analysis of saas and on premise ict solutions for smes in ... · analysis of saas and on premise...

Graduate School of Social Sciences

Department of Business Administration

Analysis of SaaS and On Premise

ICT solutions for SMEs in Turkey

e-MBA Graduation Project

Salih Bülent Özkır

101112127

Project Advisor:

Yrd.Doç.Dr. Levent Aksoy

İstanbul, Ocak 2012

T.C. MALTEPE ÜNİVERSİTESİ

e-MBA BİTİRME PROJESİ ONAY FORMU

Proje Konusu : Analysis of SaaS and On Premise ICT solutions for SMEs in Turkey

Projeyi Yapan Öğrencinin;

Adı Soyadı : SALİH BÜLENT ÖZKIR

Öğrenci Numarası : 101112127

Maltepe Üniversitesi e-MBA yüksek lisans programının Proje dersini “Başarılı” olarak

tamamlamıştır.

Bu form ile birlikte 2 suret ciltli bitirme projesi ve Bitirme Projesi dosyasını içeren CD ile

Sosyal Bilimler Enstitüsüne teslim edilecektir.

20 / 01 / 2012

Yrd.Doç.Dr.Levent Aksoy

Proje Danışmanı

TABLE OF CONTENTS

PREFACE ..................................................................................................................... i

ABSTRACT ................................................................................................................. ii

LIST OF ABBREVIATIONS ..................................................................................... iii

LIST OF TABLES ...................................................................................................... iv

LIST OF FIGURES ..................................................................................................... v

1 INTRODUCTION ............................................................................................... 1

2 DEFINITION AND TAXONOMY ..................................................................... 4

2.1 Overview of Cloud Computing ..................................................................... 4

2.2 Definition of Cloud Computing .................................................................... 6

2.2.1 Deployment Models ............................................................................... 7

2.2.2 Service Models ....................................................................................... 8

2.2.3 Essential Characteristics ........................................................................ 9

2.2.4 Illustration of NIST Cloud Definition .................................................. 10

2.2.5 Differences in Scope and Control among Cloud Service Models ....... 11

2.3 Conceptual Cloud Reference Architecture .................................................. 13

2.4 Possible Services Available to Cloud Consumers ....................................... 16

3 PROBLEM DEFINITION ................................................................................. 20

4 METHODS ........................................................................................................ 24

5 SaaS MARKET AND VENDOR ANALYSIS .................................................. 27

5.1 Changing Sources of Firm Software ........................................................... 27

5.2 Evolution of SaaS - Yesterday, Today, and Tomorrow .............................. 28

5.3 Forrester Research SaaS Maturity Model ................................................... 30

5.4 Key Technology Considerations for SaaS Providers .................................. 33

5.5 In House or SaaS ......................................................................................... 34

5.6 Advantages of SaaS Service Model for Turkish SMEs .............................. 35

5.6.1 Hardware, Software, and IT Staff Cost Savings .................................. 38

5.6.2 Easy To Adopt ..................................................................................... 40

5.6.3 Less Problematic Software Updates and Patches ................................ 40

5.6.4 Scalability on Peak Times .................................................................... 40

5.6.5 Pay per Use Financial Model ............................................................... 43

5.6.6 Improved Release Management and Testing of New Releases ........... 43

5.6.7 Rapid Resource Provisioning ............................................................... 44

5.6.8 SLAs .................................................................................................... 44

5.6.9 Security ................................................................................................ 45

5.6.10 Few Technical Skills Required for New Technology .......................... 46

5.7 Disadvantages of SaaS Service Model for Turkish SMEs .......................... 47

5.7.1 Cloud Computing Knowledge and Understanding .............................. 49

5.7.2 Security ................................................................................................ 50

5.7.3 System Integration Capability .............................................................. 51

5.7.4 Ability to Move Among SaaS Providers and Ability to Change

Deployment Models When Necessary ............................................................... 51

5.7.5 Availability and Reliability .................................................................. 52

5.7.6 Adaptability and Task Productivity ..................................................... 54

5.7.7 Regulatory and Compliance Issues ...................................................... 54

5.7.8 Impact on IT Roles and Responsibilities ............................................. 54

5.7.9 IT Governance Issues ........................................................................... 55

5.7.10 Different Cloud Computing Standards among Cloud Providers ......... 56

6 TURKISH ICT MARKET ANALYSIS ............................................................ 59

6.1 Analysis of Current IT Usage, Risks, and Issues in Turkish ICT Market ... 59

6.1.1 ICT in Turkey and SWOT Analysis of the ICT Market ...................... 59

6.1.2 Internet and FaceBook Usage in Turkey and Europe .......................... 63

6.1.3 OECD Outlook for SMEs in Turkey ................................................... 66

6.1.4 Report Stating Turkey's SMEs Lag in IT ............................................. 68

6.2 Turkey Cloud Computing Survey Results .................................................. 69

6.3 SWOT Analysis of Using SaaS for Turkish SMEs ..................................... 71

6.3.1 Strengths of SaaS ................................................................................. 71

6.3.2 Weaknesses of SaaS ............................................................................. 73

6.3.3 Opportunities of SaaS .......................................................................... 75

6.3.4 Threats of SaaS .................................................................................... 76

7 DECISION MODEL FOR SELECTING SaaS PROVIDER ............................ 79

7.1 SaaS Provider Qualification Checklist ........................................................ 79

7.2 Multi Criteria Based Cloud Service Provider Selection Scoring Model ..... 81

7.3 Total Cost Of Ownership (TCO) ................................................................. 82

7.3.1 IT Service Costing Model for On Premise .......................................... 83

7.3.2 TCO Calculation Examples ................................................................. 86

7.3.3 TCO of SaaS vs. On Premise Using Simple Approach ....................... 86

7.3.4 TCO Of SaaS vs. On Premise Using another Simple Approach ......... 88

7.3.5 The SaaS vs. On Premise TCO Calculator .......................................... 90

7.3.6 TCO Calculation Comparing SaaS With On Premise Solution ........... 92

7.3.7 TCO for Office 365 vs. On Premise .................................................... 93

7.3.8 TCO for CRM On Demand vs. CRM On Premise .............................. 94

7.3.9 TCO for On Premise and Office 365 online using Microsoft’s tool .... 95

7.4 Return On Investment (ROI) ....................................................................... 99

7.4.1 ROI Comparisons for Different SaaS Applications Using Complex

Approaches ...................................................................................................... 100

7.4.2 Forrester Research’s Total Economic Impact Model Analysis for

Office 365 ........................................................................................................ 102

8 DISCUSSIONS ................................................................................................ 107

9 CONCLUSION ................................................................................................ 109

10 REFERENCES ................................................................................................ 111

CURRICULUM VITAE .......................................................................................... 113

i

PREFACE

This study is written as the final graduation work of the Maltepe EMBA English

program.

First of all, I would like to thank my study supervisor, Yrd.Doç.Dr. Levent Aksoy,

for lots of great inspiration, ideas, comments, and feedbacks.

I would like to sincerely thank Serdar Angün, Distance Education Coordinator at

Maltepe University, for his coordination, kindness, guidance, and professionalism

during my EMBA program.

I also want to express my utmost gratitude to my instructors at the program who

helped me to develop and improve my business acumen and skills.

Finally, lots of thanks are due to my wife, Yrd.Doç.Dr. Vildan Çetinsaya Özkır, for

expertly proof reading this study. Hopefully she has tried to remove all the serious

errors, but any that might be left are wholly my responsibility.

ii

ABSTRACT

This study is written to provide guidance for evaluation SaaS solutions and

comparing it with on premise solutions by developing an integrated framework

which includes qualitative and quantitative aspects. The cloud computing is a fairly

new technology that has many facets that remain mysterious to the average person.

This study will seek to help familiarize SMEs and analysts with the SaaS concept

and why it makes sense to subscribe IT applications online instead of owning them

on premise. The variety of options and potential benefits of SaaS make it a

consideration worth making.

This study is written for SMEs particularly who want to use their IT budget and

resources better than their competitors in the future. Although written with SMEs in

mind, large organizations may also benefit from it due to hybrid deployment models.

There are a several options when it comes to SaaS. SMEs must understand the

nuances inherent in the different models they evaluate, along with understanding the

difference between SaaS, hybrid, hosted, and in-house.

If we make analogy such as most companies do not build their own electrical

generating plants or their own water treatment facilities. They purchase only the

utilities they really need without wasting any resources deliberately. Why not do that

with computing in terms of fitness for purpose and fitness for use.

This study covers the in depth analysis of SaaS service model and public deployment

model of cloud computing. SaaS is never one-size-fits-all, however. IT departments

should have a clear framework for evaluating and operating any new model, and a

detailed supply chain IT impact assessment should be performed to determine if the

SaaS model is a good match for the operation. Benefits such as rapid deployment,

lower cost, and scalability must be balanced by other key decision criteria particular

to an organization such as fit for use, fit for purpose, total cost of ownership (TCO),

return on investment (ROI) and risk. Evaluations should consider both long-term

ROI and short-term total cost of ownership.

iii

LIST OF ABBREVIATIONS

CAL : Client Access License

COBIT : Control Objectives for Information and related Technology

CRM : Customer Relationship Management

ESB : Enterprise Service Bus

HIPAA : Health Insurance Portability and Accountability Act

HR : Human Resources

ICT : Information and Communication Technologies

IaaS : Infrastructure as a Service

ISO : International Organization for Standardization

IT : Information Technology

NIST : National Institute of Standards and Technology

NPV : Net Present Value

PaaS : Platform as a Service

PV : Present Value

ROI : Return on Investment

SaaS : Software as a Service

SLA : Service Level Agreement

SME : Small Medium Enterprise

SWOT : Strengths Weaknesses Opportunities Threats

TCO : Total Cost of Ownership

TUBISAD : Türkiye Bilişim Sanayicileri Derneği

iv

LIST OF TABLES

Table 2.1 Actors in Cloud Computing ....................................................................... 15

Table 5.1 Comparison Between In-House And SaaS Solutions ................................ 35

Table 6.1 SWOT Analysis of Turkish ICT Market ................................................... 60

Table 6.2 Internet Penetration in Turkey ................................................................... 64

Table 6.3 Internet and Facebook Usage in Europe, June 2011 .................................. 65

Table 6.4 Internet Usage and Population Statistics in Turkey ................................... 66

Table 7.1 A Scoring Model for SaaS Vendor Service Selection ............................... 82

Table 7.2 TCO Cost Components .............................................................................. 83

v

LIST OF FIGURES

Figure 2.1 NIST Cloud Definition ............................................................................. 11

Figure 2.2 Differences in Scope and Control among Cloud Service Models ............ 12

Figure 2.3 Seperation of Responsibilities .................................................................. 13

Figure 2.4 Conceptual Reference Model of Cloud Computing ................................. 15

Figure 2.5 Possible Services Available to Cloud Consumers .................................... 16

Figure 4.1 Integrated Framework for Filtering and Selecting SaaS Providers .......... 26

Figure 5.1 Sources of Software Expenditures ............................................................ 28

Figure 5.2 Possible Evolution Of SaaS from past to future ....................................... 30

Figure 5.3 SaaS Maturity Model according to Forrester ........................................... 31

Figure 5.4 Technology Considerations Regarding SaaS Provider Selection ............. 34

Figure 5.5 Primary Drivers for Considering Cloud Computing ................................ 38

Figure 5.6 Cloud Related Investments Can To Help Reduce ICT Spending ............. 39

Figure 5.7 Provisioning For Peak Load ..................................................................... 41

Figure 5.8 Underprovisioning 1 ................................................................................. 42

Figure 5.9 Underprovisioning 2 ................................................................................. 42

Figure 5.10 Malicious and Potentially Unwanted Software ...................................... 46

Figure 5.11 The Major Concerns And Barriers To Cloud Adoption ......................... 48

Figure 5.12 Key Concerns in Deploying Cloud based Business Solutions ............... 49

Figure 6.1 Breakdown of ICT Spending in Turkey ................................................... 61

Figure 6.2 Hardware Expenditure in Turkey ............................................................. 62

Figure 6.3 ICT Canada Projected Spending on Hardware, Software, Services and

Communications 2010 to 2013 (WITSA) Digital Plant, 2010, (Forecast in US$) .... 63

Figure 6.4 Top 10 Internet Countries in Europe, March 31, 2011 ............................. 66

Figure 6.5 Currently Leveraging Cloud Computing .................................................. 70

Figure 6.6 Leveraging Cloud Computing In These Areas Currently ......................... 70

Figure 6.7 Cloud Computing Initiative In Place Within The Organization ............... 71

Figure 7.1 A model for Calculating the cost of IT Services ...................................... 85

Figure 7.2 IT Service Based Costing ......................................................................... 86

Figure 7.3 The SaaS vs. On Premise TCO Calculator Comparison Data .................. 91

Figure 7.4 The SaaS vs. On Premise TCO Calculator Results .................................. 92

Figure 7.5 TCO For 100 Users SME, Office 365 vs. On Premise ............................. 94

Figure 7.6 TCO For 100 Users SME, CRM On Demand vs. CRM On Premise ....... 95

Figure 7.7 Microsoft Office 365 TCO Tool, Initial Page .......................................... 96

Figure 7.8 Microsoft Office 365 TCO Tool, Inputs Page .......................................... 97

Figure 7.9 Microsoft Office 365 Tool, Results Page ................................................. 98

vi

Figure 7.10 Microsoft Office 365 Tool, Cost Comparison Page For Office 365 vs. On

Premise Software ....................................................................................................... 99

Figure 7.11 Model: Total Economic Impact Analysis Summary - SaaS CRM ....... 101

Figure 7.12 Model: Total Economic Impact Analysis Summary - SaaS HR .......... 101

Figure 7.13 Model: Total Economic Impact Analysis Summary - Saas IT

Management ............................................................................................................. 102

Figure 7.14 Composite Organization Three-Year Risk-Adjusted Roi ..................... 103

Figure 7.15 Composite Organization Three-Year Risk-Adjusted Cumulative Cash

Flow ......................................................................................................................... 106

1

1 INTRODUCTION

Cloud computing is simply the ability to access files and applications online through

multiple devices, such as computer, browser, or phone. The analogy that derives

cloud computing concept is “if somebody needs milk, that person should not buy a

cow.”

Forrester Research defines cloud computing as a standardized IT capability

(software, infrastructure, or services) delivered in a pay-per-use self-service way

(Staten, 2009).

Cloud computing is a technology that uses the internet and central remote servers to

maintain data and applications. Cloud computing allows consumers and businesses to

use applications without installation and access their personal files at any computer

with internet access. This technology allows for much more inefficient computing by

centralizing storage, memory, processing and bandwidth.

Businesses around the world are already beginning to make the transition to this new

model of computing. Basically, there are three reasons why this trend is so

overwhelming: agility, focus and economics. Agility, focus, and economics are the

key factors that motivating companies to make the move to cloud computing.

The first is agility, which has several facets. Cloud computing speeds up the ability

to capitalize on new opportunities, and respond to changes in business demand.

Business can deploy applications much faster and more efficiently, and business can

deliver solutions to its end users so they can work from nearly anywhere, at any time,

across devices – in ways that are both secure and manageable. Also, with cloud

computing, the entire IT infrastructure business need to operate quickly and

2

efficiently is available at the “flip of a switch.” So, the next time the marketing

department launches a campaign and doesn't tell anybody, its Website is much less

likely to go down. The environment can quickly scale up and down to meet spikes in

demand.

The second factor driving adoption of cloud computing is "focus.” By this we mean

the ability to focus on improving the success of the business through better IT. Put

another way, business can focus more on innovation and less on infrastructure.

Today, the typical IT department spends most of its time and money on maintenance

and operations. Cloud computing cuts those costs down dramatically. ICT

infrastructure is abstracted and its resources are pooled, so IT runs more like a utility

than a collection of complicated (and often fragile) software and hardware systems.

When business can pay more attention to ideas than IT complexity, business adds a

new kind of value to the business.

The third factor driving adoption of cloud computing is economics. This means

lowering the cost of delivering IT and increasing the utilization and efficiency of the

datacenter and IT spending. The delivery costs go down because now business can

offer self-service of applications and resources, and business can meter the usage of

those resources in new and very precise ways. Utilization goes up because the

infrastructure resources (storage, compute, and network) are now pooled and

abstracted. So, for example, when a self-service application is finished, the server

and storage resources it used will go right back into the pool. The environment is

highly automated so the ICT systems are not just sitting around idle, they are always

at work as much as needed, not much, not less.

