services, thereby accelerating their skill-set evolution.


Contributed by Naveen Joshi, Director, Allerin



 Working Through Issues Created by IaaS and PaaS


Many IaaS vendors restrict customers’ network configurations, so sometimes really ugly workarounds are needed to get applications to work properly without redesign.


Additionally, there are issues with vertical scaling – if an application needs a little more resources, in most cases, it will have to migrate to a bigger VM, so extra work or even downtime is inevitable. But as IaaS and CaaS become more related, and as containers provide better granularity, it becomes possible to run applications more efficiently and to easily scale them in and out, up and down.


PaaS solutions were created following the question: “What if we built a tool that helps to solve routing infrastructure configuration tasks during a development process, where involvement of system admin experts won’t be required?” However, to get an application up and running on a PaaS, it will most likely need to be adjusted to the specifics of such platforms. At the same time, some PaaS solutions already require zero code changes and bring hope that this issue will be totally eliminated across all platforms in the future.


Contributed by Ruslan Synytsky, CEO, Jelastic



 Three Very Different Cloud Model ‘Flavors’


SaaS is a kind of software that usually doesn’t need to be downloaded or installed (there are exceptions such as HipChat that require you to download a client in order to connect to the chat network). Rather, it can be accessed via your regular web browser (provided that it isn’t terribly old – you might actually feel a little bit left behind when trying to open Gmail in Netscape 4). SaaS products mostly target end-users who would like to benefit from the fact that hardware and software patches are not necessary and that they do not have to pay high one-time licensing fees for conventional, locally installed applications.


However, there are also certain shortcomings to SaaS. In some contexts, the present legislation does not allow external storage of data – that is, on the service providers’ servers, which could be anywhere in the world. Also, in cases when the application really needs to use the full processing power of a local machine – think video rendering for example – a SaaS product might not be the best choice.


Next up is PaaS, and this is where it begins to become really interesting. Put simply, PaaS provides the structure and the framework to host, build, test and deploy the SaaS products we talked about before. So usually, PaaS services are used in the process of creating web applications. For developers, this means that they can fully concentrate on producing their apps without having to worry about server management for example. This becomes especially relevant when there are multiple developers working on a specific project – maybe even from different companies. A service such as Heroku for example helps to organize the deployment workflow for all team members, who otherwise had to deal with complex server set-ups, rights management etc.


The last piece of our little cloud puzzle is IaaS, and we can think about this as kind of base layer for on-demand services. With IaaS, clients don’t have to invest in expensive hardware. Rather, they have access to an outsourced form of on-demand hardware which is billed according to the resources that are being used. For example, instead of buying a physical server in a rack, you can also rent services by Amazon Web Services (AWS) or Rackspace and pay only for the CPU processing time. On top of being able to avoid high initial investments, this strategy also makes scaling of applications much easier, because more resources can be added dynamically. This makes PaaS services especially interesting for fast growing organizations and projects.


In a nutshell, these were all the flavors of current Cloud computing. Of course, sometimes there are no clear-cut divisions between the three and the edges can be a bit blurry. Also, who knows which other terms and phrases people come up with in the future – as we all know, the web business never suffered from a shortage of terms and abbreviations.


See the full article.


Contributed by Dr. Roman Zenner, Industry Analyst & Content Writer, Commercetools



 What are the Advantages and Holes with Each?


In an IaaS architecture, third-party vendors provide access to hardware, software, server, and storage devices to their customers over the Internet. Customer pay on a per-use basis, thus saving a huge amount of hardware cost associated especially with server, storage, and networking devices. Also, security might be better than on-premise security software. Another advantage of IaaS is that it reduces the total data center handling cost, and allows customers to focus on their core business.


Nowadays, IaaS providers are using converged and hyper-converged infrastructure in their data centers, reducing hardware/software compatibility issues.


The most wonderful advantage of IaaS is the capability to transfer work to the cloud during peak demand in on-premise systems.


But IaaS architecture creates dependency on a particular cloud provider. In an IaaS model, complex resource allocation software is also required to ensure that cloud based resources are there when needed.


PaaS facilitates developers to develop and manage applications without the need to purchase additional hardware or to hire resources to manage the added infrastructure. So basically, software developers can develop software over the Internet with resources supplied by PaaS providers. There is a certain subscription fee attached to PaaS that is also based on a pay-per-use model. Various features related to the software development phase, such as DBMS, operating system, server software, and network access are generally added into the PaaS subscription. Some PaaS vendors are also offering solutions that enable non-IT users to develop particular software through an Internet browser.


In comparison with the SaaS model, PaaS still doesn’t represent a complete solution. In a PaaS model, customers still have to design, build, and test applications. Also, customers have to depend on third-party vendors in terms of security and quality-related issues defined under SLAs. Another challenge associated with PaaS is that the transfer and integration of on-premise data and PaaS-based applications is often challenging.


SaaS is the most commonly understood cloud technology. It allows customers to use software applications running on a provider’s cloud. SaaS basically converts capital expenditure to operating expenses related to software applications for a particular organization. SaaS can be delivered through a web browser or mobile application.


Quintessentially, SaaS products are used by mid-size enterprises for enterprise software suites, such as ERPs, CRMs, or supply chain management. One of the biggest challenges associated with the SaaS model is that one software problem can impact all users who are dependent on third-party vendors. This means that if any small fault occurs at the provider’s end, it can halt the operations of its entire customer base. Therefore, it is very critical for the customer to analyze the SLA defined by the SaaS provider.


Contributed by Rahul Singh, Assistant Manager, Digital Marketing, SEO & Branding, Persistence Market Research (PMR)



 Requirements When Using Cloud Models for Resources


As defined by NIST, a cloud computing model may be considered as a universal model, which provides 100% efficiency for interaction between a customer and a provider/supplier. Thanks to on-demand, self-service, and measured quality, customers get exactly what they need with the level of quality they require, while the provider produces the exact volume and range of services demanded by its customers, and thanks to resource pooling and rapid elasticity, production takes the exact amount of required resources.


The typical understanding is that the application sphere of cloud computing models is applicable only for pooling of ICT resources: servers, storages, switches, and so on. But the application sphere is obviously much broader – it may cover the entire spectrum of services and products and can be applied not just to servers, storages and switches, but to any kind of resource, such as vehicles, industrial equipment, buildings, and so on.


Use of cloud models for any kind of resources (including non-ICT resources) has two basic requirements: The first is defined by NIST: any kind of resource should be smart – software defined and virtualized. This means that each physical device should have its virtual mirror or abstraction layer, which makes it available for management as a part of a virtual pool of resources. The second requirement is specific to non-ICT resources – the resources should be available for fully automated control (like with autonomous vehicles).


Contributed by Alexander Gerasimov, Director of Сloud & ICT Market Analysis, J’son & Partners Consulting


See also this research "The market of IaaS services provided by Russian service providers to corporate clients" by J'son & Partners for details.



 The Power of PaaS


Deploying both IaaS and PaaS offers flexibility for design and deployment.


The good news is that the delivered solution is fully operational, and you can focus on your data and processes without having to worry about operational details. The bad news, of course, is that you are limited to whatever features and modifications the vendor offers.


At Altoros, we are now designing solutions with microservices, which offer a flexibility for cloud-computing environments that traditional, monolithic applications cannot. Within this context, we’ve found the that the key difference between IaaS and PaaS deployment is that a highly competent DevOps team needs to be in place when deploying on infrastructure, whereas a platform-based approach manages most operational


Here are some examples: With IaaS, DevOps teams need to deploy each service, configure valid communications interfaces, and be responsible for scaling. They also need to configure application runtime, manage each instance in a loosely coupled environment, and more. With the PaaS approach, the platform itself controls application lifecycles and scaling, automatically deploys the application runtime, uses containers to manage instances as isolated elements, and more.


