Although this article cites examples for business models quite larger than many of ours, the principles presented and discussed are valid for all of us, and for this reason I have presented it in VodaTalk.
Are Software Services Superseding Packaged Offerings?
Yes: Software delivered as a service is proving to be a more compelling and economical way to acquire applications
by PaulSimmonds, CISO, Imperial Chemical Industries
Packaged software is slowly disappearing from the corporate landscape, and it's being replaced by software-as-a-service (SaaS) offerings. Businesses are finding these predominantly Web-based packages to be cheaper, simpler, and more flexible.
As software becomes available "on demand" from vendors, more organizations like mine are realizing how much sense it makes to procure applications this way. Research firm IDC predicts that the SaaS market will grow at a 21% compound annual rate, reaching $10.7 billion in 2009. (For more on the topic, see Apps On Tap.)
The new model has several advantages over packaged software products that are proving attractive to CIOs. First, SaaS is easier to install and less expensive to buy and maintain. When software is accessed via a service, there's no need to manage and patch applications and versions across hundreds, if not thousands, of desktops. That results in huge savings.
In addition, companies can launch SaaS-based projects more quickly because the software is ready to use; IT departments don't need to get involved with software cycles and renewals; and there's no need to worry about hardware or upgrades as the applications evolve. Also, SaaS delivers standardized applications that can be configured to meet specific business processes.
At Imperial Chemical Industries (ICI), a $10 billion global manufacturer of paints and specialty products, we've decreased the number of packaged applications we're delivering to PCs. Five years ago, we had probably twice as many packaged applications. Now, we're using more lean clients: a Windows-based device with Lotus Notes, a Web browser, and maybe a Citrix client to access whatever the user needs.
One of the best examples of SaaS I've used is our vulnerability-management application, which we get through a subscription service from Qualys Inc. The service lets us quickly strengthen the security of our systems and conduct automated security audits without a capital outlay for servers, added infrastructure, ongoing maintenance costs, and skilled labor to support the hardware that runs the application.
We use similar services for our E-mail antivirus and antispam efforts, and are evaluating a service-based architecture for Internet filtering. We're also moving many legacy applications to an on-demand model via technologies such as Citrix. Going forward, we'll take advantage of this new model at every opportunity where there's a strong ROI.
Packaged software isn't completely gone from the corporate environment, of course. We still use products such as Notes for messaging and other functions because we have a huge investment in these products or because they still deliver value to our organization.
Moreover, technological obstacles still face SaaS. Most offerings lack a robust user interface, for instance. Nevertheless, we're seeing huge strides being made with technologies such as AJAX, which offers rich interfaces to be delivered into a browser. I see these efforts accelerating the adoption of SaaS.
It's clear that our company, others in our industry, and businesses in general are seeing the wisdom of moving to this more sensible software model. Leading vendors such as Microsoft and Oracle are sensing the trend, too, and have launched SaaS strategies. In a study released in March, IDC said the acceptance of SaaS delivery models was expected to further increase this year. In addition, IDC said SaaS will help drive a software industry transition to subscription licensing.
PaulSimmonds is chief information security officer at ICI. He's on the board of the Jericho Forum, an international group of organizations working to promote more effective security technology.