3

This study explores and analyzes the benefits and risks of cloud computing for Small

and Medium sized Enterprises (10 < full time employees < 251) in Turkey using

global and local information available. The study will inspects the ROI of public

Cloud Services offerings provided by some SaaS vendors. This study also performs

SWOT analysis of cloud computing for the SaaS market. The study will also exhibit

cost comparison of public cloud services vs. on premise IT including all direct and

indirect costs and benefits over 5 years. However, the keep the scope more

understandable and concise, the study will only focus on public deployment model

and SaaS service model, thus, private and hybrid deployment models as well as PaaS

and IaaS service models are excluded.

4

2 DEFINITION AND TAXONOMY

Consumer and business products, services and solutions delivered and consumed in

real-time over the Internet. Cloud services are shared, standard services, built for a

market, not for any specific customer. Cloud computing is a general term for

anything that involves delivering hosted services over the Internet. These services are

broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-

a-Service (PaaS) and Software-as-a-Service (SaaS). A cloud service has several

distinct characteristics that differentiate it from traditional hosting which is on-

premise. A cloud can be deployed as private, public, hybrid, or community.

2.1 Overview of Cloud Computing

Cloud computing, or simply cloud, is changing how IT delivers services and how a

user can access computing resources at work, from home, and on the go. Cloud

enables IT to respond to business opportunities with on-demand deliveries that are

cost-effective and agile in the long run. Much happening in enterprise IT now is a

journey to transform existing IT establishment into a cloud-friendly, cloud-ready,

cloud-enabled environment.

The evolution of cloud computing can be split into 3 phases (Banerjee, 2011).

The Idea Phase: This started in the 1960s and stretched to the pre internet

bubble era. The core idea of computing as a utility computing and grid

computing developed.

The Pre Cloud Phase: This started around 1999 and lasted till 2006. In this

phase internet as the mechanism to provide Application as Service got

developed.

5

The Cloud Phase: this phase started in 2007 when the term cloud computing

term became popular and the sub classification of IaaS, PaaS & SaaS got

formalized.

Client computing is one of the most optimum ways of providing computing

resources and software. The concept typically runs on the established convention of

the internet where clients and servers communicate remotely and on demand via

subscription model. The concept can sometimes be referred to as Internet as a

Product since all products provided via Internet infrastructure by commercial

companies can be rent as a kind of cloud computing service.

Cloud computing is a technology that uses the internet and central remote servers to

maintain data and applications. Cloud computing allows consumers and businesses to

use applications without installation and access their personal files at any computer

with internet access. This technology allows for much more inefficient computing by

centralizing storage, memory, processing and bandwidth.

Cloud computing provides new services ranging from data storage to end-to-end

computing. Cloud computing takes away the task of infrastructural deployment and

makes technology, platform or just software readily available commodities just like

electricity or water or gas or TV. One pays as per the usage besides other set up

costs, which when combined, are far less than the conventional ways of acquiring

technology.

Cloud computing is broken down into three segments: "application" "storage" and

"connectivity." Each segment serves a different purpose and offers different products

for businesses and individuals around the world.

6

Community cloud shares infrastructure between several organizations from a specific

community with common concerns (security, compliance, jurisdiction, etc.), whether

managed internally or by a third-party and hosted internally or externally. The costs

are spread over fewer users than a public cloud (but more than a private cloud), so

only some of the benefits of cloud computing are realized.

2.2 Definition of Cloud Computing

For Information Technology (IT) technical professionals, Cloud Computing may

mean utility computing, high speed grids, virtualization, automatic configuration and

deployment, on-demand and remote processing, and combinations of them. For

business users, Cloud Computing is simply the Internet, a cable form a service

provider or just something out there networked with my computer. Either public,

private, or in between, the conventional wisdom, as published in The NIST

Definition of Cloud Computing, assumes noticeable characteristic regarding how

computing resources are made available in Cloud.

Cloud computing is a model for enabling ubiquitous, convenient, on-demand

network access to a shared pool of configurable computing resources (e.g., networks,

servers, storage, applications, and services) that can be rapidly provisioned and

released with minimal management effort or service provider interaction. This cloud

model is composed of five essential characteristics, three service models, and four

deployment models (Mell & Grance, 2011).

The National Institute of Standards and Technology (NIST) explain these essential

characteristics, service models and deployment models as in the following

subsections.

7

2.2.1 Deployment Models

A cloud deployment model represents a specific type of cloud environment,

primarily distinguished by ownership and size. These can be summarized as private

cloud, community cloud, public cloud, and hybrid cloud (Mell & Grance, 2011).

Private cloud: The cloud infrastructure is provisioned for exclusive use by a

single organization comprising multiple consumers (e.g., business units). It may be

owned, managed, and operated by the organization, a third party, or some

combination of them, and it may exist on or off premises.

Community cloud: The cloud infrastructure is provisioned for exclusive

use by a specific community of consumers from organizations that have shared

concerns (e.g., mission, security requirements, policy, and compliance

considerations). It may be owned, managed, and operated by one or more of

the organizations in the community, a third party, or some combination of them,

and it may exist on or off premises.

Public cloud: The cloud infrastructure is provisioned for open use by the

general public. It may be owned, managed, and operated by a business, academic, or

government organization, or some combination of them. It exists on the premises of

the cloud provider.

Hybrid cloud: The cloud infrastructure is a composition of two or

more distinct cloud infrastructures (private, community, or public) that remain

unique entities, but are bound together by standardized or proprietary technology

that enables data and application portability (e.g., cloud bursting for load

balancing between clouds).

8

2.2.2 Service Models

A cloud delivery model represents a specific combination of IT resources offered by

a cloud provider. These can be summarized as Software as a Service, Platform as a

Service, and Infrastructure as a Service (Mell & Grance, 2011).

Software as a Service (SaaS): The capability provided to the consumer

is to use the provider’s applications running on a cloud infrastructure. The

applications are accessible from various client devices through either a thin client

interface, such as a web browser (e.g., web-based email), or a program interface. The

consumer does not manage or control the underlying cloud infrastructure including

network, servers, operating systems, storage, or even individual application

capabilities, with the possible exception of limited user-specific application

configuration settings.

Platform as a Service (PaaS): The capability provided to the consumer is to

deploy onto the cloud infrastructure consumer-created or acquired applications

created using programming languages, libraries, services, and tools supported

by the provider. The consumer does not manage or control the underlying

cloud infrastructure including network, servers, operating systems, or storage, but

has control over the deployed applications and possibly configuration settings for the

application-hosting environment.

Infrastructure as a Service (IaaS): The capability provided to the

consumer is to provision processing, storage, networks, and other fundamental

computing resources where the consumer is able to deploy and run arbitrary

software, which can include operating systems and applications. The consumer

does not manage or control the underlying cloud infrastructure but has control over

9

operating systems, storage, and deployed applications; and possibly limited control

of select networking components (e.g., host firewalls).

2.2.3 Essential Characteristics

A cloud is a distinct and remote IT environment designed for the purpose of remotely

provisioning scalable and measured IT resources. In order to remotely provision

scalable and measured IT resources in an effective manner, an IT environment

requires a specific set of characteristics. These characteristics need to exist to a

meaningful extent for the IT environment to be considered an effective cloud. These

can be summarized as on-demand self-service, broad network access, resource

pooling, rapid elasticity, and measured service (Mell & Grance, 2011).

On-demand self-service: A consumer can unilaterally provision

computing capabilities, such as server time and network storage, as needed

automatically without requiring human interaction with each service provider.

Broad network access: Capabilities are available over the network and

accessed through standard mechanisms that promote use by heterogeneous thin

or thick client platforms e.g., mobile phones, tablets, laptops, and workstations.

Resource pooling: The provider’s computing resources are pooled to serve

multiple consumers using a multi-tenant model, with different physical and

virtual resources dynamically assigned and reassigned according to consumer

demand. There is a sense of location independence in that the customer generally

has no control or knowledge over the exact location of the provided resources but

may be able to specify location at a higher level of abstraction e.g., country, state,

or datacenter. Examples of resources include storage, processing, memory, and

network bandwidth.

10

Rapid elasticity: Capabilities can be elastically provisioned and released,

in some cases automatically, to scale rapidly outward and inward

commensurate with demand. To the consumer, the capabilities available for

provisioning often appear to be unlimited and can be appropriated in any quantity at

any time.

Measured service: Cloud systems automatically control and optimize

resource use by leveraging a metering capability at some level of abstraction

appropriate to the type of service e.g., storage, processing, bandwidth, and active

user accounts. Resource usage can be monitored, controlled, and reported,

providing transparency for both the provider and consumer of the utilized

service.

2.2.4 Illustration of NIST Cloud Definition

The NIST cloud definition shown in the Figure 2.1 below recognizes several types of

cloud deployment models, service models, essential and common characteristics.

This figure lists “Common Characteristics” which is not part of the NIST essential

definition additional quality attributes in the lower section that can help to prioritize

what cloud features are important to organizations.

11

Figure 2.1 NIST Cloud Definition

Source: Joyner., J. (2011). How cloudy is your cloud - The NIST offers a cloud standard,

http://www.techrepublic.com/blog/networking/how-cloudy-is-your-cloud-the-nist-offers-a-

cloud-standard/4635

2.2.5 Differences in Scope and Control among Cloud Service

Models

The following Figure 2.2 illustrates the differences in scope and control between the

cloud subscriber and cloud provider, for each of the service models discussed above.

Five conceptual layers of a generalized cloud environment are identified in the

center diagram and apply to public clouds, as well as each of the other

deployment models. The arrows at the left and right of the diagram denote the

approximate range of the cloud provider’s and user’s scope and control over the

cloud environment for each service model. In general, the higher the level of support

available from a cloud provider, the more narrow the scope and control the cloud

subscriber has over the system (Jansen & Grance, 2011). The two lowest layers

shown denote the physical elements of a cloud environment, which are under

the full control of the cloud provider, regardless of the service model.

http://www.techrepublic.com/blog/networking/how-cloudy-is-your-cloud-the-nist-offers-a-cloud-standard/4635

http://www.techrepublic.com/blog/networking/how-cloudy-is-your-cloud-the-nist-offers-a-cloud-standard/4635

12

Heating, ventilation, air conditioning (HVAC), power, communications, and other

aspects of the physical plant comprise the lowest layer, the facility layer, while

computers, network and storage components, and other physical computing

infrastructure elements comprise the hardware layer.

The remaining layers denote the logical elements of a cloud environment.

The virtualized infrastructure layer entails software elements, such as hypervisors,

virtual machines, virtual data storage, and supporting middleware components used

to realize the infrastructure upon which a computing platform can be established.

While virtual machine technology is commonly used at this layer, other means of

providing the necessary software abstractions are not precluded. Similarly, the

platform architecture layer entails compilers, libraries, utilities, and other software

tools and development environments needed to implement applications. The

application layer represents deployed software applications targeted towards end-

user software clients or other programs, and made available via the cloud.

Figure 2.2 Differences in Scope and Control among Cloud Service Models

Source: Jansen, W. Grance, T. (2011). Guidelines on Security and Privacy in Public Cloud

Computing, http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-

computing.pdf

http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf


13

2.3 Conceptual Cloud Reference Architecture

One way to describe cloud computing is to base on the service delivery models.

There are three, namely SaaS, PaaS and IaaS and depending on which model, a

subscriber and a service provider hold various roles and responsibilities in

completing a service delivery.

A schematic is shown below in Figure 2.3 highlighting the various functional

components exposed in the three service delivery models in cloud computing

compared with those managed in an on-premises deployment. Essentially, cloud

computing presents separation of subscriber’s roles and responsibilities from those of

a service provider’s. And by subscribing a particular service delivery model, a

subscriber implicitly agrees to relinquish certain level of access to and control over

resources.

Figure 2.3 Seperation of Responsibilities

Source: Chou, Y. (2010). Cloud Computing Primer for IT Pros,

http://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-for-it-

pros.aspx

http://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-for-it-pros.aspx


14

In SaaS, the entire deliveries are provided by a service provider through cloud. The

benefit to a subscriber is there is ultimately no maintenance needed, other than the

credentials to access the application, i.e. the software. At the same time, SaaS also

means there is little control a subscriber has on how the computing environment is

configured and administered outside of a subscribed application. This is the user

experience of, for example, some email offering or weather reports in Internet.

In PaaS, the offering is basically the middleware where the APIs exposed, the service

logic derived, the data manipulated, and the transactions formed. It is where most of

the magic happens.

A subscriber in this model can develop and deploy applications with much control

over the applied intellectual properties. Out of the three models, IaaS provides most

manageability to a subscriber. Form OS, runtime environment, to data and

applications all are managed and configurable. This model presents opportunities for

customizing operating procedures with the ability to on-demand provision IT

infrastructure delivered by virtual machines in cloud.

As shown in the Figure 2.4, the NIST cloud computing reference architecture defines

five major actors: cloud consumer, cloud provider, cloud carrier, cloud auditor and

cloud broker. Each actor is an entity (a person or an organization) that participates in

a transaction or process and/or performs tasks in cloud computing.

15

Figure 2.4 Conceptual Reference Model of Cloud Computing

Source: Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L. & Leaf, D. (2011). NIST

Cloud Computing Reference Architecture,

http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505

The following Table 2.1 briefly lists the actors as defined in the NIST cloud

computing reference architecture.

Table 2.1 Actors in Cloud Computing

Actor Definition

Cloud

Consumer

A person or organization that maintains a business relationship

with, and uses service from, Cloud Providers.

Cloud Provider A person, organization, or entity responsible for making a

service available to interested parties.

Cloud Auditor A party that can conduct independent assessment of cloud

services, information system operations, performance and

security of the cloud implementation.

Cloud Broker

An entity that manages the use, performance and delivery

of cloud services, and negotiates relationships between

Cloud Providers and Cloud Consumers.

Cloud Carrier

An intermediary that provides connectivity and transport of

cloud services from Cloud Providers to Cloud Consumers.






16

2.4 Possible Services Available to Cloud Consumers

The documentation inside Cloud Reference Architecture outlines several cloud

computing examples depending on the service models (Liu et al., 2011).

Depending on the services requested, the activities and usage scenarios can be

different among cloud consumers. The Figure 2.5 below presents some possible

cloud services that can be provided to cloud consumers by cloud providers.

Figure 2.5 Possible Services Available to Cloud Consumers




List of possible services that can be consumed by a typical cloud consumer are

documented in the NIST Cloud Computing Reference Architecture as below.

SaaS services: SaaS is a model where an application is available on demand.

It is the most common form of cloud computing delivered today.


17

o Email and Office Productivity: Applications for email, word

processing, spreadsheets, presentations, etc.

o Billing: Application services to manage customer billing based on

usage and subscriptions to products and services.

o Customer Relationship Management (CRM): CRM applications

that range from call center applications to sales force automation.

o Collaboration: Tools that allow users to collaborate in workgroups,

within enterprises, and across enterprises.

o Content Management: Services for managing the production of and

access to content for web-based applications.

o Document Management: Applications for managing documents,

enforcing document production workflows, and providing workspaces

for groups or enterprises to find and access documents.

o Financials: Applications for managing financial processes ranging

from expense processing and invoicing to tax management.

o Human Resources: Software for managing human resources

functions within companies.

o Sales: Applications that are specifically designed for sales functions

such as pricing, commission tracking, etc.

o Social Networks: Social software that establishes and maintains a

connection among users that are tied in one or more specific types of

interdependency.

o Enterprise Resource Planning (ERP): Integrated computer-based

system used to manage internal and external resources, including

tangible assets, financial resources, materials, and human resources.

18

PaaS Services: PaaS is a platform available on demand for development,

testing, deployment and on-going maintenance of applications without the

cost of buying the underlying infrastructure and software environments.

o Business Intelligence: Platforms for the creation of applications such

as dashboards, reporting systems, and data analysis.

o Database: Services offering scalable relational database solutions or

scalable non-SQL data stores.

o Development and Testing: Platforms for the development and testing

cycles of application development, which expand and contract as

needed.

o Integration: Development platforms for building integration

applications in the cloud and within the enterprise.

o Application Deployment: Platforms suited for general purpose

application development. These services provide databases, web

application runtime environments, etc.