Our long-time membership in the open-source Cloud Foundry Foundation underlines our positive view of the PaaS approach. Yet we don’t necessarily think an IaaS-focused approach is all bad. We understand that many enterprises are successful working directly with infrastructure through their DevOps teams. But it can get ugly if you’re not rigorous with creating a sophisticated DevOps team.


We clearly believe in the power of the platform and of PaaS in designing and deploying modern enterprise IT solutions.


Contributed by Roger Strukhoff, Director of Research, Altoros 



 The Ups and Downs of IaaS


We have seen some primary benefits of using IaaS. First, those used to deploying Hadoop will appreciate the ability to bring up preconfigured Hadoop clusters with minimal engineering effort. Second, for those with variable workloads, spot pricing (and other options, such as on-demand, or reserved instances) provides a cost-effective way to make resource available as and when you need them, without having to pay for a resource 24×7. Fourth, with suitable engineering, it is possible to provide good levels of redundancy even in problematic scenarios, for example, in the event of a major chunk of Amazon infrastructure becoming unavailable.


However, the main concerns when using IaaS involve the details of the platform, that are somewhat opaque (for example, networking performance, and particularly networking performance characteristics of different node types). Additionally, the engineering required to provide the required redundancy needs careful thought and thorough testing, although the same could be said for the general case of providing a non-IaaS solution that can cope with individual node/component failures. See this article by Jon Brodkin for some details on how Netflix migrated to Amazon, and the work required on redundancy including the use of Chaos Monkey. Last, care is needed for 24×7 requirements, where looking at alternative platforms can be more cost-effective.


Contributed by Mark Chopping, COO, Kognitio



 Make it Work: Give Developers the Tools They Need


IaaS acts as an excellent entry point for larger organizations still on the fence about cloud computing adoption. While SaaS is the less expensive way to accomplish this task, the familiarity of procuring specific computing resources that offer full control ends up being more palatable for gun-shy executives. But some companies hear “infrastructure” and assume they’re going to get all the benefits that come from other “-as-a-Service” models. When they end up with a system that gives them the bare basics with barely any of the cost advantages, they may put their cloud adoption on a long-term backburner due to a disappointing user experience.


And while IaaS is largely a “handle it yourself” type of platform, businesses still need someone to be there on the other end if the service becomes inaccessible or they run into other problems that are impossible to fix on the user end. Horror stories, such as Smart Hosting failing to answer tickets for more than nine days, can cripple businesses and provides fuel for anyone in the organization who is dead set against using any cloud services at all.


Promising and innovative developers need the right tools to bring their application visions into the world. If they’re stuck working with a subpar development environment, they spend more time trying to work around the limitations in the system than they do meeting their original goals. PaaS gets rid of this concern by creating a pipeline of software engineer and programming talent that can start to address the severe skill gap in the industry. But executives still resist the idea of migrating entire workloads over to PaaS, even though the scalability serves their long-term needs. When they do select a provider, the end user requirements are overlooked or the front-line employees may end up not being consulted at all.


With SaaS, cloud-first development trends help applications take better advantage of the available cloud resources, so vendors can explore innovative implementations. Advances in API technology provide seamless integration and the opportunity to create a cohesive application ecosystem. But uneven adoption of cloud apps and BYOD policies that don’t address the reality of the work environment creates a critical mass of unauthorized apps. There is a tug-of-war between employees trying to get their jobs done, the IT department trying to stay on top of security, and the executives writing the policies.


Almost everyone is using some sort of SaaS solution these days, so there are countless vendors in this space trying to get their own piece of it. When companies that select applications based on the first provider to call them back, the providers with the most attractive marketing materials get a foothold, rather than the options that actually meet their needs.


Contributed by Mark Geene, CEO & Co-Founder, Cloud Elements



 What Makes a Service Good or Bad?


Why is Anything-as-a-Service good, and why might it be bad? The simple HR answer is: “It depends.” An “-as-a-Service” offering exists for almost anything you can think of in IT these days. Some of those services are fairly baked, like IaaS and SaaS, and are relatively easy to consume. In the case of PaaS, there is a wide variety in the capability and ease of use, so there’s a much greater requirement for strategic planning in your acquisition effort.


What makes a service good? The obvious benefits of IaaS or SaaS are that they are easily consumable in morsel sizes that fit almost any requirement or budget. They satisfy business needs that might otherwise take months or years to fulfill if done internally. They also provide capabilities for scale and distribution that would make many projects cost prohibitive to get off the ground.


What makes a good service bad? Having easy access to great flexibility and scale via IaaS combined with ease of deployment, means you can end up using more than you need, just because it’s easy. On the other hand, SaaS creates the potential for serious management headaches. As your dependence on a set of SaaS solutions grows, you run the risk of creating data silos and security, compliance and cost exposure if ownership and management isn’t well defined.


PaaS holds the promise of enabling controlled and well governed speed. PaaS also carries the risk of creating a complex beast that locks you into a pre-determined or opinionated tool or cloud use strategy. The risk of not having a good PaaS solution is that you’re creating a Frankenstein monster of scripts and tools that become more unwieldy with time.


The need to drive innovation from IT combined with the ever-increasing need for speed means that PaaS is and will remain for some time to come a very compelling area of opportunity. Take the time to investigate solutions that give you freedom of choice, while limiting snowflake design and release to production efforts. Marry your PaaS solution to a well-defined DevOps strategy and have it become your DevOps library and enforcement mechanism.


Contributed by Mark Thiele, CSO, Apcera


There Is a Cloud Model for Everyone 


In both personal and business spheres, cloud computing is set to dominate the future. Cloud Computing and its three major categories – IaaS, SaaS, and PaaS encourage the cloud movement stating that cloud is for “one and all”. The market for cloud computing services is witnessing an unforeseen growth rate, which will continue through 2017. There is a rapid shift from the legacy IT services to cloud-based services. Any business that is ambitious to pursue a digital strategy will have to embrace cloud. When XaaS (Everything as a Service) becomes the leading cloud trend of the era, here is what businesses need to consider while adopting and implementing cloud-based solutions and resources.


What’s good about IaaS, SaaS, and PaaS? First, these are pay-per-use models, which makes the solutions and resources accessible to all. With the global reach of cloud, organizations of any sizes can customize cloud services to fulfil their business requirements. Second, IaaS, PaaS and SaaS organizations can save the money spent on hardware and other infrastructure because cloud providers offer solutions to save the business’s CAPEX costs. Third, cloud-based disaster recovery methods allow users to easily move to mobile systems, and return to local systems when needed. Fourth, in the cloud, there is no hardcore binding, for it offers more flexible options to collaborate, allowing multiple users to work on the same project simultaneously.


Where can cloud go wrong? First, while IaaS, SaaS, and PaaS reduce CAPEX costs, the same can increase the operational costs considering the outsourcing expenditure. Second, while the reputable cloud providers offer robust security features, organizations availing cloud solutions must ensure that the tools they use comply with the dictated standards and regulations.


Third, for the cloud to work well, it is necessary to have an excellent Internet connection that is always on and has a good bandwidth and fair speed. And last, while you pay only for the services that the cloud offers, there will be certainly restrictions on what the cloud provider can give you. The advantages your business gains depends on the services you opt for and the restrictions put forth by the cloud provider.


The cloud is definitely one of the key accelerators of digital transformation because it functions as a catalyst in promoting effective dialog between businesses and IT today. The cloud is fast and easy to use, less expensive and increases business agility. All these advantages of the cloud outweigh the drawbacks and lead to digital disruptions in forward-looking enterprises. Cloud providers as well as organizations that avail cloud solutions must analyze both risks and advantages to derive the best of this rapidly evolving platform. The cloud, without doubt, is the constructive innovator of tomorrow.


Contributed by Suyati



 How IaaS, PaaS, and SaaS Affect the Customer


IaaS implements projects of any scale, and allows building of a robust IT infrastructure in a short time and without capital investment. IaaS guarantees high quality, reliability, scalability, acts as the tool of flexible management of an infrastructure, and is an alternative of renting of physical servers.


However, IaaS requires expert knowledge to deploy complex applications in the cloud. The customer cannot manage and control the underlying physical infrastructure, and can only control the virtual platform. There are not many examples of when the client is using IaaS and something goes horribly wrong. But if the client decides to install on-premise applications that do not support the cloud architecture, he will face a huge failure. To avoid this problem, the service provider offers to test the infrastructure for free.


With PaaS, the client can install and develop their own application on the cloud platform using components like OS, databases, middleware, or tools for development and testing. PaaS provides the necessary development environment without need for purchase and creation of infrastructure, simplifies working processes and minimizes the period of releasing the application to production. However, with PaaS, the client is unable to manage cloud infrastructure (network and server hardware, storage and operating system), but has control over the deployed applications. Incorrect decisions, lack of skills, knowledge and experience with development tools can lead to undesirable results.


With SaaS, the customer is able to use the software as a ready service without payroll and hardware costs, and without the need for self-installation or configuration of applications. SaaS is a ready-to-use solution. It requires only a remote connection to work. With SaaS, the cloud provider guarantees a high service performance, data integrity and relevance of the application’s version.


However, the customer does not control the operating parameters and settings of applications and the entire service is provided on a turnkey basis. Additionally, to access the application from the SaaS cloud, users need continuous access to the Internet. In case of disconnections, the company faces a challenge in the form of business downtime and significant business losses. However, the problem is solved by backup access to the Internet, which is provided by any cloud services provider today.


Contributed by Ekaterina Yudina, Project Manager and Content Engineer, IT-GRAD



One Size Doesn’t Always Fit All


IaaS has evolved as the major and most mature category of cloud computing services. Advantages of IaaS are reduced IT burden during peak load, lowered IT management costs, hiring skilled labor, and more. But while there is a steady rise in adoption of infrastructure services, innovation continues to remain stagnant. Additionally, there is a perception among cloud users that the distinction between IaaS and PaaS is blurring. Some are still wary of adopting IaaS, mainly due to security concerns and vendor lock-in.


PaaS has opened up the software development process in a way that it allows anyone, and not just developers, to develop software through the use of point-and-click frameworks, pre-built integration algorithms, and command line interface manipulations.


In recent years, PaaS is viewed in combination with microservices and concepts like containers and DevOps, which broadens its scope for innovation.


But PaaS is not yet a very mature market and is still at the early stage of adoption. PaaS offerings also have a confusing marketing message. To complicate its use further, PaaS can be delivered as a managed service, be managed on-premise, or be hosted on either private or public clouds. Thus, each PaaS provider adopts a different approach to PaaS, so there is no standard that can be used to compare these solutions. Additionally, PaaS solutions lack operational features.


SaaS is the best-known segment of the cloud computing market, largely due to its large number of users, but also because many people are likely to have first-hand experience with cloud-based apps such as Office 365, Salesforce, Box, and so on. Companies that use SaaS instead of traditional on-premise software benefit from a more flexible business model, improved financials, easier upgrade path, more operational flexibility and a better support model. Furthermore, SaaS contracts are usually monthly, so customers aren’t locked in long-term deals.


But one size of enterprise software does not necessarily fit all potential customers. SaaS apps are necessarily becoming more complex, because all of the low-hanging fruit for simple SaaS apps has vanished. There is also a perception that more complex apps are becoming more expensive to scale. While the upfront costs of SaaS adoption are low, the customers need to be wary of hidden costs.


Indeed, SaaS doesn’t solve all enterprise software issues: Enterprises use hundreds of applications that are not well integrated, which might result in security and information consistency issues. Additionally, driving frequent product updates may cause frustration among users who are accustomed to a certain workflow. The very ease with which users can purchase software services makes it just as easy to disengage on a whim.


Contributed by Nandavarapu Kiran, Director, Hi-Tech Practice, Blueocean Market Intelligence



Flexibility and Cost


The affordability and capability of today’s IaaS means that just about anyone can have instant access to a virtually unlimited pool of compute, network, and storage resources. It’s no longer necessary to make enormous upfront investments in hardware or other resources to test a grandiose idea. Now, you can spin up a few VMs and have them working on a global scale in minutes. This ability to test, iterate and innovate so rapidly (and affordably) is huge, especially in the age of agile software development. With IaaS, the resources needed to process and manipulate information are being democratized.


But despite its many benefits, IaaS is not optimal for certain use cases. Businesses that need ultra low-latency for sensitive applications are probably better off building a local data center where they can always guarantee optimal performance. And even in situations where IaaS is the best choice, many businesses are finding that managing a large amount of public cloud services can quickly become complicated. IaaS is still relatively new for many organizations so management best practices are still being fleshed out and refined.


One of the best things about IaaS is that you pay only for what you use. However, one of the worst things about IaaS is… you pay for what you use. Although the ability to easily accommodate huge spikes in traffic is appealing to lots of businesses, that blessing can become a curse if an unexpected traffic spike causes a huge increase in your cloud bill without a corresponding increase in revenue.


PaaS provides an environment pre-populated with specialized tools specifically for streamlining development and testing. Testing different configurations, browsers, and/or regions can now be done in minutes instead of months and much of the maintenance work traditionally associated with local development environments is taken care of by the cloud provider.


But PaaS typically offers much less flexibility compared to configuring your own development environment. It can be difficult to integrate certain in-house tools to a new PaaS environment. Additionally, if you’re developing on a PaaS platform, testing and debugging can potentially become trickier. PaaS is nice as it pre-configures and/or abstracts many of the processes required for setting up and running a development environment, but this also means it becomes harder to identify the source of a bug.


SaaS has allowed businesses of any size to leverage the type of IT resources that were previously only the domain of large companies, all with little to no upfront cost. However, while many applications are well-suited to a SaaS model, some aren’t.


The basic Office365 packages only provide access to web-based versions of Word, Powerpoint, and Excel, applications that millions of businesses worldwide depend on. But a SaaS model is far from ideal for people that frequently need to work on spreadsheets or presentations. While the web-only versions of the Microsoft Office apps are often adequate, their performance and features still pale in comparison to the desktop counterparts. Editing a 20 MB Powerpoint presentation full of images and embedded videos using only the web-based version of Powerpoint is a hellish experience that I wouldn’t wish on my worst enemies.


An additional disadvantage of SaaS is that many large companies are committing to a “cloud-first”, or in some cases, “cloud-only”, strategy – Microsoft has been especially vocal in this regard. Although there are many advantages to this strategy, applying it absolutely across all areas of business will not always benefit consumers, especially in the case of design/editing software as mentioned above. Many companies seem so enamored with the benefits of SaaS (to their bottom line and to their development teams) that they are overlooking the very negative effects that this delivery model can have on user experience.


Contributed by DoubleHorn



 The Dark Side of Services


The good that is coming out of the industry shift to cloud is large, loud, and is continuing to grow. The available set of IaaS capabilities has been expanding and maturing for years. It is now at the point where almost any application scenario can be accommodated on a cloud infrastructure. There are some legacy applications that are not compatible with the kind of commodity-based hardware that runs the largely Linux and Windows world of cloud, however, these hardware or Unix-dependent applications were already facing a crisis with the trend towards virtualization on commodity hardware.