IaaS Services: IaaS is an IT environment with ability for a subscriber to on

demand provision infrastructure. This infrastructure is, for example, delivered

with virtual machines in which a subscriber maintains the OS and installed

applications, while the underlying fabric is managed by a service provider.

o Backup and Recovery: Services for backup and recovery of file

systems and raw data stores on servers and desktop systems.

o Compute: Server resources for running cloud-based systems that can

be dynamically provisioned and configured as needed.

19

o Content Delivery Networks (CDNs): CDNs store content and files to

improve the performance and cost of delivering content for web-based

systems.

o Services Management: Services that manage cloud infrastructure

platforms. These tools often provide features that cloud providers do

not provide or specialize in managing certain application

technologies.

o Storage: Massively scalable storage capacity that can be used for

applications, backups, archival, and file storage.

20

3 PROBLEM DEFINITION

IT investment is still very risky for SMEs. The results of this research revealed that

SME owners or managers are quite dissatisfied with their existing IT investment and

IT infrastructure (Turan & Ürkmez, 2011). Many issues related to IT usage and

adoption in worldwide SMEs is also valid for Turkey. Findings of the study are as

follows (Kutlu & Ozturan, 2008):

Increased use of IT in SMEs is mainly for operational and administrative

tasks. Proof of this is the dominant use of accounting and office software.

Development of internal IT skills produce high levels of success with IT

adoption.

Evidence for this is the increase in usage of production applications

indicating a higher level of adoption in parallel with an increase in number of

program developers.

Business owners and managers with positive attitude are inclined to be more

successful in adopting and implementing new technology.

Verification of this is the positioning of SMEs in a higher level of adoption

among the ones that encouraged their employees for IT usage.

One of the factors affecting the usage and adoption of IT in SMEs is the

expected benefits of IT. The findings of this study, which is an indication of

this item, point out that, expected increase in the accuracy of information,

comfort level with technology and expected increase in the processing speed

are the major factors affecting IT implementation decisions.

21

We have analyzed the Comscore metrics reports and Email Tracker 2010 usage data

reports. We have identified the following problems for SMEs worldwide. We believe

the same issues apply to the Turkish SMEs as well.

Most of the SMEs are still running old servers in terms of hardware and

software.

One or two employees oversee whole IT operations for growing company, so

they don’t have the luxury to apply proven best practices timely.

The SMEs don’t have strong backup, restore, and disaster recovery

capability.

SMEs cannot provide high availability or reliability targets.

Performance issues such as delays in mail delivery and email not

downloading properly on smartphones.

Calendars not synchronizing correctly.

SMEs have distributed remote workforce to compete with other SMEs and

large companies.

SMEs can go global if they have new opportunities abroad.

SMEs can merge with other SMEs or can be acquired by large organizations.

SMEs don’t have enough IT resources to take on new projects.

If employees change their cell phones, then their directory of contacts do not

work properly sometimes.

SMEs need to share and collaborate with peers and partners over the internet

with fewer clicks in a secure way. For example, they need to share large files

with advertising agencies.

Companies spend a lot of time in custom reporting using old technology and

disintegrated enterprise applications.

22

Employees cannot collaborate over internet. For example, they need to edit

same documents simultaneously.

Most of the SMEs have not obtained ISO 20000 and ISO 27001 certifications

which are related to ICT. Therefore they lack security standards.

Internet facing servers are not patched timely which poses security risks.

As a consequence of these research studies, we can deduce that today most of SMEs

have some pains related to their ICT including Software Adequacy, Timeliness,

Software Maintenance, Security and Integrity, Information Content, Productivity,

Information Accuracy, Documentation, Information Format, Vendor Support, Ease

of Use, and Training and Education, which are related to new technology adoptions

and operational costs. SMEs need to focus on higher priority projects related to core

business instead of supporting IT capital investments. SMEs also need to pay only

for services used as they have limited ICT budget. The SMEs have limited

operational ICT employees so they need to reduce IT complexity. Most of the startup

companies and SMEs often try different business opportunities but very few of them

become successful, most of these initiatives fade away. Some of these new products

require extensive ICT spending due to the nature of technology. For SMEs it should

be possible to add computing resources without building new infrastructure for these

new initiatives and research efforts. SMEs mostly don’t have enough ICT budget to

apply or upgrade to the latest ICT technology so they lack competitiveness and have

relative poor productivity gains compared to large organizations. Access to leading-

edge technology for a decent cost and effort will allow SMEs to use the latest and

brightest ICT technology similar to large organizations without making huge capital

and operational expenses.

23

To alleviate these problems for SMEs, cloud computing is becoming very popular

every day because customers only pay for the computing infrastructure that they

actually use. In many cases users experience lower IT costs than if they had to buy

all the equipment, hire the technical staff to run it and maintain it, and purchase

software applications. This type of on-demand computing is beneficial to small and

medium-size companies since they can easily scale up and down their IT

requirements as the pace of their business demands it. Larger organizations however,

may not want their most sensitive data stored on servers which they don‘t control.

System reliability is also a special concern to all businesses. The unavailability of

business data and applications for even a few hours may be unacceptable. The SaaS

model means that SMEs can get the latest software and required infrastructure at a

low, monthly cost, rather than having to go through the headaches of upfront

investments, installation and upgrades themselves.

24

4 METHODS

In this study, I propose an integrated framework with qualitative and quantitative

aspects. The elements of this methodology can be summarized as follows:

SaaS Evolution of Technology: SaaS technology has been around for a while.

We will investigate where it came from in the last decade and how it will be

evolving in the future.

SaaS Market Analysis and SWOT Analysis: SWOT analysis of SaaS

solutions are documented to give the knowledge about Strengths,

Weaknesses, Opportunities, Threats of SaaS vendors and solutions for

evaluators about the situation of the technology. Evaluators should check this

guidance to see different angles and perspectives.

Checklist for qualifying SaaS provider: There are several checklists when

checking the solution is adequate or not. There are several components to a

successful SaaS purchase, including Functionality, Implementation Process,

and Cost. There are multiple factors to consider when making the deal.

Scoring table for evaluation SaaS provider: The organization which selects

the SaaS solution from different vendors can score each SaaS vendor’s rating

for 1-9 for several characteristics to quantify criterion. The higher the score

the better for that SaaS vendor.

On Premise ICT costing model: In this section, all the direct and hidden costs

of having ICT on premise are revealed.

TCO – Total Cost of Ownership: Total Cost of Ownership calculation

examples help us to compare total cost of on premise ICT vs. SaaS solution.

ROI – Return on Investment: In this section, we focus on the net present

value of current SaaS investment’s return.

25

Based on these methods, I have developed a simple SaaS Evaluation Framework for

SMEs as listed below:

Is SaaS the right technology for my company?

o SaaS Evolution today and future

o SaaS Market Analysis

o SaaS Maturity Model

o Advantages and Disadavantages of SaaS model

o SWOT Analysis of SaaS

How should I filter the SaaS providers?

o SaaS Provider Qualification checklist

How should I select the right SaaS providers?

o Multi Critearia Based SaaS Provider Scoring tool

How much do I spend for On Premise ICT Services? How much will I pay for

online SaaS solutions? How much will I save if go for SaaS over On Premise?

o Direct and Indirect Costs per ICT Service calculation model

o Simple TCO calculation models

o Complex TCO calculation models

Will my costs outweigh my benefits if I invest in SaaS solutions?

o Complex ROI calculation models

If we illustrate the workflow of this model using a flowchart, it can be designed as in

the following Figure 4.1:

26

Is SaaS the

right technology

for my company?

START

END

Will my costs

outweigh my benefits

if I invest

in SaaS solutions?

How should

I filter the

SaaS providers?

How should

I select the right SaaS

providers?

How much do I spend

for On Premise ICT Services?

How much will I pay for online SaaS

solutions?

How much will I save

if go for SaaS over

On Premise?

Qualitative Methods:

SaaS Evolution today and future

SaaS Market Analysis

SaaS Maturity Model

Advantages and Disadavantages of SaaS model

SWOT Analysis of SaaS

Qualitative Methods:

SaaS Provider Qualification checklist

Quantitative Methods:

Multi Critearia Based SaaS Provider Scoring

tool


Direct and Indirect Costs per ICT Service

calculation model

Simple TCO calculation models

Complex TCO calculation models


Complex ROI calculation models

Figure 4.1 Integrated Framework for Filtering and Selecting SaaS Providers

27

5 SaaS MARKET AND VENDOR ANALYSIS

The rapid adoption of all forms of Cloud IT, from IaaS to PaaS to SaaS, is changing

the way that organizations evaluate and manage the concerns related to the selection

of SaaS solutions for business operations and management. But most of all, it is

changing how firms of all sizes, and in all markets, see and manage IT. Software-as-

a-Service (sometimes referred to as “Cloud-based business solutions”) is a means of

acquiring and using software via the Internet. With SaaS, users do not need to buy,

install, and maintain applications. All maintenance and upgrades are performed by

the SaaS provider. As a result, the key benefits of SaaS center on reduced upfront

cost and simplified software management. These benefits are helping to drive very

rapid and widespread SaaS adoption in all aspects of business, from desktop

applications to departmental solutions (such as sales force automation) to core

business systems such as finance and human resources. SaaS may be acquired, used,

and paid for in a variety of ways. The provider may charge per-use or through a

periodic subscription fee. Most providers offer volume license discounts that reduce

the cost per-user significantly. As a result, the software cost is typically an operating

expense rather than a capital expense (this is of particular interest to firms who need

to conserve their capital) (Saugatuck Technology Inc Report, 2010).

5.1 Changing Sources of Firm Software

Today many business firms continue to operate legacy systems that continue to meet

a business need and that would be extremely costly to replace. But they will purchase

or rent most of their new software applications from external sources. The following

Figure 5.1 illustrates the rapid growth in external sources of software for U.S. firms.

There are three external sources for software: software packages from a commercial

software vendor, outsourcing custom application development to an external vendor,

28

and cloud-based software services and tools. In 2010, U.S. firms will spend over

$291 billion on software. About 40 percent of that ($116 billion) will originate

outside the firm, either from enterprise software vendors selling firm wide

applications or individual application service providers leasing or selling software

modules. Another 10 percent ($29 billion) will be provided by SaaS vendors as an

online cloud-based service (Laudon & Laudon, 2011).

Figure 5.1 Sources of Software Expenditures

Source: Laudon, K.,& Laudon, J. (2011). MIS Managing the Digital Firm 12th Edition, New

Jersey: Prentice Hall, p. 192

5.2 Evolution of SaaS - Yesterday, Today, and Tomorrow

There is a dispute among analysts whether SaaS would displace standard on premise

software and hardware in the future or not. The classical software license model has

still a lot of strengths and will still find enough people that prefer this solution. But

the market share of SaaS applications will grow so that these two software

29

distribution models will complement each other. SaaS offer so many fundamental

advantages to the customer that it will not just become another IT hype that will not

last for a longer time. The strength of the one model is the weakness of the other

model and the other way round.

But SaaS is still just in the beginning of its evolution. The following Figure 5.2 whos

how SaasS evolved since 2003, and how it is expected to evolve by 2014. The huge

disadvantage of the SaaS model is the limited customizing. If the SaaS providers

make the provided software solutions more customizable to fit it to the special needs

of the customers -which will be quite possible - it will be much more interesting to

many companies. Many companies still do not see the potential of SaaS, especially

SMEs, or they just do not know what SaaS is at all. They often do not see that SaaS

has limited customizability. But every company that deals with the idea of using

SaaS must make itself clear what kind of restrictions - besides all advantages - SaaS

has got. So if the costs do not matter every company would get just the best

individual software solution. But in real the cost do matter so this is why standard

software is primary there and the logical continuation for the future would be SaaS.

But already today SaaS is at least an option that has to be checked before achieving

new software for a company.

All in all it will be a question of time when SaaS offers so many different add-ons

and customizing possibilities that it converges to the old application service provider

model without repeating the mistakes so that it could be called as real software

through the line. If this is done SaaS will be a very profitable business part and a

huge part of the current revenues for software implementation and integration will go

to the SaaS providers. Prospectively the customer will get the best software solution

for his company and can although source out operative IT services. That minimizes

30

the companies’ risk. But the future will not be completely without individual or

customized standard software. There is still a need for these specialized software

applications for the companies to achieve competitive business process advantages.

And finally, for the customer it does not matter if the IT services were handled inside

the company or external, important is that the business processes will run perfectly.

So this is the huge goal that both standard software producer as well as SaaS provider

should have. The one who makes it the best will finally rule the market.

Figure 5.2 Possible Evolution Of SaaS from past to future

Source: Saugatuck Technology Report. (2010). Software-as-a-Service Managing Key

Concerns and Considerations, http://www.sagesaleslogix.com/Products-and-

Services/~/media/Category/CRM/SalesLogix/Assets/Collateral/SaaS_Concerns_and_Consid

erations_072610_Sage.pdf

5.3 Forrester Research SaaS Maturity Model

SaaS is the hottest trend in both CRM and SME market in general. While SaaS

appears to be a threat to software vendors with traditional perpetual-license models,

http://www.sagesaleslogix.com/Products-and-Services/~/media/Category/CRM/SalesLogix/Assets/Collateral/SaaS_Concerns_and_Considerations_072610_Sage.pdf



31

it is also an opportunity for competitive advantage. The question is how independent

software vendors and service providers can capitalize on this opportunity. Forrester's

SaaS maturity model provides an assessment of the solutions and underpins our

guidance on realistic strategy transformation for those software vendors and services

providers considering a SaaS business model. Targeting the highest maturity level is

not necessarily the best fit for every vendor. Forrester classifies the maturity of SaaS

solutions on six levels. We define each level according to its answer to the question

of who provides what to whom (see the following Figure 5.3).

Figure 5.3 SaaS Maturity Model according to Forrester

Source: Ried, S. (2008). Forrester Research SaaS Maturity Model,

http://www.forrester.com/rb/Research/forresters_saas_maturity_model/q/id/46817/t/2

The explanations of these 0-to-5 SaaS Maturity Levels are listed below:


http://blogs.msdn.com/blogfiles/architectsrule/WindowsLiveWriter/870a63bd37c4_EEFA/image_2.png

32

Level 0: Outsourcing is not SaaS. In outsourcing, a service provider operates

a major application or a unique application landscape for a large enterprise

customer. As the outsourcing company can't leverage this application for a

second customer, outsourcing does not qualify as SaaS.

Level 1: Manual application service provider business models target midsize

companies. At level 1, a hosting provider runs packaged applications like

SAP's ERP 6.0, which require significant IT skills, for multiple midsize

enterprises. Usually, each client has a dedicated server running its instance of

the application and is able to customize the installation in the same way as

self-hosted applications.

Level 2: Industrial ASPs cut the operating costs of packaged applications to a

minimum. At level 2, an application service provider uses sophisticated IT

management software to provide identical software packages with customer-

specific configurations to many SME customers. However, the software

package is still the same software that was originally created for self-hosted

deployment.

Level 3: Single-app SaaS is an alternative to traditional packaged

applications. At level 3, software vendors create new generations of business

applications that have SaaS capabilities built in. Web-based user interface

(UI) concepts and the ability to serve a huge number of tenants with one,

scalable infrastructure are typical characteristics. Customization is restricted

to configuration. Single-app SaaS adoption thus focuses on SMEs.

Salesforce.com's CRM application initially entered the market at this level.

Level 4: Business-domain SaaS provides all the applications for an entire

business domain. At level 4, an advanced SaaS vendor provides not only a

33

well-defined business application but also a platform for additional business

logic. This complements the original single application of the previous level

with third-party packaged SaaS solutions and even custom extensions. The

model even satisfies the requirements of large enterprises, which can migrate

a complete business domain like "customer care" toward SaaS.

Level 5: Dynamic Business Apps-as-a-service is the visionary target.

Forrester's Dynamic Business Application imperative embraces a new

paradigm of application development: "design for people, build for change."

At level 5, advanced SaaS vendors coming from level 4 will provide a

comprehensive application and integration platform on demand, which they

will prepopulate with business applications or business services. They can

compose tenant-specific and even user-specific business applications on

various levels. The resulting process agility will attract everyone, including

large enterprise customers.

5.4 Key Technology Considerations for SaaS Providers

The following figure shows Global SMEs Executive SaaS Survey results from

Saugatuck Technology Inc. This survey results in Figure 5.4 illustrates top

technology considerations when selecting SaaS providers.

34

Figure 5.4 Technology Considerations Regarding SaaS Provider Selection





5.5 In House or SaaS

The following Table 5.1 compares criterion based advantages of in house solutions

and SaaS. Since these qualitative comparisons can be different for each organization,

therefore every SME should create a similar chart for its IT expectations and outlook

for the technology.