PaaS is the cloud capability that gets developers most excited, and it’s a fast growing capability is adding value by eliminating the need to develop or integrate many basic capabilities into applications. This can shorten and simplify software development and aid in scalability, using the elastic scalability that is the siren song of cloud.


However, PaaS has a definite dark side, because it is most likely to cause lock-in to a particular cloud. Additionally, use of PaaS services is often metered, and can result in unexpectedly high costs if the use case scenarios are not appropriate.


Last, using PaaS often requires re-engineering of existing applications. Being able to automatically migrate applications to the cloud and substitute the equivalent PaaS services for existing workload components and functions is key to leveraging PaaS offerings.


SaaS is the wave lifting the IaaS/PaaS boat: The largest percentage of cloud growth is driven by the adoption of SaaS applications. This is a fabulous opportunity for ISVs to more easily bring their software to market inexpensively, quickly and globally. It’s a double-edged sword, however, because with this democratization of software marketing and delivery comes increased competition and requirements for new competencies. ISVs have expertise in their software, but not necessarily in the “-as-a-Service” capabilities required to deliver solutions quickly and cost effectively.


Increasingly, ISVs are recognizing that if they can use a cloud platform that provides the “-as-a-Service” capabilities of tenancy, operations and commercial management, they can focus on their own software solution. The ability to “SaaSify” their software with a service available in the cloud becomes an advantage.


The major cloud ecosystems are all vying for market share, and they are doing many of the same things that hardware and OS vendors did in the past – offering proprietary features that add significant value and differentiation. It remains to be seen if this trend results in the same sort of competitive battles and attempts to lock-in customers that were prevalent in the era of the big hardware/OS vendors. It would be nice to think we had all learned something from the past, yet it seems the proprietary battles are shaping up to be fought again in the cloud.


Contributed by Scott Chate, VP Partner & Market Development, Corent Technology Inc.



 Everything is SaaS


Having been asked to comment on the nature of IaaS, PaaS, and SaaS, I had to go back to basics and ask myself ‘what are they, really?’ The conclusion I drew is that they are all basically the same. They’re actually all just SaaS. Let us look at them one by one.


IaaS is basically someone with a big server using software like VMware or Hyper-V to split up the server’s resources into software-based virtual servers. PaaS is basically someone with a big server using software like Azure to create software-based development environments. On these environments, people can write their own software – maybe even another SaaS solution – and present it to the world. SaaS is once more a big server using software so someone can have a virtual and shared service (for example, a CRM, accounts packages, and so on) so they do not need their own.
All are a just variation of SaaS, and all have the same potential problems to varying degrees. First, by using a shared service, all your neighbours could affect your performance. Second, the hacking opportunities are bigger. Third, an anonymous admin could delete all your data by mistake.


A good example of this is 123reg, whose customers’ virtual servers vanished after the hosting firm ran a script containing a catastrophic error as part of its clean-up process on the 123-reg VPS platform. More recently, GitHub deleted the wrong directory and then failed to restore data from backups. And last August, it was revealed that a data breach at Sage had exposed the details of 280 UK companies, although it’s not clear whether the information was just viewed or stolen.


To summarize, software companies are taking over the world, but remember: With software and users, errors follow.


Contributed by Richard May, Managing Director, virtualDCS



 Top Considerations in the Cloud Vendor Search


Cloud has extremely simplified purchase decisions. Previously, every IT purchase, whether software or infrastructure, was related to a high upfront investment and usually a long-term commitment. This obviously also meant a high decision risk: What if users don’t like the purchased solution? What if you miss or exceed predicted growth rates? What if new needs appear? In the cloud, the risk is moved to the vendor, as you can just stop using a service at any time. This in turn enables a higher pace and agility – organizations and teams can progress without delays related to long purchase decisions, and with the ability to adjust the toolset when they feel it no longer fits.


However, while there may be no legal or financial obstacles to changing a tool, you may find that your process, software, or data might not allow the change. A business using cloud services tends to rely on and integrate with those services more and more. When the time comes to switch, you discover you need, for example, to update your automation process because the APIs are different, the old software service is unable to export your data, or it is just not compatible. Typically, the higher in the stack, the more difficult it becomes to change.


Of course, this is not really a new challenge specific to the cloud. With on-premises solutions, switching a vendor was also a problem. But then, it was just one of the challenges; with the cloud, it is the major one. And it can get really ugly in the cloud if a vendor goes bankrupt or decides to give up on a service. You may face the disaster of suddenly having to make a switch immediately, no matter what. In the on-premises model, you ended up with without maintenance, but the systems still worked for the time being.


When choosing cloud vendors for business-critical services, it is therefore worth to at least check to see how difficult it would be to migrate. It might not be that difficult to switch infrastructure providers as long as you stick to pure virtual machines, but the more you use higher-level platform services, the more bound you become to them. Solutions based on open standards impose lower risk, as they can be easier to replace. It is also good to have a compatible solution for on-premises in case you need to assume full control. And it is worth considering portable tools that isolate you from any specific provider. Here, a good example is Docker as an alternative to VM images.


And a final thing to consider: cloud vendors tend to simplify the initial purchase decision, but may invisibly make it difficult to leave.


For instance, on-demand virtual machines make it very easy to step in. You pay per hour, so you can finish at any time. But later, you start to optimize costs with reserved instances. It rarely happens that you reserve all instances at the same time, so every instance has a different schedule. In the end, there is no point in time when you can switch out of a cloud vendor without losing some of the reservation costs or waiting a long time for all of them to expire.


Contributed by Marcin Okraszewski, Software Architect, Cloudorado



 Enterprises Operate Within Their Limits


Before the cloud, every huge enterprise had a data center with walls, guards, fences, and locks to secure critical data. Now, organizations of any size can take advantage of word-class data centers run by Amazon AWS or Google GCE. As more enterprises use cloud to grow their businesses, enterprises are able to offload some aspects of their IT management responsibilities to vendors. How much the enterprise wants to rely on others depends on how much they choose to either streamline or control.


With SaaS, enterprises do not have to worry about infrastructure all the way up to the actual code. SaaS is easy, accessible, and speeds time to market. SaaS is ideal for internal business functions like CRM and accounting, and is one of the leading areas of cloud computing.


But SaaS does limit what enterprises can do with their data. A SaaS provider can limit users into a system with regards to how they view and interact with their own information. For example, a web-only CRM system might not allow for bulk editing as an IaaS-hosted database would. SaaS providers can also change unexpectedly – any website change or policy update gets pushed to users without an enterprise’s ability to change it.


PaaS is at a very exciting place right now. Users are opting to go all-in on provider-controlled PaaS like Serverless and AWS Lambda, or want to totally customize PaaS features using containers like Docker. With serverless options, users can trade in infrastructure insights for lightning-fast deployment and automation. On the other hand, Docker and container users can bolt on any features they want with modular features.


In IaaS, enterprises have to manage more complex systems and are responsible for the security of things like end-to-end encryption, user access controls, and enforcing policy-based security standards. But such a level of control gives enterprises insight into the operation of all their business processes, without any surprises from vendors.


Contributed by Patrick Kerpan, Co-Founder and CEO, Cohesive Networks



 Where SaaS Falls Short


SaaS is an attractive way to get up and running very quickly with zero software development or other technical effort, but it typically doesn’t provide sufficient control, customization or integration possibilities for enterprise organisations. If your organisation provides digital or software-based products and services which differentiate you from your competitors, you need the flexibility to build solutions that are your own product, and which distinct from your competition’s. This is what leads organisations to consider IaaS/PaaS over SaaS.


PaaS platforms such as AWS Lambda, Google App Engine or Google BigQuery fully support custom development in a way that is not possible with SaaS, and at the same time completely eliminate the need to manage or secure the underlying infrastructure. But the overriding consideration with PaaS is the fact that it generally leads to vendor lock-in. If you want to retain the ability to move between infrastructure providers, you arrive back at the IaaS model, combined with a software architecture that allows you to transport your custom-developed systems between IaaS providers, should you need to.


The key to effective use of IaaS platforms, and to a lesser degree PaaS, is to ensure that you have a 100% software defined infrastructure (infrastructure-as-code). Unfortunately, we see many projects that are using IaaS services such as AWS, but have descended into an unwieldy, unmanageable set of poorly thought-out virtual infrastructure.


Therefore, if implemented poorly, IaaS just introduces a whole new class of problems that are just as challenging as the problems associated with poorly-implemented, on-premise infrastructure. The key to avoiding this pitfall is to ensure 100% software defined, version-controlled,% auditable, and reproducible infrastructure, whether it is on AWS, Google Cloud, OpenStack or Stratoscale.


Contributed by Dan Norris-Jones, Director and Co-Founder, Priocept



 Where is Your Data Safest?


With IaaS, clients of cloud service providers can focus on their own applications and databases, websites and IT systems without the obligation and capital expenditure of managing IT hardware, maintenance, data center space and extensive support. Pricing models allow for companies to only pay for the storage and hours they need to use servers for, which is significantly less costly than having to buy, maintain and then run your own hardware and networks. Cloud providers have the ability to offer an immediate increase in web services or resources in line with end of year financial runs or busy work periods. Additionally, regular task can be automated, thus saving time and increasing productivity in other areas.


However, working with IaaS raises concerns with regards to sensitive data. There is also the question of security compliance and adhering to external data security regulations: Does the provider have security measures in place to manage communication outages such as denial of service, or attacks such as IP spoofing, DNS poisoning, ARP poisoning or RIP?


With Paas, developers have no concern for the underlying infrastructure. They don’t need to buy, implement, manage and maintain the hardware that the applications run on. Bandwidth and resources are instantly scalable with increased workload, and similar to IaaS, pricing models allow handling of peaks at certain times. Databases, VMs and complete environments can be commissioned very quickly, reducing build times, developer costs and allowing applications to enter the market quickly. Additionally, developers can collaborate worldwide very easily and can use their own software on the platform.


However, developers working with PaaS are responsible for updating and upgrading the applications. And organizations will often be sharing space with other organizations. PaaS is also not as cost effective as SaaS, and the customer does not have as much control over VMs as with IaaS. Changing providers may also prove difficult.


With SaaS, users can log on to the application anytime, anywhere, with only an Internet connection. The cloud provider monitors, maintains, upgrades and backs up the underlying infrastructure and software versions automatically. Additionally, pricing models include the ability to scale up and scale down users.
SaaS setup requires minimal planning – solutions can be implemented in weeks rather than months. Last, cloud providers have an extremely resilient infrastructure tied into service level agreements for quality and uptime of service, and there are no license fees to manage, only subscription fees. But SaaS provides very little control over deployment, upgrade and testing. Additionally, the SaaS cloud provider has full access to customers’ data, unless encryption is used, and SaaS relies on a stable internet connection to work properly.


Contributed by Rhian Cohen, Principal Blogger, Electric Monk



 How Do You Determine the Right Model?


Which cloud service model best fits your organization? Surprisingly, this question is usually not asked when embarking on a cloud transformation project. Rather, the most immediate thought is to “lift and shift” the current server workloads to an infrastructure provider such as AWS or Azure. This approach comes with several risks. For example, cloud infrastructure works slightly differently from internal infrastructure, which might cause significant technical issues (such as performance problems).


You should begin from strategic objectives, and ask: What should the cloud bring your company? Cheaper IT, better IT, or faster IT innovation? These are different goals, which, together with your company’s current or planned IT competence, drive your service model decisions.


If you’re using information technology that is not very specific to your company, such as accounting and customer relationship software, my advice is typically to use SaaS. SaaS providers know better than you how the software should look and how to run it.


If, however, you have a strategic advantage in developing specific software, and want to move quickly – for example, with IOT and Big Data – my advice is to dip into the PaaS ecosystem. There is a ton of stuff out there that can get you up and running in record time.


Only in rare situations, where you want to have full and detailed control over the way your applications are distributed over machines, it makes sense to use IaaS.


I see this happening mainly in big internet properties like Netflix. Somewhat surprisingly, if you lift and shift your applications, you probably also need this level of control, but it won’t necessarily save you money in the long run.


See Peter’s full blog post on the subject.


Contributed by Peter van Eijk, Head Coach, clubcloudcomputing.com



 The Keys to IaaS Success


Compared to deploying on-premises bare-metal servers, leveraging the IaaS model can provide higher levels of physical and logical security, a more robust underlying hardware platform and complete management by IT professionals. Consider for a moment the single power grid that supplies a typical office building. Alternatively, a cooling system that keeps an average place of business at a constant temperature. Even more evident, the non-redundant server hardware that powers most organizations. All of these are subject to a single point of failure and with it, impact the availability of data and applications.


The key to a proper IaaS deployment, however, is validation. It would be a stretch to suggest that if not properly validated, an organization can find themselves running on refurbished hardware in a college student’s garage. But it is safe to say that not all service providers take the same level of care and attention to service delivery. At OffsiteDataSync, we deploy the best of the best – Cisco Infrastructure and servers coupled with Nimble Storage. Other commonly overlooked components include IPS redundancy with low latency and a variety of data protection platforms like Veeam and Zerto, with geo-redundancy options for replicating data and meeting organizational RTP/Os.


Ultimately, when it comes to data availability, you want to be sure that every day is business as usual.


Contributed by Matthew Chesterton, CEO, OffsiteDataSync



 The Rise of XaaS 


The persuasive wave of cloud computing is affecting every industry and every vertical we can think of thanks to its fundamental models – IaaS, PaaS, and SaaS. More companies across the spectrum have gained trust in cloud infrastructure services, pioneered by AWS. While IaaS provides a high degree of control over the cloud infrastructure, it is very-capital intensive and has geographic limitations. On the other hand, PaaS comes with decreased costs but offers limited scalability.


With its roots strongly tied to virtualization, SOA and utility/grid computing, SaaS is gaining more popularity. More so, it is gaining traction due to its scalability, resilience, and cost-effectiveness.


According to a recent survey by IDC, 45% of the budget organizations allocate for IT cloud computing is spent on SaaS.


As organizations move more of their IT infrastructure and operations to the cloud, they are willing to embrace a serverless/NoOps model. This marks the gradual move towards the XaaS model (Anything as a Service), which cannot be ignored.


XaaS is the new hulk of the cloud computing. Born due to plasticity offered by the cloud, XaaS can provide an ever-increasing range of solutions, allowing businesses to choose exactly the solution they want, tailored for their business, irrespective of size/vertical. Additionally, since these services are delivered through either hybrid clouds or one or more of the IaaS/PaaS/SaaS models, XaaS has tremendous potential to lower costs. It can also offer low-risk infrastructure for building a new product or focusing on further innovation. XaaS embracement has already gained traction, so the day is not far when XaaS will be the new norm. But at the end of the day, it all matters on how cloud-ready a company is for XaaS adoption.


Contributed by Amarkant Singh, Head of Product, Botmetric



 Top Benefits of XaaS Solutions


In my opinion, there are three major benefits of any XaaS solution: mobility, security, and predictability. Mobility is probably the biggest end-user benefit of any XaaS service, as it allows your users to work when and where they want. This allows the entire workforce to be more productive and efficient.