35

Table 5.1 Comparison Between In-House And SaaS Solutions

Source: Orminski, F. (2008). Does Software as a Service (SaaS) displace standard

software?, http://www.iwi.uni-

hannover.de/upload/lv/sosem08/seminar/www/orminski/HTML%20Homepage/index.html

5.6 Advantages of SaaS Service Model for Turkish SMEs

SaaS is an on-demand solution that provides businesses an affordable way to use a

software application without having to purchase it. This is done by leasing the

program from a provider and either accessing or subscribing to it through the

internet. As an IT business solution, SaaS has become an increasingly popular choice

since companies only rent the software, rather than committing to the purchase price

of the application and user licensing. Regardless of the type of business, it will

realize several benefits if it chooses any SaaS solution. Advantages include the

following:

http://www.iwi.uni-hannover.de/upload/lv/sosem08/seminar/www/orminski/HTML%20Homepage/index.html


36

Affordable: With SaaS, business won't have a large up-front capital expense as it

would if it chooses to purchase the software. A reasonable monthly fee is all

business will pay to have the latest version of the favorite software. Business

won't need to spend money purchasing and installing software. Business won't

have to worry about the cost of upgrading it, either. The SaaS provider will take

care of it so business doesn’t have to.

Flexible: Because SaaS is offered as an on-demand service, business can adjust

its contract to fit its staffing needs.

Stable: The SaaS applications are installed on more powerful, secure, and

redundant hardware infrastructure than business could afford to own.

Quick deployment: Because most SaaS solutions are web-based, deployment is

instantaneous, giving business immediate access to the business solutions it

needs.

Accessible: Regardless of where it does business, it will always have access to its

SaaS applications as long as it has access to the internet.

Compatible: Most SaaS applications are compatible with most systems and

smart phones.

Vendor’s Responsibility: SaaS providers are responsible for managing and

maintaining both the software and hardware components of the application. The

network issues such as data redundancy, data backup and recovery are also

planned and managed by the vendors. They upgrade the software on regular

intervals.

Ownership: Since SaaS vendors charge a set price per user per month, the firms

don’t have to pay extra money for modules they don’t even use. It literally

removes the maintenance, end user support, and administration costs of the

37

software. The implementation and customization costs of SaaS are also lower

than the traditional software. All this results in a very low TCO.

Scalability: Hosted software, another term for SaaS offers business more

scalability in using the software. By utilizing SaaS business is free to use as much

or as little part of any software as it needs. This gives business easy and

economical access to many programs.

Regular Upgrading: SaaS Vendors regularly upgrade their software, so that the

users don’t have to put any effort into installing and upgrading the applications.

Easy Access: A major advantage of SaaS is it can easily and quickly be accessed

from anywhere with a web browser. This gives users a great facility even when

they are at home or in another country. They can access real time synchronized

applications from Laptops and Smart Phones.

SLA adherence: reported bugs can be fixed minus any rollout overhead. Sure

the provider actually has to fix the issue, but assuming they’ve deployed a

moderately efficient SaaS application the rollout of a patch or fix should happen

in the blink of an eye.

Ease Internal IT Pains: SaaS offloads a great deal of IT pains incurred by

software consumers in the traditional client and server model. This leaves IT

personnel to focus on improving the day-to-day technical operations of the

company instead of being called upon to troubleshoot 3rd party software or

maintain aging infrastructure.

Redistribute IT Budget: by outsourcing software functionality to a provider, the

enterprise realizes a cost savings in infrastructure requirements and IT personnel

knowledge requirements. This allows the enterprise to focus on core

38

competencies. It also means that the cost savings from using SaaS applications

can be flat out saved, or reallocated to boost productivity through other services.

According to Forrester Research’s survey conducted in Middle East Africa (MEA)

region including Turkey, the top 3 important motivations for moving to cloud

computing in Turkey are Reduce Hardware Infrastructure Costs, Scalability on

Demand to Meet Business Needs, and Simplified Server/Resource Provisioning,

respectively (Hamad and Erickson, 2011). The following Figure 5.5 lists all the

drivers with their overall percentage.

Figure 5.5 Primary Drivers for Considering Cloud Computing

Source: Forrester Research MEA and Turkey Cloud Computing Survey. (2011).

5.6.1 Hardware, Software, and IT Staff Cost Savings

Traditionally, deploying large-scale business-critical software systems, such as ERP

and CRM application suites, has been a major undertaking. Deploying these systems

across a large enterprise can cost hundreds of thousands of dollars in upfront

licensing cost, and usually requires an army of IT personnel and consultants to

customize and integrate it with the organization's other systems and data. The time,

staff, and budget requirements of a deployment of this magnitude represent a

39

significant risk for an organization of any size, and often puts such software out of

the reach of smaller organizations that would otherwise be able to derive from it a

great deal of utility. The on-demand delivery model changes some of this. SaaS

applications don't require the deployment of a large infrastructure at the client's

location, which eliminates or drastically reduces the upfront commitment of

resources. With no significant initial investment to amortize, an enterprise that

deploys a SaaS application that turns out to produce disappointing results can walk

away and pursue a different direction, without having to abandon an expensive on-

premise infrastructure. Additionally, if custom integration is not required, SaaS

applications can be planned and executed with minimal effort and roll-out activities,

creating one of the shortest time-to-value intervals possible for a major IT

investment. This has also made it possible for a number of SaaS vendors to offer

risk-free "test drives" of their software for a limited period, such as 30 days. Giving

prospective customers a chance to try the software before they buy it helps eliminate

much of the risk surrounding software purchase.

The following survey results in Figure 5.6 clearly illustrate these savings.

Figure 5.6 Cloud Related Investments Can To Help Reduce ICT Spending


40

5.6.2 Easy To Adopt

SaaS applications are available from any computer or any device, anytime, and

anywhere. Because most people are familiar with using the Internet to find what they

need using MSN, Hotmail, or use FaceBook applications, SaaS apps tend to have

high adoption rates, with a lower learning curve.

5.6.3 Less Problematic Software Updates and Patches

Because the SaaS provider manages all updates and upgrades, there are no patches

for customers to download or install.

5.6.4 Scalability on Peak Times

The management burden of anticipating and building out excess capacity IT

infrastructure decreases. The result is less management, maintenance, and

deployment time, with the additional benefit of greater scalability to more easily

handle peaks in demand. The key observation is that Cloud Computing’s ability to

add or remove resources at a fine grain and with a lead time of minutes rather than

weeks allows matching resources to workload much more closely. Real world

estimates of server utilization in datacenters range from 5% to 20%. This may sound

shockingly low, but it is consistent with the observation that for many services the

peak workload exceeds the average by factors of 2 to 10. Few users deliberately

provision for less than the expected peak, and therefore they must provision for the

peak and allow the resources to remain idle at nonpeak times. The more pronounced

the variation, the more the waste (Armbrust et al., 2009).

Assume our service has a predictable daily demand where the peak requires 500

servers at noon but the trough requires only 100 servers at midnight, as shown in

Figure 5.7. As long as the average utilization over a whole day is 300 servers, the

41

actual utilization over the whole day (shaded area under the curve) is 300 x 24 =

7200 server-hours; but since we must provision to the peak of 500 servers, we pay

for 500 x 24 = 12000 server-hours, a factor of 1.7 more than what is needed.

Therefore, as long as the pay-as-you-go cost per server-hour over 3 years4 is less

than 1.7 times the cost of buying the server, we can save money using utility

computing (Armbrust et al., 2009).

Figure 5.7 Provisioning For Peak Load

Source: Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee,

G., Patterson, D.A., Rabkin, A., Stoica, I. & Zaharia, M. (2009). Above the Clouds: A

Berkeley View of Cloud Computing,

http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html, p.13

In addition to simple diurnal patterns, most nontrivial services also experience

seasonal or other periodic demand variation (e.g., e-commerce peaks in December

and photo sharing sites peak after holidays) as well as some unexpected demand

bursts due to external events (e.g., news events). Since it can take weeks to acquire

and rack new equipment, the only way to handle such spikes is to provision for them

in advance. Even if service operators predict the spike sizes correctly, capacity is

wasted, and if they overestimate the spike they provision for, it’s even worse. They

may also underestimate the spike as shown in the Figure 5.8, however, accidentally

turning away excess users (Armbrust et al., 2009).

http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html

42

Figure 5.8 Underprovisioning 1





While the monetary effects of overprovisioning are easily measured, those of under

provisioning are harder to measure yet potentially equally serious: not only do

rejected users generate zero revenue; they may never come back due to poor service.

The following Figure 5.9 aims to capture this behavior: users will desert an under

provisioned service until the peak user load equals the datacenter’s usable capacity,

at which point users again receive acceptable service, but with fewer potential users

(Armbrust et al., 2009).

Figure 5.9 Underprovisioning 2







43

5.6.5 Pay per Use Financial Model

SaaS vendors are compensated by users for the use of the hosted software. Payments

can be either on a pay-per-use basis or as a monthly payment. Some SaaS

applications are available completely free of charge while others are open source (the

customer decided where to host the application). But the one thing all SaaS

applications have in common is that they are all delivered as web applications to the

browser.

5.6.6 Improved Release Management and Testing of New Releases

In the earliest stages of assessing the feasibility of a Cloud Computing solution it is

key for the business and Cloud delivery provider to understand the requirement

for a Cloud solution within that business’ context. The business must carefully

document what they require from such a solution clearly and unambiguously. As

with the development of any solution, business requirements are the key driver

to the success of the solution. As business look more and more often to third

parties to deliver these solutions, the foundations for the delivery must be solid.

Business requirements are these foundations. Static Testing on business

requirements will ensure that these are concise and complete. Undergoing the

process of reviews and workshops to understand what is being asked for in

business requirements will save time and money later in the development lifecycle

by removing potential software defects before they are built. Cloud Computing

solutions claim to be scalable on demand. How does the business verify that the

solution delivered is capable of coping with the workload which it is required to

undertake? Load or Stress testing can be used to prove that the developed solution

can scale as required. By using test techniques and tools which are capable of

applying huge amounts of load on the solution the Cloud can be accurately

44

measured and its capacity verified. Using a distributed Cloud Computing solution

should mean that the delivery will perform to a high standard. Performance

testing techniques allow the systems performance to be measured and verified

accurately. Using performance testing and load testing techniques in tandem allows

an accurate image of the solutions ability over the cloud to be created. This in turn

provides the comfort that the system is constructed so as to be capable of acting as

delivery mechanism for the business requirement. Security testing can provide

assurance that business critical data is stored and transported safely. Techniques such

as Penetration Testing can prove that the mechanisms, which have been developed to

maintain security, will remain intact during potential attempts to compromise the

Cloud solution (AppLabs Report, 2009).

5.6.7 Rapid Resource Provisioning

A cloud model gives business the ability to respond to business demands more

effectively and helps ensure employees have on-demand access to critical business

information, customers, partners, and each other, using nearly any device, from

virtually anywhere. The result is they can give priority to the most critical business

tasks first.

5.6.8 SLAs

Businesses must exercise caution when using software outsourcing or SaaS

providers. If things can go wrong, they likely will. Service level agreements (SLA)

help protect both customers and the service providers. Here are the main points of

SLAs (Laudon & Laudon, 2011).

Defines responsibilities of the service provider and level of service expected

by the customer

45

Specifies the nature and level of services provided

Criteria for performance measurement

Support options

Provisions for security and disaster recovery

Hardware and software ownership and upgrades

Customer support, billing and conditions for termination

SME executives are attracted to all types of Cloud Computing solutions primarily for

strategic reasons such as flexibility and speed to market, in addition to potential cost

savings. To achieve these strategic and operational goals, SMEs need to change the

way they manage IT, including the organizational structure and skills of the IT

support staff. There is a need to manage SLAs, data access, subscriptions, and license

management through a robust vendor management process. Additionally, whether

business is going to replace one, some, or all of its business applications with a SaaS

solution, it will need a realistic plan and timeframe to securely implement, migrate,

and then turn off legacy applications. Further, a well-defined process may be

required to optimize key consulting resources to work with the business in

prototyping workflows and building requested customizations (Saugatuck

Technology Inc Report, 2010).

5.6.9 Security

The following Figure 5.10 shows that Turkey SMEs are way above the world

average in terms of Malicious and Potentially Unwanted Software according to

Microsoft Security Intelligence Report in 2010. The higher the security risk exposed

the more motivation for moving to SaaS service model. This is due to reason that

46

high security risk is an indicator for SMEs not managing their ICT well in terms of

Security.

Figure 5.10 Malicious and Potentially Unwanted Software

Source: Microsoft Security Intelligence Report. (2010).

5.6.10 Few Technical Skills Required for New Technology

With SaaS, the job of deploying an application and keeping it running from day to

day such as testing and installing patches, managing upgrades, monitoring

performance, ensuring high availability, and so forth, is handled by the SaaS

provider. By transferring the responsibility for these "overhead" activities to a third

party, the IT department can focus more on high-value activities that align with and

support the business goals of the enterprise. Instead of being primarily reactive and

operations-focused, the chief information officer and IT staff can more effectively

function as technology strategists to the rest of the company, working with business

47

units to understand their business needs and advise them on how to use technology

best to accomplish their objectives. Far from being made obsolete by SaaS, the IT

department has an opportunity to contribute to the success of the enterprise more

directly than ever before.

5.7 Disadvantages of SaaS Service Model for Turkish SMEs

Some of the key disadvantages of SaaS are documented below:

Security and confidentiality: While working from anywhere / anytime is an

important aspect of SaaS this also implies that sensitive data has to be stored

online on third party servers. This can be an issue in some of the functions for

example, accounting, etc.

Risk of data loss: The SaaS provider has to be chosen wisely as there is an

inherent risk of losing valuable data if the vendor goes out of business.

Dependence on high speed internet: A high speed internet connection is

must for SaaS, while this is not a big challenge in developed nation, it can be

a serious limitation in developing nations with poor infrastructure and

unreliable connectivity. Thus firms should choose wisely understanding the

connectivity bottleneck.

Low predictability of cost: Based on a survey by Gartner, current customers

were least satisfied with the lack of predictability of cost in SaaS

implementation. This primarily is because of the unpredictability in post-sales

support and maintenance services.

Not all applications have SaaS versions yet: Many firms need very industry

specific business applications which do not have a SaaS version presently.

48

SaaS versions may not be as powerful as non-SaaS ones: SaaS versions are

usually stripped down versions of a powerful non-SaaS product.

According to Forrester Research’s MEA and Turkey Cloud Computing Survey show

in Figure 5.11, the top 3 barriers and concerns to moving cloud computing in Turkey

are Lack of Cloud Knowledge and Understanding, Security, and Integration with

Existing Systems, respectively.

Figure 5.11 The Major Concerns And Barriers To Cloud Adoption


Another survey from Saugatuck shows that focus is on data security and privacy, and

data and transaction integrity in Figure 5.12.

49

Figure 5.12 Key Concerns in Deploying Cloud based Business Solutions





5.7.1 Cloud Computing Knowledge and Understanding

Here is a relatively new survey revealing that small businesses are not that ready to

go cloud (at least, they go cloud probably for the wrong reasons): SB Authority

Market Sentiment Survey commissioned by Newtek Business Services. The survey

reveals that small business owners need to learn more about cloud computing and

everything that comes with it. The survey is based on a poll of about 1,800 small

business respondents, telling us pretty much the big picture of what is going on in

cloud computing for small business right now (the survey’s May 2011 results): 71

percent of respondents have never heard about cloud computing. Of the rest 29




50

percent who have heard about cloud computing, 74 percent can’t describe what cloud

computing is. Regarding the knowledge about IT security, 78 percent of respondents

think that their data is secure; they don’t have complete documentation on critical

data, information, software and hardware that are stored on-premise IT system. In

relation to that, 71 percent of respondents confess that the important data, software

and hardware they have are not being backed up off-site. The question is, when

disaster strikes, will small business owners be able to recover the all important data?

What about if their system is hacked and get their important data and information

stolen? What if their entire business is going down because the cloud they adopt is

proven to be not as stable and/or secure as the think? It seems that small business

owners need to learn more about the cloud and collaborate with more cloud-savvy

and IT security-savvy people – including hiring one or two. The cloud computing –

with all the benefits and caveats that come with it – can help small businesses to

secure their important data, hardware and software – both off-site and on-site. That

being said, small business owners need to understand that they need to secure their

data on and off the cloud – typically done by creating backups on on-premise IT

system and vice versa (Ivan, 2011).