Security is another huge benefit, but it can also be the biggest risk of any XaaS service, which is why the selection of the service provider is so important. One of the benefits of cost sharing is that the economies of scale work in your advantage. All the top-tier XaaS service providers spend hundreds of millions or billions on security alone. For example, Microsoft has committed to spending 1 billion dollars a year for Security R&D, while most organizations smaller than the US Federal government can’t afford to spend a fraction of that on IT security. By subscribing to cloud services, you get all the benefits of their research and development for a small portion of that cost.


Predictability is a great benefit of an XaaS service provider. The predictability in costs, upgrades and rollout schedules, and features and availability are huge when trying to run and support a business. When evaluating one new client’s messaging environment, we identified that they had not updated their version of Microsoft Exchange in over 13 years and their Active Directory deployment was of the same vintage. We worked with the client to build a cloud infrastructure strategy and migrated them to Office 365 and Azure Active Directory Premium.


With XaaS, gone are the days of severely outdated platforms, software, and infrastructure. And because most service providers are on a per user cost structure, the ability to predict and control costs is also much easier than with a capital-heavy, locally-owned infrastructure and architecture.


Contributed by Paul Powell, Microsoft Practice Lead, Bishop Technologies, Inc.



 SaaS and PaaS: The Dream Team


IaaS, SaaS and PaaS all have their own pros and cons. Just like other available solutions, such as on-premise or a private cloud, the current situation a specific organization is in defines which solution fits best. Does your organization want to avoid changing too much in IT management and system administration, but wants to take advantage of cloud opportunities such as scalability and pay-as-you-go? Go for an IaaS solution, in which your IT infrastructure works the same way, but in a different place. Does your organization have to deal with law and regulation that prevents some IT components from moving to the cloud? Stay on-premise or look for other options such as private clouds.


However, if your organization wants to take full advantage of the possibilities in the cloud, PaaS and SaaS are the solutions that suit you.


PaaS and SaaS encourage your organization to work in a completely new and fast way. They make it easier to automate simple tasks, saving a lot of work for your organization and making you more flexible and able to focus on functionality.


You can focus on empowering your organization with helpful tools, that are accessible anywhere and at any time, so that your organization has all the resources to be innovative, fast, and a market leader.


Contributed by Jelle Visser, Sales and Marketing, Valueblue



 All That Glitters Is Not Gold 


SaaS surely mixes well with startups, whether they are technology startups or not. Almost every new business will gain competitive advantage by leveraging SaaS solutions. The good thing about SaaS is that you can set it and forget it – usually everything works well for the first few months/years. Certain SaaS providers also offer trial periods or even free memberships as long as you remain under the quotas. However, if you’re doing business you will probably want a paid plan, and everything will be shiny as long as you provide your credit card number. The business will grow and SaaS will scale, but that’s where the problem begins.


Either the SaaS service will become too small, or it will not scale well economically. “Well, let’s switch to another solution! Right?” And here things become awkward if not crippling. Migrating from a SaaS solution is not an easy task and non-technological businesses will suddenly feel all the technical debt on their shoulders. Sometimesת it may not even be feasible to migrate away from a SaaS provider, effectively locking in the company. The suggestion here is to think forward and select the provider also taking into account prices when the business grows.


PaaS is a sort of missing link between SaaS and IaaS, aimed at developers. It is relatively not known compared to its two brethren; it doesn’t shine much of its own. PaaS solutions abstract the developer from system administration tasks (such as setting up a server, language, database), thus allowing for easier deployment. PaaS solutions are easy to scale – adding a new node isn’t a problem and effortlessly deploying changes using a Continuous Integration chain is a dream finally coming true.


But beware: all that glitters is not gold. The developer must at least have a glance at how the technologies offered by the PaaS solution work under the hood, and needs to understand different concepts in order to produce applications that scale (for example, shared nothing architecture). Otherwise, things are bound to work badly and will not reach the expectations. New developers often overlook the need for commitment attracted by the “scale automagically” illusion. That’s where the ugly lurks, but that usually doesn’t stop such developers. And when things go wrong, you suddenly feel in need of a system administrator.


IaaS is the most powerful cloud of the three common models. It is also the steepest and the most difficult to benefit from. If implemented correctly, it can reduce OPEX costs, but if used thoughtlessly it can increase them by ten times. As opposed to what many may think, IaaS imposes the need for expert system engineers, or even so-called DevOps. IaaS clouds are so complex and extensive that the risk of one tiny thing breaking is at its highest.


And that’s where IaaS clouds usually fall short: Monitoring an entire fleet of virtual machines, networks, backups, endpoints, and so on soon becomes daunting, and while a custom solution may work in the short term, it is advisable to work alongside the cloud provider to get the best monitoring possible. Security is also an issue in the cloud, up to the point where some companies are not able to use public cloud because of national laws. And the ugly? Whether from on-premises to cloud or from cloud to cloud, migrations are complex. Thanks to open standards and software like OpenStack the migration problem is slowly backing off, and many companies are deploying their own private clouds in order to leverage the technology more than the product.


Contributed by Mark, Blogger, Marksei



 Effectiveness and Limitations


IaaS is the most flexible and customizable of the available cloud services. For many users, IaaS is the start of their cloud journey. A user is free to choose the right options for computing, network and storage services based on requirements. Furthermore, the user has a very high degree of control over the environment. But too much flexibility might sometimes be overwhelming for users, and this is precisely the problem with IaaS. For example, AWS provides so many options for EC2 that for many users, selecting the right one can be daunting. Additionally, provisioning and Ops management of the IaaS instances is the end-user’s responsibility and infrastructure management is non-trivial. IaaS is also more costly as pricing is based on compute units.


PaaS shortens the time and resources required to develop applications due to the availability of add-ons or out-of-box functionalities. Examples of such add-ons are application aware load-balancing, authentication and authorization, big data services and analytics, and so on. Consequently, leveraging PaaS results in faster time to market. The infrastructure aspects of the application (such as resource allocation, capacity planning, environment creation, and so on) are handled by the PaaS provider, thereby letting the end-user to focus on their core business. However, overuse of PaaS add-ons or out-of-box functionalities can result in lock-in, which might create migration issues. PaaS is also limited by the supported language runtimes.


SaaS is the most effective of cloud services because it reduces the overall software acquisition and related infrastructure costs. There is no need to worry about the management of the application and its hosting infrastructure and no vendor lock-in (one can always decide to move to a competing product). Furthermore, integration with other SaaS offerings is relatively easier and adds to the overall value of leveraging SaaS.


But the biggest concern with SaaS is data security and on-premise integration. Challenges include: integrating SaaS with existing applications, availability of well-defined APIs and the cost of accessing them (such as when integrating an existing SSO solution), user onboarding and offboarding, and integrating SaaS with existing on-prem applications.


SaaS also results in a loss of control over the upgrade lifecycle and application configuration, testing and configuration parameters. And finally, depending upon the number of SaaS offerings being used, management and governance can also be a challenge, because each offering comes with it’s own management console.


Contributed by Pradipta Banerjee, Blogger, CloudGeekz



When Is Each Service Ideal?


SaaS is ideal for businesses where certain software is used irregularly or in the short term, such as for tax or billing software. Furthermore, businesses that rely on remote access from different devices benefit from SaaS models, as their software can be accessed on any device. But SaaS falters when a company needs speedy processing – running software locally is faster and more reliable than browser-based apps. Another drawback is that some companies are unable to host data externally due to regulations, which forces their hand to another solution.