5.7.2 Security

Leveraging a SaaS solution does not exempt that organization from the required

regulatory controls of data compliance. SMEs need to manage compliance through

controls and audits, especially when data may be hosted in a different country and

with a different subcontractor like a hosting provider. Ensure that business is not

breaking any country laws related to transfer of customer data or access/sharing of

customer data. Also make certain that business has access to the data, and there is an

established medium for the distribution of data to its organization should it con-sider

51

moving to another solution. Ensure that the SaaS provider has demonstrated controls

and acceptable adherence to those controls has been attained. Anyone considering

SaaS must look closely at providers’ security and privacy services, and ask

specifically about Sarbanes Oxley or COBIT audit certification. Firms in the health-

care industry considering a SaaS solution should also ask about HIPAA compliance

in regard to the Privacy Rule (Saugatuck Technology Inc Report, 2010).

5.7.3 System Integration Capability

To maximize their benefit, SaaS solutions need to integrate with existing enterprise

systems. Depending on the business requirements and the integration capabilities of

the chosen SaaS product, the integration approach may not be trivial. While a

comprehensive API offered by SaaS is a must-have, in most cases a custom SaaS

integration layer will be needed to comply with SOA principles and to facilitate

integration with existing systems. SaaS integration projects are not much different

than typical integration projects. Unless the integration requirements are very simple,

it makes more sense to use an integration product as the foundation of the SaaS

integration layer, instead of custom-building such a layer. In most cases there may be

a standard integration product used within the organization and more than often, this

same product should be used for integrating the SaaS solution. An Enterprise Service

Bus (ESB) is often a good integration product that will address most of the

integration needs. In other cases, the SaaS Integration layer may be comprised of one

or more integration products.

5.7.4 Ability to Move Among SaaS Providers and Ability to Change

Deployment Models When Necessary

Given the amount of customization that the company has invested in, it is becoming

increasingly clear that there is no easy answer – and no free lunch. One of the

52

reasons that the company had decided to implement SaaS was the assumption that it

would be possible to migrate from one SaaS application to another. However, while

it might be possible to migrate basic data from a SaaS application, it is almost

impossible to migrate the process information. Switching from one SaaS solution to

another is not so different from switching from one on-site application to another.

The main issue regarding the SaaS vendor is to make sure that the data can be

transferred to the hands of the enterprise at any time. Today the most common

methods are to enable the export of reports in a CSV format and to download the full

database. Even in this simple case the actual migration in the SaaS case will be easier

because the company doesn’t need additional sets of hardware infrastructure for the

migration to take place. Furthermore SaaS vendors develop import tools so that a

new customer will can easily migrate the data, whether it is in a raw spreadsheet or

even in the format of other SaaS vendors. For example, moving documents and data

from one vendor’s application to another requires both applications to support

common formats. The file formats involved will depend on the type of application.

Standard APIs for different application types may also be required. However, this is

the same issue of on premise applications, so we can say that there is nothing cloud-

specific to these requirements.

5.7.5 Availability and Reliability

As SMEs)evaluate cloud computing solutions, vendors often tout availability, or up-

time, commitments. Understanding the metric, and how to compare vendor claims, is

critical when selecting a solution. Availability is generally expressed as a percentage

-- 99.9%, 99.99%, and so on. With 8760 hours in each year, 99.9% availability

equates to 8.75 hours (0.1%) downtime each year, or an average of 45 minutes per

month. Similarly, 99.99% availability equates to 45 minutes of downtime each year,

53

or about 5 minutes per month. Simple yes, but the devil is in the details. Most

vendors caveat availability commitments by excluding schedule maintenance

windows. For some vendors, this means regularly scheduled windows; for others this

means any non-emergency maintenance activities with advanced notice. When

comparing availability claims, business need to account how availability is

calculated.

The qualities that make SaaS an attractive model for acquiring and consuming

applications can introduce a host of new wrinkles for organizations that choose them.

A key issue revolves around application reliability, which includes ensuring both the

availability and sufficient performance of the applications on which organizations

depend. For one thing, SaaS vendors deliver their wares over the public Internet,

which means these applications perform differently from applications that run on

local clients or over an organization's internal network. What's more, the fact that

SaaS applications are hosted and maintained by external parties means that

companies have less visibility into the workings of these services than they do with

applications hosted on-premises. Because of the nontraditional delivery method and

relatively black box operation of SaaS applications, IT departments must approach

their responsibilities around ensuring application reliability a bit differently from

what they are probably accustomed to doing. A successful strategy for ensuring SaaS

reliability must include attention to users’ expectations and needs, the health of the

network, the architecture and practices of potential SaaS vendors, and the tools and

services that can be used to measure and monitor the SaaS applications that the

organization consumes.

54

5.7.6 Adaptability and Task Productivity

The following concerns should be addressed as part of SaaS evaluation. How easily

can business modify the application? This can be as simple as adding fields or

building dashboards, or as advanced as a programming platform. How effectively

can the users accomplish their goals? How many cases-per-minute or entries-per-day

can workers do, and how many errors do they make?

5.7.7 Regulatory and Compliance Issues

Some industries are subject to regulatory law in different parts of the world, which

imposes various reporting and recordkeeping requirements that the potential SaaS

solution candidates cannot satisfy. Consider the regulatory environments in all the

different jurisdictions in which the organization operates and how they affect its

application needs. Sometimes, technical and financial considerations also can have

legal ramifications, such as whether candidate SaaS providers will be able to meet

the internal and public standards for data security and privacy in order to avoid legal

exposure. Consider any legal obligations business has toward its customers or other

parties, and whether SaaS will allow it to continue to meet them.

5.7.8 Impact on IT Roles and Responsibilities

Adding SaaS to the enterprise IT mix can cause a fundamental shift in the IT

department's role as a provider of information services. Business units are sometimes

caricatured as being afraid of change, but IT departments are not immune to

organizational politics, either, and institutional resistance to SaaS can come from IT

itself, as easily as from elsewhere in the company. In the past, the nature of software

deployment has put chief information officers (CIOs) and their staffs into the role of

gatekeepers who could exercise a veto over any proposed software deployment by

55

simply declaring that they would not host it in the data center. With SaaS as an

option, control of the data center does not necessarily equal control over the entire

enterprise-computing environment and this can cause the gatekeepers to fear a loss of

control: A "rogue" vice president could just subscribe to a SaaS application for their

department, bypassing IT entirely. Of course, a CIO who relies upon control of the

data center to control the greater computing environment has governance problems,

anyway. Successful CIOs engage with business units, educate them about the impact

of certain purchases on their future agility, and work with them to determine whether

their needs would be best met by on-premise software or SaaS. By performing this

consulting role, as discussed above, the IT department can add value directly to the

business by matching up business units optimally with technology.

5.7.9 IT Governance Issues

Performing due diligence is a routine part of any successful IT infrastructure

deployment project, so the basics should already be familiar to business. Some

factors, however, deserve special consideration. Some areas to address in a typical

due-diligence checklist include the following items.

Data-security standards: Moving critical business data "outside the walls"

introduces a risk of data loss or inadvertent exposure of sensitive information.

Assess organization’s data-security needs, and ensure that the provider has

measures in place to meet the standards it set.

SLA guarantees: The management contract between business and the SaaS

provider takes the form of service-level agreements (SLAs) that guarantee the

level of performance, availability, and security that the SaaS vendor will

provide, and govern the actions the provider will take—or the compensation

56

it will provide—in the event that it fails to meet these guarantees. Ensure that

these SLAs are in place, that the guarantees they make are sufficient to meet

the business needs, and that they provide a sufficient level of mitigation in

even the worst-case scenario.

Migration strategies: At some point, business might want to migrate away

from a SaaS application to another solution, so it's important that business is

able to take its existing data out of the application and move it to another one.

Ask the prospective SaaS provider about any data-migration strategies and

procedures it uses, including any provisions for data and code escrow.

In-house integration requirements: Ensure that migrating to SaaS will meet

any functional and data-integration requirements the organization has in

place.

Reporting services: Because SaaS involves giving up direct control of some

of the organization data, accurate and useful reporting is especially important.

Determine what reporting services the provider offers, and whether they are

compatible with your business-intelligence requirements.

5.7.10 Different Cloud Computing Standards among Cloud

Providers

Cloud computing is at a relatively early stage of development, yet many standards

development organizations, consortia, and trade associations are busy creating cloud

computing standards. As a result, there are likely to be multiple standards in some

areas, while other areas are missing standards entirely. It is this challenge that the

IEEE Cloud Computing Initiatives, CPWG1 and ICWG

2, aim to address. “Cloud

computing” is an evolving term, with a variety of innovative approaches. Like other

1 http://standards.ieee.org/develop/wg/CPWG-2301_WG.html

2 http://standards.ieee.org/develop/wg/ICWG-2302_WG.html

http://standards.ieee.org/develop/wg/CPWG-2301_WG.html

http://standards.ieee.org/develop/wg/ICWG-2302_WG.html

57

rapidly evolving industries, the definition of cloud computing is also changing

rapidly. It is akin to saying that even today; the definition of a "TV" is still changing

with the advent of Internet-connected devices, new formats, and Stereo Video. Or

like asking what a "phone" is? The average answer today will look more like an

iPhone or Android mobile device, rather than the historic wired audio-only devices

made by Western Electric. And yet, all along in product lifecycles, standards for

elements of those products are very important. IEEE P2301 is a meta-standard, a set

of profiles consisting of other standards, publications, and guidelines, from many

organizations. It will provide profiles of existing and in-progress cloud computing

standards in critical areas such as application, portability, management, and

interoperability interfaces, as well as file formats and operation conventions. With

capabilities logically grouped so that it addresses different cloud audiences and

personalities, IEEE P2301 will provide an intuitive roadmap for cloud vendors,

service providers, and other key stakeholders. When completed, the standard will aid

users in procuring, developing, building, and using standards-based cloud computing

products and services, enabling better portability, increased commonality, and

greater interoperability across the industry. IEEE P2302 is like other standards,

except that it is focused on the Intercloud problem and there are no other efforts that

we know of focusing on this particular issue. IEEE P2302 defines essential topology,

protocols, functionality, and governance required for reliable cloud-to-cloud

interoperability and federation. The standard will help build an economy of scale

among cloud product and service providers that remains transparent to users and

applications. With a dynamic infrastructure that supports evolving cloud business

models, IEEE P2302 is an ideal platform for fostering growth and improving

competitiveness. It will also address fundamental, transparent interoperability and

58

federation much in the way SS7/IN did for the global telephony system, and naming

and routing protocols did for the Internet. “Cloud computing will change everything.

It is one of the three aspects of the 'perfect storm' of technology waves currently

sweeping across humanity, the other two being massive deployment of very smart

mobile devices, and ubiquitous high-speed connectivity. The cloud will tie all of

these coming advancements together. We’re truly embarking on a new age of

innovation.” says, David Bernstein, IEEE P2301 and IEEE P2302 WG chair, and

managing director, Cloud Strategy Partners. “Since its inception, the Internet has

gone through radical changes driven by the twin engines of continued technology

advancement and evolving user expectations. Cloud computing today is very much

akin to the nascent Internet – a disruptive technology and business model that is

primed for explosive growth and rapid transformation. But without a flexible,

common framework for interoperability, innovation could become stifled, leaving us

with a siloed ecosystem. By leveraging its uniquely deep and broad technological

resources and expertise, IEEE is helping to minimize fragmentation and ensure that

cloud computing realizes its full potential.” – Steve Diamond, chair, IEEE Cloud

Computing Initiative. Looking to the future, cloud computing standardization efforts

may well mirror what we saw for the standardization efforts around the Internet.

Some of the standards may be too early or too late and some may prove to be

inadequate, duplicative, or inappropriate. Ultimately however, standards will evolve

or be developed to address the key challenges of the market as it develops. There will

be bumps in the road, but cloud computing will be the fourth major computing

paradigm, and the development of standards will have a key role in facilitating the

development of the marketplace, just as it did for the Internet (Pushp, 2011).

59

6 TURKISH ICT MARKET ANALYSIS

In this section we will analyze Turkish ICT Market to understand market dynamics

for SMEs to get knowledge about pains and background.

6.1 Analysis of Current IT Usage, Risks, and Issues in Turkish ICT

Market

According World Bank Research study (Seker & Correa, 2010), in Turkey small and

medium size enterprises account for almost 77 percent of employment and play a

crucial role in the economy. However, the analysis of firm dynamics in Turkey

shows that medium-size firms (51–250 workers) are the slowest growing group in

the economy. Moreover, small and medium size enterprises grow at a slower rate in

Turkey than in several comparator countries in the Eastern Europe and Central Asia

region.

There are numerous factors that can affect firm growth. The levels of technology and

human capital, the development level of the country, or the environment in which the

firms operate are very crucial for growth. Especially for the developing countries

where infrastructure, financial, or regulatory services don’t function smoothly, firms

can be discouraged to grow. SMEs that may lack the capacity to cope with these

distortions could be severely affected.

6.1.1 ICT in Turkey and SWOT Analysis of the ICT Market

According to Invest-In-Turkey web site3 operated by The Republic of Turkey Prime

Ministry Investment Support and Promotion Agency -Invest in Turkey, between

2010 and 2013 ICT spending is forecasted to rise by 16% a year. The ICT sector has

become an essential part of the economy, in particular social life, since it is directly

3 http://www.invest.gov.tr

http://www.invest.gov.tr/

60

or indirectly affecting the ever-changing business world. Turkey is well aware of the

fact that this sector will have a much more influential role in the future than it

currently has. Searches for solutions brought about by this development and growth,

which are appropriate for the requirements of today, and the efforts to enable today’s

economic and social life to acquire these most up to date and fast solutions instantly,

together form the basis of information and communication technology, since these

solution searches basically require the utmost efficient utilization of both time and

physical resources. In this regard, Turkey has increased its interest in the ICT sector

further, and started the necessary studies so as to have a voice in the sector in the

future. The following Table 6.1 lists the SWOT Analysis of the Turkish ICT Market

from the government perspective as it is shared in an official web site.

Table 6.1 SWOT Analysis of Turkish ICT Market

Strengths

Demand for high-technology telecommunication

services, as well as a large Turkish population, are

expected to increase total ICT spending

Huge potential for growth considering the young

population compared to Western countries

Companies that have R&D activities in TDZs are

exempt from income tax for these activities

Government institutions are one of the biggest IT

buyers

Share of IT in total public investment is growing

Weaknesses

High (though reducing)

software piracy rate

High taxation (VAT and

Special Communication

Tax) in the mobile sector

Opportunities

Increasing budget allocation by government for

public IT investments

Mobile phone subscriptions are expected to grow

The ability to train highly qualified, young and

dynamic computer engineers and software

developers in ever-increasing numbers

Threats

Underdeveloped

collaboration culture of

R&D and innovation in

the sector

Source: Deloitte ICT Invest in Turkey Report, (2010), http://www.invest.gov.tr/en-

US/infocenter/publications/Documents/ICT.INDUSTRY.pdf

The greatest indicators of these efforts are the new initiatives and R&D Law issued

for the investors.

http://www.invest.gov.tr/en-US/infocenter/publications/Documents/ICT.INDUSTRY.pdf

http://www.invest.gov.tr/en-US/infocenter/publications/Documents/ICT.INDUSTRY.pdf

61

In Turkey, during the last ten years, ICT equipment has grown 130 percent,

software 500 percent, the services sector around 500 percent, consumer

materials around 200 percent, information technologies 225 percent,

telecommunication equipment around 75 percent, bearer services around 275

percent, and communication technologies around 225 percent.

Turkey’s large population, as well its demand for high-tech

telecommunication services, are expected to increase the total ICT spending

to the level of USD 10.5 billion in 2014, up from USD 7.2 billion in 2009.

Meanwhile, mobile penetration rates are expected to increase further.

There has been a research conducted by TUBISAD4 about the ICT Sector in Turkey.

The following Figure 6.1 shows that most of the ICT budget is spent on Hardware in

Turkey in 2010 instead of Services or Software.