PaaS is ideal for scenarios where a larger team will be working on development, or when a company is developing an app to utilize an existing database. The main appeal of PaaS is highly flexible app development. On the flip side, PaaS falls short when portability is required in app hosting, where proprietary languages are an issue, or when a company needs to heavily customize an app.


IaaS means a business can pay for exactly as much as they need, when they need it – making it a fairly cost-effective solution. For businesses with many spikes and falls in demand, IaaS is very beneficial. This scalability also works well for new businesses or businesses that are growing quickly, as they can avoid major investments in hardware. Other, steadier businesses can take advantage of IaaS for experimenting with novel infrastructure, like testing a different operating system. But like SaaS, one of the primary reasons businesses do not go with IaaS is regulations that prevent them from storing data externally. Additionally, if a company has already invested heavily in hardware, the costs of IaaS may not be justified.


See the full article.


Contributed by CTS



 The Future of Cloud Computing 


We think about cloud computing when we need a scalable solution that can be quickly adapted to the requirements of the organisation’s time and that does not require substantial human and material investment. New business models that migrate existing solutions to the cloud or simply use applications and platforms lessens the burden on managers and allows them to focus entirely on business issues.


In my opinion, the different classification models adopted by the cloud community and assimilated as standards by cloud ecosystems are only conventions. IaaS, PaaS, and SaaS are clearly different models, involving different technology components with different addressability. It is difficult to directly compare these models because there are very different. It’s important to understand who the users for each model are, and how cloud migration is solving their basic needs: IaaS addresses IT departments; PaaS and all middleware solutions migrated in the cloud are meant for apps developers, and SaaS is very clearly meant for end-users (be it enterprise or private users). Each model has his own adoption popularity and migration threats.


Additionally, from the enterprise point of view, the majority of cloud migration projects are involving a mix of models. This is similar to the attempt to compare public and private cloud – today, it is clear that the most accepted form is actually hybrid cloud. But there already are a lot of different interpretations, even for the hybrid concept. Recently, the hybrid cloud has started to define various combinations between cloud and on-premises delivered solutions, which is now being discussed as distributed cloud or edge/fog computing in different interpretations. This type of cloud technology is moving the initial processing phases to the user’s terminals (networking edges) in real time, sending to the cloud only recordable data.


The next step is towards software-defined everything or hyper-converged systems, consisting of bundles of hardware and software that integrate particles of processing, storage and networking. Everything is managed by IT admins and by orchestration systems based on cloud tools and development practices.


Contributed by Radu Crahmaliuc, Founder, CloudMania



The Benefits of IaaS


The value of moving to IaaS is clear: agility and reducing OPEX costs. Using IaaS, IT departments can easily allocate and align their IT resources with peak loads, and organizations can achieve greater flexibility to meet their market demands. With IaaS, you can go from a capital expense-heavy IT budget to a negligible operational expense budget. However, picking a public cloud IaaS where a private cloud is possibly a better choice might be a recipe for cost and complexity. Many public clouds limit the amount of customization and control you have over the environment, potentially leaving you to contend with noisy neighbors, latency issues, suboptimal application performance, and security concerns – all of which eat up time and energy.


When moving to an IaaS infrastructure, you may consider your implementation costs and daily maintenance expenses. (such as costs associated with converting from physical to virtual environment, applications or codes that might have to be re-written, legacy applications that can’t be moved at all, necessitating a hybrid IT environment along with its associated complexity, and so on), but unanticipated costs can completely disrupt financial expectations and disillusion both the IT and executive suite.


With SaaS, you are aligned with your users’ expectations from the beginning, with no additional and costly development. You can easily deploy marketing, HR or accounting solutions that can be accessed by every kind of connected device using a web interface, and improve your overall productivity.


But because the market is full of new SaaS providers, if you’ve granted your SaaS provider a high degree of control over your business data, carefully check the terms and conditions in the SLA and in the PLA. Additionally, trying to switch SaaS providers can be quite a hassle because there is usually no interoperability and integration between SaaS solutions. One alternative is to use a SaaS marketplace, which is usually provided by a large IaaS provider, which creates the risk of increasing your dependency on a locked-in technological platform. That’s why interoperability should be a requirement for all major cloud players.


PaaS allows organizations and IT departments to easily use development and testing resources at a lower cost, with fewer resources, to leverage their overall innovation. Developers can use various libraries, frameworks, and services to build, test, iterate and deploy applications in days or weeks, not months or years.


But with a limited number of PaaS vendors in the market today, each of which wants to build a binding relationship through its comprehensive offerings, a vendor lock-in period is often the norm, which can limit the client’s choices.


Additionally, unless you’ve made the choice to work within a 100% open source environment (in-house and cloud), integrating PaaS services with your other systems and applications might increase complexity. Furthermore, the integration of on-premise data contained within in-house legacy systems and PaaS-based applications is often challenging.


Contributed by B2cloud



 Don’t Forget About Multi-Tenancy 


Although some experts believe that when it comes to security and performance, a single-tenant model would fit better, I see multi-tenancy as the most elegant and cost efficient cloud deployment model. Not being able to offer a cloud application with multi-tenancy just shows that these applications/platforms were not fully designed to be cloud first.


SaaS and PaaS solutions are more closed compared to their on-premise counterparts. In itself this is not a bad property – having an application supported and maintained in the cloud implies lesser control of the internal workings. But particularly for large ERP applications, this forms a huge gap for SaaS. ERP customers are used to extensive (supported) customizations in their on-premise solutions, which are sometimes tightly coupled to the application data model. These types of customizations are no longer supported in a true SaaS model. But some cloud providers do offer SaaS applications which are fully customizable. This type of unmanaged SaaS is in fact an IaaS solution with some business application pre-installed.


But there are also benefits to PaaS and SaaS models. Managed PaaS/SaaS offers customers the benefit of application or platform usage, without the hassle of infrastructure and maintenance. This provides large enterprises an extra choice. Moreover, managed PaaS/SaaS suddenly enables small to medium enterprises to quickly adopt mature enterprise solutions, which would otherwise be too large/risky to implement on their own.


As mentioned earlier, customizing SaaS has become harder compared to on premise. On premise customizations no longer supported in SaaS need to be reconsidered, and moved out of the application into a better place. This better place can be in the cloud as well. For example, cloud platforms can provide integration, Java, or database tooling. Tooling is well suited to support any customizations previously present in the on-premise application.


Embedding these PaaS customizations into SaaS can be a challenge. But some cloud providers already provide great support for this, see my article about this topic.


Contributed by Richard Velden, Developer, Werken bij Qualogy



Why Containers Matter


The biggest change in the field of cloud services is the enthusiasm around containers. I see the success of this as similar to the success of APIs compared to the success of SOA: SOA was complicated and difficult to implement for most companies. Few implemented it well or completely. In a similar way, containers completely outstripped PaaS in months. Why? PaaS is complicated, requiring significant retraining of workforce and investment by. I saw that many companies were not up to it. Smaller container management tools such as Kubernetes and Swarm combined with other open source tools provide a lot of the functionality of PaaS with much less complexity and risk.


Nonetheless, the effort required to implement high-quality container implementations is hard because implementing containers involves many moving parts. A typical full stack to implement a service with security, self-healing capabilities and some scaling requires 10 or 20 components. Most companies consider agility one of the big advantages of moving to the cloud, so you need to integrate your Continuous Integration/Continuous Deployment processes with containers. To deploy a container environment with all the pieces to make it work well, you need to invest in a substantial amount of DevOps.