Figure 6.1 Breakdown of ICT Spending in Turkey

Source: TUBISAD Report. (2010). ICT Sector in Turkey,

http://www.tubisad.org.tr/Eng/Library/Presentations/ICT%20in%20Turkey.rar

4 http://www.tubisad.org.tr

http://www.tubisad.org.tr/Eng/Library/Presentations/ICT%20in%20Turkey.rar

http://www.tubisad.org.tr/

62

The following Figure 6.2 shows the Hardware Expenditure between 2005 and 2011

in Turkey.

Figure 6.2 Hardware Expenditure in Turkey

Source: Economist Intelligence Unit Report. (2011). http://www.invest.gov.tr

If we compare a developed country such as Canada with Turkey, we can obviously

see in the following Figure 6.3 that, the ratio of Hardware, Software, and Services

spending is different than Turkey. It can be easily deduced as the Turkey matures in

terms of ICT, the ratio of Hardware and Software spending will be reduced to a

lower figure than the Services spending based on percentage. Looking at the

segments in the IT sector, hardware sales always take the biggest chunk from the IT

market as opposed to the EU countries. Software development and services segments

are expected to skyrocket with the support of the government policies and initiatives

such as Technology Development Zones (TDZ), new R&D laws, and “Silicon Valley

of Turkey” project.


63

Figure 6.3 ICT Canada Projected Spending on Hardware, Software, Services

and Communications 2010 to 2013 (WITSA) Digital Plant, 2010, (Forecast in

US$)

Source: WITSA Digital Planet Report. (2010). http://www.ictc-

ctic.ca/Outlook_2011/trends_en.html

6.1.2 Internet and FaceBook Usage in Turkey and Europe

Broadband penetration is forecast to reach about 16%. Given the high percentage of

young people in Turkey's growing population, growth in Internet subscriptions and e-

commerce is likely to be strong. As with telecoms services, growth in 2009-13 will

be driven by rising incomes (in the second half of the forecast period) and sales of

personal computers (PCs), as well as the availability of online services through

cable-TV and wireless applications. The Internet and its many uses are becoming

increasingly familiar, and computer literacy is growing in Turkey. A major project

by the Ministry of Education to introduce computers and the Internet throughout the

school system is currently under way. The following Table 6.2 lists the internet

penetration between 2006 and 2013 (expected).

http://www.ictc-ctic.ca/Outlook_2011/trends_en.html

http://www.ictc-ctic.ca/Outlook_2011/trends_en.html

64

Table 6.2 Internet Penetration in Turkey

2006 2007 2008 2009 2010 2011 2012 2013

Internet users

('000) 14,048 19,614 25,238 30,525 34,761 38,565 41,894 45,130

Internet

penetration (per

100 people)

20 27.6 35.1 42 47.4 52.1 56.1 59.9

Broadband

subscriptions

('000)

2,848 4,535 6,206 7,752 9,020 10,137 11,135 12,111

Broadband

subscriptions (per

100 people)

4 6.4 8.6 10.7 12.3 13.7 14.9 16.1

Source: Estimates and Forecasts of Economist Intelligence Unit provided by

http://www.invest.gov.tr

The following Table 6.3 lists the Internet and Facebook Usage in Europe by June

2011 from the statistics of Internet World Stats web site.


65

Table 6.3 Internet and Facebook Usage in Europe, June 2011

EUROPE

Population

2011

Internet

Users

Internet

Penetration(%)

Users %

in

Europe

Facebook

Subscribers

Facebook

Penetration

(%)

Norway 4,691,849 4,431,100 94.44% 0.90% 2,466,200 52.56%

Denmark 5,529,888 4,750,500 85.91% 1.00% 2,720,260 49.19%

Sweden 9,088,728 8,397,900 92.40% 1.80% 4,403,300 48.45%

United

Kingdom 62,698,362 51,442,100 82.05% 10.80% 29,880,860 47.66%

Ireland 4,670,976 3,042,600 65.14% 0.60% 2,004,740 42.92%

Macedonia 2,077,328 1,057,400 50.90% 0.20% 878,300 42.28%

Belgium 10,431,477 8,113,200 77.78% 1.70% 4,255,180 40.79%

Serbia 7,310,555 4,107,000 56.18% 0.90% 2,866,200 39.21%

Finland 5,259,250 4,480,900 85.20% 0.90% 2,023,760 38.48%

Turkey 78,785,548 35,000,000 44.42% 7.30% 29,459,200 37.39%

Portugal 10,760,305 5,168,800 48.04% 1.10% 3,869,780 35.96%

Albania 2,994,667 1,300,000 43.41% 0.30% 1,062,740 35.49%

France 65,102,719 45,262,000 69.52% 9.50% 22,713,240 34.89%

Switzerland 7,639,961 6,152,000 80.52% 1.30% 2,655,920 34.76%

Hungary 9,976,062 6,176,400 61.91% 1.30% 3,358,160 33.66%

Slovakia 5,477,038 4,063,600 74.19% 0.90% 1,831,320 33.44%

Slovenia 2,000,092 1,298,500 64.92% 0.30% 660,500 33.02%

Czech

Republic 10,190,213 6,680,800 65.56% 1.40% 3,334,060 32.72%

Italy 61,016,804 30,026,400 49.21% 6.30% 19,806,660 32.46%

Greece 10,760,136 4,970,700 46.20% 1.00% 3,407,700 31.67%

Croatia 4,483,804 2,244,400 50.06% 0.50% 1,413,200 31.52%

Austria 8,217,280 6,143,600 74.76% 1.30% 2,574,700 31.33%

Spain 46,754,784 29,093,984 62.23% 6.10% 14,409,960 30.82%

Bulgaria 7,093,635 3,395,000 47.86% 0.70% 2,156,780 30.40%

Lithuania 3,535,547 2,103,471 59.49% 0.40% 949,720 26.86%

Netherland 16,847,007 14,872,200 88.28% 3.10% 4,513,280 26.79%

Bosnia-

Herzegovina 4,622,163 1,441,000 31.18% 0.30% 1,118,480 24.20%

Germany 81,471,834 65,125,000 79.94% 13.70% 19,459,280 23.88%

Poland 38,441,588 22,452,100 58.41% 4.70% 6,363,100 16.55%

Romania 21,904,551 7,786,700 35.55% 1.60% 3,424,100 15.63%

Latvia 2,204,708 1,503,400 68.19% 0.30% 288,220 13.07%

Moldova 4,314,377 1,333,000 30.90% 0.30% 200,760 4.65%

Russia 138,739,892 59,700,000 43.03% 12.50% 4,648,080 3.35%

Ukraine 45,134,707 15,300,000 33.90% 3.20% 1,492,120 3.31%

Belarus 9,577,552 4,436,800 46.32% 0.90% 299,300 3.13%

TOTAL 809,805,387 472,852,555 58.39% 100.00% 208,907,040 25.80%

Source: Internet and FaceBook Usage in Europe by 30 June 2011,

http://www.internetworldstats.com/stats4.htm#europe

The following Figure 6.4 illustrates Top 10 Internet Usage in Europe per population.

http://www.internetworldstats.com/europa2.htm


66

Figure 6.4 Top 10 Internet Countries in Europe, March 31, 2011

Source: Europe Internet Usage Stats and Market Report by 31 March 2011,


The following Table 6.4 demonstrates how the Internet Usage increased in Turkey

since 2000.

Table 6.4 Internet Usage and Population Statistics in Turkey

YEAR Users Population % Pop

2000 2,000,000 70,140,900 2.9 %

2004 5,500,000 73,556,173 7.5 %

2006 10,220,000 74,709,412 13.9 %

2010 35,000,000 77,804,122 45.0 %

Source: Turkey Internet Usage Stats and Market Report 2000-to-2010,

http://www.internetworldstats.com/euro/tr.htm

6.1.3 OECD Outlook for SMEs in Turkey

Organization for Economic Co-operation and Development (OECD) report about

Turkish SME Market states that a major priority area for SME policies has been to

strengthen SMEs’ technological capacity, particularly in the area of ICT. Wide use of

microcomputers could enhance dissemination of the information published by the


http://www.internetworldstats.com/euro/tr.htm

67

government to promote exports. Increased Internet use could help industrial SMEs to

procure raw materials and capital goods more efficiently, thus trimming their costs

and boosting their productivity. These positive effects have been clearly

demonstrated in the North American and European markets. The Internet can also

help SMEs to advertise their products and simplify purchasing decisions for

businesses and consumers alike. Computers can also help SMEs control production

processes and manage inventory. After the customs union with the European Union

was put in place, Turkish SMEs faced pressure to raise their technical level and

acquire know-how in order to meet European competition and take advantage of

opportunities in the domestic market. However, they did not fully take advantage of

these opportunities for a number of reasons. First, even if rapid progress has been

made in recent years, investment in ICT remains low in Turkey. Second, the support

policies that would have been necessary for their technological development were

not available, owing to a lack of public funding. Moreover, to be fully effective,

technical standards should have been raised prior to the opening of the borders.

Furthermore, an unfavorable economic environment and the drop in domestic

demand following economic crises in a climate of heightened competition slowed

SMEs’ technological development. Their lack of technical skills keeps SMEs from

deriving the full benefit of any cost advantages they might have domestically or for

export, notably during periods of devaluation of the Turkish lira. Finally, businesses’

needs in terms of technology do not automatically result in demand on their part,

either because of a lack of resources, owing to their small size, an internal lack of

understanding of their requirements or a poorly functioning market. This obviously

has negative repercussions for technical consulting firms operating within Turkey

that are able to provide needed support. It should be noted that small manufacturing

68

business throughout the world are often reluctant to use technical consultants (OECD

Report, 2004).

6.1.4 Report Stating Turkey's SMEs Lag in IT

Nearly 60 percent of small and medium size enterprises in Turkey do not have an

email address while only one fourth of all SMEs have a corporate website, a new

research conducted in 2010 by TUBISAD (Turkish Informatics Industry

Association), found (TUBISAD Report, 2010).

The research, which was conducted in 25 provinces around Turkey and consists of

interviews with 1,645 managers, was published in Istanbul Wednesday.

Turgut Gürsoy, TUBISAD chairman said the results of the survey are significant and

indicate the lack of IT awareness among Turkish SMEs is a countrywide challenge.

"One of the most striking findings of the study is that more than half of Turkish

companies do not use email. At the same time, one fourth of the firms do not even

have a Web site. Today there are in fact still some listed companies in Turkey that do

not have a Web site. This is quite an important issue," Gürsoy said.

Özgür Erdem, director of TUBISAD’s SME development project, noted the

minuscule exposure of Turkish SMEs complicates Turkey’s economic growth.

”Turkey envisions exporting goods worth $500 billion and pulling in $50 billion

from tourism but half of the SMEs do not even have Internet pages. It is not possible

to realize these financial goals without information and communications technology.

SMEs here need to start using more IT solutions. Turkey needs to solve this issue,”

Erdem said.

69

According to the survey, 67 percent of all respondents said their companies do not

have regular needs for technology. Of the remaining 37 percent who are considered

to need technology, one third noted that, although they need technology, they do not

know how to use it. Ibrahim Özer, member of the TUBISAD board, said this again

shows information technology penetration is still at its infancy among Turkish

SMEs. “And this is actually not solely the problem of the ICT sector but of all of

Turkey. SMEs are investing in machines and other equipment but not IT.”

Turkey’s new commercial code, which has not yet been adopted into legislation,

requires all companies in Turkey to have Web sites. Gürsoy noted that the new

commercial code should be adopted into legislation. "In fact, 74 percent of the

companies researched were not even aware of this requirement… The new code

enables SMEs to grow. It will reduce the gray economy, increase transparency,

introduce e-signatures and e-bills, and also encourage mobile working.”

Nazım Özdemir, chairman of TUBISAD’s SME development project, said the lack

of IT use at Turkish SMEs is partly due to lack of resources. ”But there is also no

professional personnel for the purpose. The problem in Turkey is also employers do

not comprehend how useful computers are,” he said.

6.2 Turkey Cloud Computing Survey Results

The following survey results in Figure 6.5 shows the areas how the SMEs are

currently leveraging cloud based solutions.

70

Figure 6.5 Currently Leveraging Cloud Computing

Source: Forrester Research MEA and Turkey Cloud Computing Survey. (2011)

The following survey results in Figure 6.6 shows the areas how the SMEs are

currently leveraging cloud based solutions.

Figure 6.6 Leveraging Cloud Computing In These Areas Currently


71

The following survey results in Figure 6.7 shows in which sectors SMEs plan for

cloud based initiatives in future.

Figure 6.7 Cloud Computing Initiative In Place Within The Organization


6.3 SWOT Analysis of Using SaaS for Turkish SMEs

The SaaS business model has many advantages but also disadvantages. The

following SWOT analysis describes the strengths, weaknesses, opportunities and

threats that come with SaaS (Orminski, 2008).

6.3.1 Strengths of SaaS

Reduced effort: In compare with the classical software license model there is

no complex providing of the software in the company anymore. The software

that is used as a service is functional on every standard computer with

internet connection. So there is no need for a high IT knowledge or high

investments to expensive IT hardware because the software is installed on the

hardware infrastructure of the service provider. He cares for the right

hardware environment and services to keep the software running which

72

simplifies the software management so that the companies can keep

concentrating on their core businesses.

Reduced costs: Only the standard software that is really needed will be in

usage in the company. So there will only be paid a calculable monthly rent

that depends on the amount of usage of the software. In addition there are no

royalty-payments for the software. This avoids the problem of an under- or

over-licensing and with it a lower capital tie because of the high starting

investments for the software license. The included services lead to a lower tie

of important human resources of the IT department because the service

provider cares for everything that has to deal with the provided software. So

there is a double transfer of cost risk from the customer to the provider. But

the market researcher from IDC think that the cost advantages in the

beginning will be over after three till five years because a software that is

bought will be decreased anytime, rented software costs will run month for

moth. But in this calculation is missing the hidden costs of all the service

activities like maintenance that will be a huge part of the costs. Market

researchers from Gartner found out that with SaaS there is a saving potential

up to 30% in comparison to an on-premise software solution.

Always up to date: The SaaS customers will always be up to date with its

software products. The service provider will always offer the newest version

of the software product. This can lead to a strategic advantage towards the

market competitors because of a possible improvement of the business

processes.

Higher security: The service provider cares for the highest security of the

personal data that were given to him from the customer. Normally the

73

customers are not very high experienced concerning data security because it

is not their core business. A professional external IT service supporter has got

this experience so he can better care for the security so that nobody else than

the customer himself can reach his data. The danger of losing data is also

lower because of a professional backup solution that is a part of the integrated

service level agreement.

Fast implementation: The rented software could be implemented and used

in a very shorter time period that a classical in-house solution. This is because

SaaS is used in an internet browser as a web service so that there is only one

standardized web interface whereat the SaaS application is connected with

the existing IT infrastructure.

Worldwide use on the way: SaaS products can be used worldwide and not

only on the computer where the software is installed. The SaaS product runs

in the data center of the provider with all data that is central stored. So the

user is able to connect to the software and his data from every computer or

mobile terminal with an internet access. This makes the work much more

flexible and avoids the problem of redundant data on several computers that

regularly have to be synchronized.

6.3.2 Weaknesses of SaaS

Customizing restrictions: One single software product that is perfectly

suitable for everybody will hardly be to realize. That is why many customers

customize the used software or enlarge it with the help of add-ons. But the

most of these specialized add-ons and other customizations are not integrable

into SaaS because the formula for its success lies in the simplicity for a

general usage which stands in contrast to an ample customizing. This

74

limitation of customizing could be the biggest danger for the distribution of

SaaS but it avoids repeating the same mistake that was made with application

service provider.

Data availability: The advantage of using SaaS over the internet line is one

of its biggest disadvantages at the same time. SaaS is dependent of the

internet availability. If there is a server breakdown there will be no possibility

to run the software anymore in the company. This could mean a huge loss

because of a possible production or service default. Projectplace, Europes

leading SaaS provider, told that they had an excellent uptime in 2006 with an

availability of 99.998%. That meant that they were only 11 minutes offline in

the whole year. But also if there is just no possibility to connect to the

internet, then there is no chance to use the software or to get to the needed

data because the software and the data are not offline usable like a local

installed software product with local saved data.

Data security: If a corporate decides to use SaaS they save all their data that

is used with the application in an external data center that is run by the

service provider. So there must be a huge mutual trust between the customer

and the provider that must be arranged by the provider with a convincing

security concept against third-party access and data losses. But it must be also

guaranteed that the internet line is secure. Otherwise it would be possible to

intercept the data on the line. Projectplace tells that their internet connection

is multiple encrypted and since the company foundation in 1998 they have

never been hacked.

Performance: The performance of the provided software product is always

dependent and limited to the performance of the available internet

75

connection. This means that there will never be a real time access to the data.

This could become dangerously for a company if the internet connection is

not or just slowly responding and so critical business processes cannot be

done.

Business process support: SaaS is a kind of standard software. That means

that the specific organization of a company will not be reflected in the

software. That could denote that a company could lose its strategic advantage

in the market because their special business processes will not be perfectly

supported with the SaaS application.

Over or under-functionality: SaaS is a standardized product that is offered

in one form for many different users. Specific requirements cannot be

mapped because of the one-to-many principle. This leads often to over-

functionality or under-functionality for the most of the users affiliated with

payments for unused functions. The possibility of a perfect fitting SaaS

product is quite low.

6.3.3 Opportunities of SaaS

Better service quality: IT services are not the core business of companies.

That means that they are mostly not high experienced concerning IT services.

It is more a must for them. A specialized professional IT service provider is

high experienced and therewith able to offer a much better IT service quality

to the customers.

Always the newest software version: The SaaS customer normally gets the

newest software versions at first without extra payments for the updates

because they are a part of the service agreements of the SaaS providers that

are included in the monthly rent. This could mean an important strategic

76

advantage towards the market competitors because the SaaS customer has

access to newer functions that could advance his business processes.

Free cash flows: Using software as a service means that the customer only

pays a monthly rent. There are no expensive investments for a software

license, for the own IT service department or for a new hardware

infrastructure. So there are scalable payments that are not as high especially

at the beginning of the software introduction as in the classical license model.

These free cash flows can be used for improving the core business processes.

More flexibility: The customer has got only low starting investments for the

purchasing of the software so there is less fixed capital. With a short running

SaaS contract the customer is able to change the applications and the software

provider in a short period unlike with an on-premise software solution where

the purchased software must be used over a long period, at least until it is

depreciated. This aspect is supported by the easier integration in running

systems so it needs less time to implement a new SaaS product because of the

standardized web interface. So the software can be selected because of its

economic functionality and not because of its integration ability into the

running systems.

6.3.4 Threats of SaaS

Border-crossing data storage: Every company that uses SaaS must make

itself sure that the stored data possibly will not be saved in the same country

where the company is founded. So in legal questions there could be another

law in charge than the home law, so it could become very difficult to clarify

the question of guilt.

77

Data losses: All the user data are saved on an external server in the data

center of the software provider. If some data were lost the corporate is not

able to take the recovery of the data in its own hands. It is dependent of the

service provider. That is why the security level with the amount of backups

and the recovery time must be detailed fixed in the SLA.

Data synchronization: In a case of a change of the software provider to

another it must be ensured that all the data that is stored in the data center of

the provider will be at first synchronized to the server of the new provider

and that there will be no readable data left on the old server. Like in the case

of data losses there must be a huge mutual trust between the service provider

and the customer. The customer is doing good to check the service provider

well before responding a contract with him. The provider is doing good to do

everything to win the customers confidence, otherwise the customer could

change the provider.

Missing local IT support: The in-house IT department knows its internal

customers and supported IT normally as the best. In addition they are nearby

their customers and therewith able to offer their physical IT service in a very

shorter time than an external IT supporter, especially in an emergency case

when every second is important. In the SaaS business model the IT services

will be outsourced to an external IT service supporter that will often not be

nearby the company.

Dependency to the provider: If the SaaS provider goes suddenly bankrupt or

is not able to provide its software products anymore for any other reason it

must be ensured that the customer will still be able to run his business

normally. Otherwise could be a total dependency to the service provider in

78

such cases which could lead to the death of a company if the data have been

important for running the business.

Long contract terms: One huge advantage of SaaS is the flexibility that

SaaS offers to the customers. Long running contracts with the software

provider will take the flexibility out of the SaaS concept.

79

7 DECISION MODEL FOR SELECTING SaaS PROVIDER

In this section, the qualitative and quantitative methods will be explained and

demonstrated with fictitious or anonymous SMEs. A further research would be

helpful to measure how viable these methods are in different vertical businesses.

7.1 SaaS Provider Qualification Checklist

Software-as-a-service (SaaS) is rapidly gaining popularity as an alternative to on-

premise software. The key advantages that SaaS claims to offer are listed below

(Stevens, 2009).

Lower cost: For smaller companies or those anticipating rapid growth, the

pay-as-you-go model offered by SaaS is more cost-effective than an on-

premise solution, at least in the short term. Also, there are no maintenance

costs, and upgrades are almost always free.

Fast Implementation: The implementation time for SaaS applications is

typically shorter than it would be for an on-premise solution.

Less Hassle: With SaaS, the provider handles all the management and

maintenance (including hardware), which means no increase in IT head

count.

Less Risk: The risk of a failed implementation is extremely low.

For all these benefits, SaaS should not be an automatic choice for any organization of

any size. What follows is a check list of the important factors business should

evaluate before jumping on the SaaS bandwagon (Stevens, 2009).

TCO: Many companies are attracted to SaaS because of its presumed cost

advantage. However, at least for enterprise scale companies, the TCO of an on-

80

premise solution may be lower if the time frame of the calculation exceeds 6

years.

Functionality: The SaaS vs. on-premise comparison is almost never apples-to-

apples. Does the SaaS offering have exactly the same feature set as the on-

premise version? If not, are any important features absent from either choice?

Reliability: What SLAs can the SaaS provider offer? Are there penalty clauses in

the contract for failure to meet SLAs?

Ease of use: An application only has value if employees use it. Many CRM and

sales force automation initiatives have failed because of low acceptance rates

among users. If the potential SaaS initiative is in one of these areas, user

friendliness is a critical success factor.

Implementation time: Many companies consider SaaS because it promises a

quicker implementation than on-premise solutions. In most cases, this claim is

accurate, but not always.

Internal resource issues: Is the internal IT department resource-constrained? If

so, this is a major argument in favor of SaaS.

Integration: Does business need to integrate the SaaS offering with any internal

(on-premise) applications? If so, will this create problems? Will upgrades on

either side pose problems in the future? How easy, fast, and effective can they be

integrated?

Access to data: How easy will it be for business to access data in the SaaS

solution? Does it have strong import/export capabilities?

Data security: This is an issue that has several components:

81

Security against theft: How strong are the SaaS provider’s intrusion

detection and other theft-prevention measures? What legal commitments is

the provider willing to make?

Back-up: Does the SaaS provider offer off-site back-up? How frequently is

data backed up?

Disaster recovery: How fast can the SaaS provider recover from a

catastrophic failure?

Vendor viability: There are literally hundreds of SaaS companies now in

business. Some will surely go out of business, while others will be acquired by

larger vendors that may or may not provide the same level of service, product

road map and so on. Is that SaaS vendor being evaluated on a solid business

footing?

Exit strategy: Does the SaaS solution provide a painless exit strategy, both

technically and financially?

7.2 Multi Criteria Based Cloud Service Provider Selection Scoring

Model

The following Table 7.1 represents SaaS vendor service selection scoring based on

10 SaaS evaluation criteria. For each SaaS service to be outsourced to SaaS Cloud

Provider this table should be field for each SaaS Vendor Cloud Provider separately

based on Qualitative Criteria. Then decision should favor the SaaS Cloud Provider

having the highest rating. This multiple criteria based scoring model have been

adopted from Hurwitz, Bloor, Kaufman, & Halper (2009).

82

Table 7.1 A Scoring Model for SaaS Vendor Service Selection

Decision Criteria for SaaS Vendor Service Selection

Importance

(I)

(%)

Scor

e

(S)

(1-9)

Rating

(R)

R = IxS

SaaS application needs to be generalized but also

configurable enough to align with majority of the

customer business needs.

10% 5 0.5

SaaS applications need sophisticated navigation and ease

of use. 10% 6 0.6

The SaaS application needs be modular and service

oriented. 10% 4 0.4

SaaS application needs to include measuring and

monitoring so customers can be charged actual usage.

SaaS application must have a built-in billing service.

10% 7 0.7

SaaS applications need published interfaces and an

ecosystem of partners who can expand the company’s

customer base and market reach.

10% 5 0.5

SaaS applications have to ensure that each customer’s

data and specialized configurations are separate and

secure from other customers’ data and configurations.

10% 5 0.5

SaaS applications need to provide sophisticated business

process configurators such as workflows or data filtering

or data transformation for customers

10% 6 0.6

SaaS applications need to constantly provide fast releases

of new features and new capabilities. This must be done

without impacting the customer’s ability to continue

business as usual.

10% 5 0.5

SaaS applications have to protect the integrity of

customer data. 10% 8 0.8

SaaS applications should be flexible to export all

metadata and data to make it easy while switching a

service to another SaaS vendor application or to on

premise Private cloud of the same vendor.

10% 7 0.7

TOTAL RATING SCORE over 9 100% 58 5.8

Source: Hurwitz, J., Bloor, R, Kaufman, M., & Halper, F. (2009). Cloud Computing for

Dummies, For Dummies Publisher, Indiana: Wiley Publishing, p. 141

7.3 Total Cost Of Ownership (TCO)

The actual cost of owning technology resources includes the original cost of

acquiring and installing hardware and software, as well as ongoing administration

costs for hardware and software upgrades, maintenance, technical support, training,

and even utility and real estate costs for running and housing the technology. The

TCO model can be used to analyze these direct and indirect costs to help firms

83

determine the actual cost of specific technology implementations. The following

Table 7.2 describes the most important TCO components to consider in a TCO

analysis (Laudon & Laudon, 2011).

Table 7.2 TCO Cost Components

Infrastructure

Component

Cost Components

Hardware

acquisition

Purchase price of computer hardware equipment, including

computers, terminals, storage, and printers

Software

acquisition

Purchase or license of software for each user

Installation Cost to install computers and software

Training Cost to provide training for information systems specialists and end

users

Support Cost to provide ongoing technical support, help desks, and so forth

Maintenance Cost to upgrade the hardware and software

Infrastructure Cost to acquire, maintain, and support related infrastructure, such as

networks and specialized equipment (including storage backup units)

Downtime Cost of lost productivity if hardware or software failures cause the

system to be unavailable for processing and user tasks

Space and energy Real estate and utility costs for housing and providing power for the

technology

Source: Laudon, K.,& Laudon, J. (2011). MIS Managing the Digital Firm 12th Edition, New

Jersey: Prentice Hall, p. 196

7.3.1 IT Service Costing Model for On Premise

IT Service cost modeling consists of identifying cost elements and their costs,

discrete cost factors that comprise business services, and fairly allocating those costs

to the services they support. Cost types include hardware, software, personnel,

accommodation, external (non-discrete costs from external service providers), and

84

transfer (non-discrete costs from internal departments). Costs are further categorized

as: (Pink Elephant report, 2005).

Direct Costs: Clearly attributable to a single customer\service\location.

These costs are directly related and are completely attributable to a specific

customer or service.

Indirect or Shared Costs: Incurred on behalf of all, or a number of

customers\services\locations. These costs are shared across a number of

customers and services and are allocated according to some driver such as

head count or percentage.

Unabsorbed or Overhead Costs: Are costs which cannot be directly

attributed to a customer\service\location. These costs are not attributable to a

customer or service. Examples of overhead costs are executive salaries,

general administrative activities, etc.

It is important to build a costing methodology which includes all three types of cost

since a service which is only cost based on direct costs will be ultimately under

recovered as depicted in the following Figure 7.1.

85

Figure 7.1 A model for Calculating the cost of IT Services

Source: Pink Elephant Report. (2005). Defining, Modeling & Costing IT Services,

http://www.pinkelephant.com/DocumentLibrary/UploadedContents/PinkLinkArticles/Defini

ng%20Modeling%20and%20Costing%20IT%20Services%20-%20Final.pdf, p. 9

A non-IT example of this principle would be the calculation of the total cost of a

glass of milk. If somebody was only to account for the cost of the care and feeding

of the cows his unit cost for the glass of milk might only cost 50 cents. However,

when it layers in or allocates a percentage of the farm insurance costs, the mortgage

and the lease payments on the farm equipment the total cost of his glass of milk may

come to $1.10. In essence everything needs to be paid for eventually. Therefore

while calculating the cost of on Premise application or service we need to consider

several factors either direct or indirect (Pink Elephant report, 2005).

The following Figure 7.2 illustrates how the principle of direct, indirect, and

overhead costs all come together to provide a complete picture of service based

costing.

http://www.pinkelephant.com/DocumentLibrary/UploadedContents/PinkLinkArticles/Defining%20Modeling%20and%20Costing%20IT%20Services%20-%20Final.pdf


86

Figure 7.2 IT Service Based Costing

Source: Pink Elephant Report. (2005). Defining, Modeling & Costing IT Services,

http://www.pinkelephant.com/DocumentLibrary/UploadedContents/PinkLinkArticles/Defini

ng%20Modeling%20and%20Costing%20IT%20Services%20-%20Final.pdf, p. 10

7.3.2 TCO Calculation Examples

In the following sections, there several TCO calculations for several SaaS solutions

as well as on premise solutions from many vendors and consulting companies. The

reason for providing many examples for TCO is that there is no perfect of calculation

TCO as parameters vary depending on the consultant’s background, perspective,

prejudices, understanding of cost items, and finally, knowledge of the tools.

Therefore, the results may differ from vendor to vendor, customer to customer, and

solution to solution.

7.3.3 TCO of SaaS vs. On Premise Using Simple Approach

The TCO advantage of SaaS is really around the ability to understand the differences

between leveraging a single traditional in-the-datacenter application, vs. leveraging a

similar or same application on-demand. Thus the math consists of understanding the



87

X-year costs of hardware, software, and operations, vs. the subscription-only cost of

SaaS.

The ROI of SaaS is really around the ability to understand the differences between

leveraging a single traditional in-the-datacenter application, vs. leveraging a similar

or same application on-demand. Thus the math consists of understanding the 3-year

costs of hardware, software, and operations, vs. the subscription-only cost of SaaS.

For example, let’s say business is looking at a new ERP system and wants to

compare traditional enterprise software vs. SaaS-based services. Considering a 3-

year horizon the numbers look a bit like this (Linthicum, 2011):

ERP Software: $1,000,000

Hardware: $300,000

Consulting/install: $500,000

Operations/yr: $600,000

Thus, the number over 3 years looks like this (leaving some of the small costs out for

now):

Year 1: $2,400,000

Year 2: $600,000

Year 3: $600,000

Or, let’s say $3,600,000 or $1,200,000 per year. Although most ERP installs are

famous for going over budget, let’s give this one the benefit of the doubt. Again,

we’re assuming a new install for both SaaS and the traditional model. Okay, now the

same scenario using SaaS:

ERP SaaS Subscription: $10,000/mo

88

Hardware: $0

Support (Internal): $10,000/mo

Operations/yr: $0

The numbers over three years look like this, again in our experience. Subscription

prices vary a lot, but in this model we are not sure that matters much when

considering the outcome.

Year 1: $240,000

Year 2: $240,000

Year 3: $300,000

We assume the cost of the subscription goes up in year 3, which we suspect will be

correct for most SaaS providers. Thus, we’re at $780,000 or $260,000 per year. So,

the TCO saving is really the monies saved by using SaaS over traditional software,

which is significant given the case study I painted above. However, there are many

other considerations, such as the amount of customization required, security and

compliance issues, performance, etc., and all need to be factored into the ROI

(Linthicum, 2011).

7.3.4 TCO Of SaaS vs. On Premise Using another Simple Approach

What does this mean in terms of the revenue model for vendors and how customers

should think about weighing the costs between traditional perpetual licenses and

SaaS-based license? Look at these numbers over a five-year period. It can be

complex to work out all the details, but here is a general rule: (Hurwitz, Bloor,

Kaufman, & Halper, 2009, p. 143)

Take the initial cost for the traditional software purchase.

89

Add an annual fee of 20 percent for maintenance and support.

Consider IT costs (including support services and hardware renewal, and so

on. (For example, does the data center have enough room for the new CRM

application? Will business need to add support staff or new management

software?)

If business buys a traditional software product, it will cost organization a one-time

fee of $100,000. Now business has to add an annual fee of 20 percent for

maintenance and support. If business looks at the costs over five years, for example,

it may determine the following: Software will cost $100,000; maintenance expenses

will add another $100,000 over five years, for a total five-year cost of $200,000.