A recent survey by Logicworks concluded that the most difficult position to hire for today is DevOps. Good DevOps people need to understand the latest technology evolving at a hyper pace with a lot of different open source products, as well as all the tools needed to implement automation like Terraform, Cloudify, Chef, or Puppet and tools such as Cliqr, rightscale and others. Most of these tools evolved before containers became prevalent and are not built to help you deploy and manage multiple instances of stacks of containers. These requirements are not well understood by most companies when they begin the transition to the cloud and containers.


Complicating this picture is the evolution of new aaS technologies such as FaaS (Function as a Service), new techniques for cutting costs like spot instances, dealing with multiple region deployment and complicated deployments like Blue/Green or Canary. There is evolving legal requirements for different regions of the world on data. The evolution of the open source projects that underlies all this is blistering. If you have 20 components in your stack, each one may upgrade 3 times a year meaning you are potentially dealing with 60 upgrades a year.


Contributed by John Mathon, CEO, Agile Stacks Inc.



The Manual Assignment Disorder 


Most organizations manage network assignments using Excel spreadsheets. When the networking team receives a request to set up a new network, they access the spreadsheet for suitable resources. Once a free space is identified, some manual magic is done and voilá – behold the network.


While this method has served our industry well for the last 20 years, it is not aging well.


Based on recent evidence we have gathered from service providers offering Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) products to their customers, these common practices are in fact now causing an outbreak of Manual Assignment Disorder. This newly found syndrome could paralyze entire teams responsible for service automation.


Three different symptoms routinely reveal this newly identified condition:

Amnesia: Network Amnesia often becomes apparent when an automated process requires a source of accurate network information, but it turns out it is nowhere to be found.
Headache: We have witnessed multiple cases where sudden bursts of dynamic data have caused sudden bursts of stabbing headache in otherwise healthy networking teams.
Anxiety: When pieces of critical information are only stored between the ears of Joe the network pro, attempts at service automation can come to a screeching halt. These incidents have been known to cause anxiety among senior management types responsible for strategic automation initiatives.


As Manual Assignment Disorder is a relatively common occupational hazard within the networking community, it is not a condition to be ashamed of. So rather than medicalizing the problem, our recommendation is to treat it with healthy doses of modern technology that automates the MAD away.


Contributed by Juha Holkkola, Co-Founder and Chief Technologist, FusionLayer Inc.



Cloud Security and CASB


When security is done right, cloud can be even more secure than traditional software. 62.9% of IT professionals believe the cloud platforms have equal or better security than on-premises software. But it requires additional effort, strategy, and tools to securely take advantage of the cloud’s benefits.


Every cloud service operates under the shared responsibility monitor: The cloud provider protects from certain threats at the infrastructure level, and the cloud customer remains responsible for configuring and using the service securely. Gartner predicts that 95% of cloud security incidents will be the cloud customer’s fault. The challenge for companies using cloud is to protect their data from internal and external threats ranging from insider threat, compromised accounts, compliance violations, and more.


A company may store confidential intellectual property, customer payment information, or health information in a cloud service like Office 365, Box, or Salesforce.com. While they trust the Office 365 platform, they lack the same controls they had for data on the corporate network. Cloud access security brokers (CASB) have emerged as an absolutely mandatory technology for companies using cloud services. The corporate security perimeter has shifted from the network to devices to the cloud, and a CASB is a single control point for managing security across all cloud applications. Gartner breaks the security controls a company needs for the cloud into four categories: visibility, data security, compliance, and threat protection.


An employee falling victim to a phishing attack can lead to a hacker logging into a corporate cloud service with a stolen password and gaining access to sensitive information. An employee may knowingly or accidentally use a cloud application to improperly share sensitive company information with people outside the company. Compliance regulations can require a company to encrypt certain types of sensitive information in the cloud, exposing a company to risk of fines or an audit failure if the policy is violated.


When it comes to IaaS services, companies have hundreds of custom applications that lack dedicated security solutions. These applications face similar security challenges to SaaS applications, yet companies also need to worry about securing the IaaS platforms on which these applications run. A CASB enforces critical security capabilities for all applications – SaaS, PaaS, and IaaS – so that companies can gain back control of data in the cloud.


Contributed by Kamal Shah, SVP of Products and Marketing, Skyhigh



Taking Communications to the Cloud- CPaaS 


The shift of communications technology from premises-based systems to cloud services is gaining momentum. Because the shift to cloud is further along in other software categories (for example, storage, email, analytics, CRM, ERP), companies have grown comfortable with moving technology services to the cloud. Communications, until now, has lagged behind other categories in the shift to the cloud, but it is gaining momentum and moving faster toward the cloud services model.


These two trends – the shift from standalone, siloed communication environments to embedded communications, and the shift from on-premises communications systems to cloud-based services – are big market drivers today, and the pace of those shifts are accelerating.


The good news it that when companies move their communications to the cloud, they have a few great options to choose from.


The first choice is to replace their existing PBX or contact center technology with similar solutions in the cloud. This replicates their calling experience for employees and customers and provides the least amount of disruption to the organization. Users will have the same capabilities they expect, like making and receiving calls on a traditional handset, voicemail, multi-party conference calling, and so on. And in many cases, there will be added capabilities and greater usability.


The second option is to evaluate purpose-built software solutions for a given industry or function, which have real-time communications pre-integrated into the workflows. These communication-native business process applications allow the dental receptionist to better schedule patients, the salesperson to handle communications within their CRM, or the claims processing unit to automate claim status SMS notifications. In these cases, communications is no longer a standalone application, but an integrated capability within a critical and valuable software solution. There are more and more options in this category as software developers recognize the power of integrated real-time communications to their offerings.


The third option is to build your own, custom solution in the cloud, leveraging a Communication Platform as a Service (CPaaS) platform. These solutions allow you to avoid operating critical communications infrastructure while maintaining control over the customer experience. It’s still a cloud model – no investment in infrastructure and technology and no need to worry about upgrades and enhancements on the hardware side. But you’re using APIs to build the communications applications exactly the way you want to create your own call flows and business logic. With APIs, you can tailor the system to meet your specific needs.


Transitioning to the cloud is an opportunity to focus enterprise IT resources on different systems, to leverage the tremendous marketplace of powerful solutions built with your specific needs in mind, or to simply avoid operating communications infrastructure while maintaining a bespoke customer experience. Finding your right path will be the product of identifying where your company differentiates in the customer experience, performing thorough research on your available options, and working closely with your users to ensure they are ready to adopt the chosen solution. Customers, external and internal, expect instantaneous and seamless voice and text services from the start – anything less can negatively affect the company’s reputation, productivity, and customer loyalty.


Contributed by Dan Nordale, Chief Revenue Officer, Flowroute



 A Closer Look at the Benefits


The death of commodity IT services, such as email, begins with IaaS, PaaS, and SaaS, and culminates in XaaS. The following strengths and pitfalls can be ascribed to each portion of the SPI model:


IaaS gives leeway to users to build as they please, offers shared control over processes, shared on premise and cloud functionality, prevents “cloud bursting,” and offers scalability. However, sometimes buyers feel they must rely too much on their IaaS provider to intervene when issues arise.


With regards to PaaS, benefits are speedy deployment, versatile configuration options, and unparalleled performance assessment, whereas weaknesses include difficulty integrating with existing applications, software, and systems.


And finally, when using the SaaS model, there is no tech expertise required, it is very low-cost and is great for small businesses, and offers reduced hardware dependence. However, implementing SaaS might involve input delays and exclusive dependence on the internet.


Although the SPI models are important, the impact of XaaS will tip the scale toward a massive paradigm shift in which technology is no longer considered a mere resource, but also a strategic imperative for ensuring business profitability in mass.


Contributed by James O’Connor, Analyst and Technical Writer, eFileCabinet