Business has to consider all the related infrastructure costs. Many SMEs lack or

don’t want the data centers that their larger counterparts have. Larger companies that

can calculate the long-term impact of adding applications are also looking seriously

at the SaaS cloud model. If business goes the SaaS route, here’s what it is looking at:

It determines that to support 50 users, it will cost the business between $10 and $150

per user, per month. That figure includes support, general training, and data center

services. Even if business takes the high-end estimate of $150 per user, the cost of

using the CRM SaaS application for those 50 users for 5 years will run about

$37,500 — far less than the $200,000 cost of on-premise software, even when

business adds other costs (such as customization of business processes within the

application and personnel training) (Hurwitz, Bloor, Kaufman, & Halper, 2009,

p.144).

90

7.3.5 The SaaS vs. On Premise TCO Calculator

Total Cost of Ownership is a key metric for maintaining software solutions. This

simple calculator presents rough TCO calculations for both Software-as-a-Service

and on-premise application implementations. The purpose of this calculator is to let

business quickly compare the total cost of ownership (TCO) of a software-as-a-

service (SaaS) solution to the TCO of an on-premise solution. The values this

calculator provides are approximations, and can in no way obviate the need for a

careful cost/benefit analysis. But they can serve as a first step in determining whether

the potential delta between the two approaches is large enough to warrant further

investigation. Costs are divided into two categories: up front and ongoing. While

SaaS marketing materials sometimes imply that there are no significant up front

expenses for SaaS, this is usually not the case, and these initial costs should be taken

into account. The calculator presents two results: TCO, and annual costs, which is

the sum of the annual licensing/subscription fees, annual management costs, and the

total cost of start-up and upgrades amortized over the number of years in the

calculation (Stevens, 2008).

In the following example in Figure 7.3, a fictious SaaS solution vs. on premise

solution is compared based on some assumptions for 250 users. For on premise

solution, the capital and operational expenses are much higher than the SaaS

solution. For the on premise solution, there are many direct and indirect costs

incurred such as hardware, software, maintenance, operations, backup, archive,

storage, datacenter. In the SaaS solution there are subscription costs plus an initial

startup cost such as migration and training if it could be.

91

Figure 7.3 The SaaS vs. On Premise TCO Calculator Comparison Data

Source: Stevens, M. (2008). IT Business Edge The SaaS vs. On Premise TCO Calculator,

http://www.itbusinessedge.com/itdownloads/the-saas-vs-on-premise-tco-calculator/88738

Based on the calculations, the SaaS solution TCO is much less than the on premise

solution TCO as illustrated in the figure 7.4 below.

UPFRONT UPFRONT

Software Initial consulting 15.000

Consulting 20.000 Initial integration 30.000

Integration 15.000 Feature surcharge 5.000

Training 12.000 TOTAL 50.000

Hardware ONGOING ~ ANNUAL OPEX

Server (acquisition) 4.000 Cost per seat 85

Storage (acquisition) 2.500 Number of seats 250

Other 1.500 Total subscription fee 21.250

TOTAL 55.000 Storage surcharge 5.000

ONGOING ~ ANNUAL OPEX Management 30.000

Software TOTAL 56.250

License Fees 34.000

Maintenance & management. 60.000 UPGRADES

Operating Expenses Estimated fee per upgrade 12.000

Server/storage power, cooling, etc. 1.200 Upgrade frequency (months) 12

Server maintenance 500 Total no. of upgrades 1

Upgrades Consulting/deployment (each) 12.000

Annualized cost 12.000 TOTAL 24.000

TOTAL 107.700

Comparison Data

ON PREMISE SAAS


92

Figure 7.4 The SaaS vs. On Premise TCO Calculator Results

Source: Stevens, M. (2008). IT Business Edge The SaaS vs. On Premise TCO Calculator,


7.3.6 TCO Calculation Comparing SaaS With On Premise Solution

Enterprises are recognizing and gradually realizing value from moving computing

from their premises to the cloud. Companies that were the “producers” of their own

computing in-house capabilities are now becoming designers and strategists around

their vastly expanding computational requirements, as well as consumers of the

computing power and applications, from 3rd party producers, that help make their

companies competitive. The reasons are simple. First, in order to be relevant and

justify their cost, IT professionals need to be doing things that drive an

ON PREMISE vs.SAAS

On PremiseStart-Up Cost 55.000 Amortization 2

Annual Operating Expense 107.700

Annual Cost $135.200 TCO: $270.400

SaaS

Start-Up Cost 50.000 Amortization 2

Annual Subscription Fees 21.250

Managemenrt 30.000

Annual Cost $81.250 TCO: $162.500

On Premise 0,62

SaaS 0,38

in years

On Premise

SaaS

CO

ST


93

organization’s top line and bottom line, not just keeping the hardware and software

running. So if a cloud service provider can provide a business-ready alternative more

securely, more efficiently, and at a competitive price, then IT organizations should be

investigating those alternatives and redeploying IT staff to more business-critical

projects. Second, as the workforce continues to become more remote, more mobile,

and more reliant on multiple devices, the cloud is the right architecture to deliver

services to employees anywhere, anytime, on any device, to keep them productive

and enable them to collaborate. Today’s cloud services have the points of presence,

the scale, and the focus on mobile devices needed in today’s location-flexible world;

most on-premises solutions do not. For both reasons, IT organizations focused on

business growth should ask the question, “can we run this in the cloud” first, and

then look for reasons why a workload should remain on-premises (Lipsitz, 2011).

7.3.7 TCO for Office 365 vs. On Premise

Cloud computing heralds a new era of how IT solutions are designed. IT solutions in

the cloud no longer rely heavily on infrastructure back in a physical server room.

This infrastructure is now burdened off to the service provider. Every business will

now have the ability to roll out and modify applications faster, at a lower cost, with

less training, and less effort required to support these applications than traditional in-

house / on-premises applications. With the powerful support of applications such as

Office 365, businesses will focus more on the development of its products and

services rather than its system logistics. In the following Figure 7.5, there is a

comparison for the Total Cost of Ownership (TCO) of Office 365 vs. Office On-

Premise (OfficeOnlineIntheCloud, 2011).

On one hand, the 3 year and 5 year TCO for Office 365 SaaS solutions are 36,000$

and 60,000$ respectively, for 100 users. On the other hand, the 3 year and 5 year

94

TCO for on premise solutions are 666,052$ and 1,289,928$ respectively, for 100

users. TCO differences for Office 365 SaaS and on premise are dramatic.

Figure 7.5 TCO For 100 Users SME, Office 365 vs. On Premise

Source: OfficeOnlineIntheCloud TCO Tool. (2011). TCO Calculator,

http://officeonlineinthecloud.com/free-tools/

7.3.8 TCO for CRM On Demand vs. CRM On Premise

On one hand, the 3 year and 5 year TCO for Online CRM SaaS solutions are

202,500$ and 316,500$ respectively, for 30 users. On the other hand, the 3 year and

5 year TCO for on premise solutions are 289,000$ and 411,000$ respectively, for 30

users. This is shown in Figure 7.6 below. TCO differences for Online CRM SaaS and

On Premise are dramatic.

Base Information Legend

Users 100 Blue Text: Manual Entry

Black Text: Formula

Office 365 Solution Unit Cost Year 1 Year 2 Year 3 Year 4 Year 5 5 Year TCO 3 Year TCO

Office 2010|SUB-TOTAL 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

Exchange 2010|SUB-TOTAL 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

Lync 2010|SUB-TOTAL 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

SharePoint 2010|SUB-TOTAL 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

Office 365 Solution|Hardware -$ -$ -$ -$ -$ -$ -$

Office 365 Solution|Software/Services 12,000$ 12,000$ 12,000$ 12,000$ 12,000$ 60,000$ 36,000$

Office 365 Solution|Operations -$ -$ -$ -$ -$ -$ -$

Office 365 Solution|Deployment/Migration -$ -$ -$ -$ -$ -$ -$

Office 365 Solution|TOTAL 12,000$ 12,000$ 12,000$ 12,000$ 12,000$ 60,000$ 36,000$

On-Premise Solution Unit Cost Year 1 Year 2 Year 3 Year 4 Year 5 5 Year TCO 3 Year TCO

Office 2010|SUB-TOTAL 40,000$ -$ -$ 40,000$ -$ 80,000$ 40,000$

Exchange 2010|SUB-TOTAL 44,500$ 4,450$ 4,450$ 44,500$ 4,450$ 102,350$ 53,400$

Lync 2010|SUB-TOTAL 317,500$ 23,812$ 23,812$ 317,500$ 23,812$ 706,436$ 365,124$

SharePoint 2010|SUB-TOTAL 179,700$ 13,914$ 13,914$ 179,700$ 13,914$ 401,142$ 207,528$

On-Premise Solution|Hardware 127,100$ 12,710$ 12,710$ 127,100$ 12,710$ 292,330$ 152,520$

On-Premise Solution|Software/Services 454,600$ 29,466$ 29,466$ 454,600$ 29,466$ 997,598$ 513,532$

On-Premise Solution|Operations -$ -$ -$ -$ -$ -$ -$

On-Premise Solution|Deployment/Migration -$ -$ -$ -$ -$ -$ -$

On-Premise Solution|TOTAL 581,700$ 42,176$ 42,176$ 581,700$ 42,176$ 1,289,928$ 666,052$

TCO Calculator: Office 365


95

Figure 7.6 TCO For 100 Users SME, CRM On Demand vs. CRM On Premise

Source: OfficeOnlineIntheCloud TCO Tool. (2011). TCO Calculator,


7.3.9 TCO for On Premise and Office 365 online using Microsoft’s

tool

The following tool shown in Figure 7.7 is obtained from Microsoft to calculate TCO

for Office 365 vs. on premise. Thus, it reflects the vendors outlook for the

calculations. The following example shows the basic calculations for 250 users of

KOBI123. The package that’s used is Office E1 package which includes only online

versions of Office (Word,Excel, PowerPoint), E-Mail, Lync, and SharePoint.

Base Information Legend Assumptions

Users 30 Blue Text: Manual Entry License Price

Software Maintenance (% of License Cost) [On-Premise only] 15% Black Text: Formula On-Premise will upgrade/install every 24 months

Software Support (% of License Cost) [On-Premise only] 5% On-Demand will constantly be on the current cersion

SaaS Model (On-Demand) Unit Cost (Annual) Year 1 Year 2 Year 3 Year 4 Year 5 5 Year TCO 3 Year TCO

License Price per User 850$ 25,500$ 25,500$ 25,500$ 25,500$ 25,500$ 127,500$ 76,500$

License Software Maintenance/Support Plan -$ -$ -$ -$ -$ -$ -$ -$

Server License -$ -$ -$ -$ -$ -$

Database Design/Programming/Reports, etc… 50,000$ 50,000$ 5,000$ 5,000$ 5,000$ 5,000$ 70,000$ 60,000$

PC Hardware Costs 1,500$ 45,000$ -$ -$ 45,000$ -$ 90,000$ 45,000$

PC SW Installation/Upgrade -$ -$ -$ -$ -$ -$ -$ -$

Server Hardware Costs -$ -$ -$ -$ -$ -$ -$ -$

Server SW Installation/Upgrade -$ -$ -$ -$ -$ -$ -$ -$

Additional IT Administrator Staff/Support -$ -$ -$ -$ -$ -$ -$ -$

Network/Backup Costs -$ -$ -$ -$ -$ -$ -$ -$

Training 10,000$ 10,000$ 1,000$ 1,000$ 1,000$ 1,000$ 14,000$ 12,000$

Mobile Integration -$ -$ -$ -$ -$ -$ -$ -$

Service Support Plan 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

316,500$ 202,500$

License Model (On-Premise) Unit Cost (Annual) Year 1 Year 2 Year 3 Year 4 Year 5 5 Year TCO 3 Year TCO

License Price per User 500$ 15,000$ -$ -$ -$ -$ 15,000$ 15,000$

License Software Maintenance/Support Plan 100$ 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

Server License -$ -$ -$ -$ -$ -$

Database Design/Programming/Reports, etc… 50,000$ 50,000$ 5,000$ 5,000$ 5,000$ 5,000$ 70,000$ 60,000$

PC Hardware Costs 1,500$ 45,000$ -$ 45,000$ -$ 45,000$ 135,000$ 90,000$

PC SW Installation/Upgrade 500$ 15,000$ -$ 15,000$ -$ 15,000$ 45,000$ 30,000$

Server Hardware Costs 7,000$ 7,000$ -$ 7,000$ -$ 7,000$ 21,000$ 14,000$

Server SW Installation/Upgrade 2,000$ 2,000$ -$ 2,000$ -$ 2,000$ 6,000$ 4,000$

Additional IT Administrator Staff/Support 12,000$ 12,000$ 12,000$ 12,000$ 12,000$ 12,000$ 60,000$ 36,000$

Network/Backup Costs 5,000$ 5,000$ 2,500$ 2,500$ 2,500$ 2,500$ 15,000$ 10,000$

Training 10,000$ 10,000$ 1,000$ 1,000$ 1,000$ 1,000$ 14,000$ 12,000$

Mobile Integration -$ -$ -$ -$ -$ -$ -$ -$

Service Support Plan 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 3,000$ 15,000$ 9,000$

411,000$ 289,000$

TCO Calculator: Comparison of CRM Solutions


96

Figure 7.7 Microsoft Office 365 TCO Tool, Initial Page

Source: www.office365.com web site of Microsoft. (2011).

Based on these calculations, there are some questions related to companies’ ongoing

ICT costs to collect more information from the company regarding on premise

solution costs. It also asks questions related what the currently has installed on

premise to calculate upgrade costs to the new versions of the software. This is shown

in Figure 7.8 below.

http://www.office365.com/

97

Figure 7.8 Microsoft Office 365 TCO Tool, Inputs Page


In the result sections it is shown 6 year TCO breakdown for on premise and Office

365 solutions including hardware, Microsoft software, 3rd

party non-Microsoft

software, Operations, and Deployment costs. For 250 users, for 6 years, average

TCO per year for on premise solution is 184,228$ whereas average TCO per year for

Office 365 is 107,319$ as shown in Figure 7.9.


98

Figure 7.9 Microsoft Office 365 Tool, Results Page


In the following Figure 7.10, breakdown for each year for all cost items both for on

premise and Office 365 are compared. The most highlighted difference is TCO per

user per month for on premise is 61.41$ whereas TCO per user per month for Office

365 is 35.77$ which means the SME will save more than %42 percent in terms of

cost if it uses Office 365 instead of using it on premise.


99

Figure 7.10 Microsoft Office 365 Tool, Cost Comparison Page For Office 365 vs.

On Premise Software


7.4 Return On Investment (ROI)

It is imperative to objectively evaluate the financial impact on business when

considering the adoption or avoidance of SaaS. How? Companies can systematically

consider: (Herbert & Erickson, 2009).

Benefits: How will the company benefit from SaaS?

Costs: How will the company pay, both in hard costs and resources, for SaaS?


100

Risks: How do uncertainties change the total impact of SaaS on the business?

7.4.1 ROI Comparisons for Different SaaS Applications Using

Complex Approaches

To arrive at a quantitative assessment of the economic implications of SaaS

applications, Forrester Research evaluated the key drivers of benefits, costs, and risks

for an organization considering SaaS. Beyond considerations common to most types

of SaaS, firms must consider application-specific issues as well. For example, some

types of applications (e.g., employee-facing applications and CRM) have a high end

user population, so usability is a big factor that can significantly affect training time

and cost and user adoption of the solution - all of which heavily tie into ROI. See

Figures below for HR and CRM ROI as SaaS. In contrast, IT applications are likely

to have small end user populations and therefore are less likely to benefit from user

adoption and training cost reduction in a significant way (see the figure below).

Many of the firms that Forrester interviewed talked about the significant effect that

user adoption has on the usefulness of analytics and reporting on data contained in

solutions and therefore the ability to drive useful business decisions from solution

information. Other key considerations include breadth of application footprint, which

will determine hardware and IT staff that can be retired or redeployed (costs saved);

and some SaaS solutions will have heavier requirements in areas like storage (e.g.,

content management solutions), integration (e.g., order management), or mobile

(e.g., sales automation), which can have a significant impact on costs incurred. In

terms of upgrades, some categories of SaaS will benefit significantly from

feature/function enhancements that happen frequently, whereas other types of

applications are in areas where firms might be less inclined to care about new

functionality (e.g., accounting packages) (Herbert & Erickson, 2009).

101

The following calculations illustrate PV, NPV, and ROI calculation for 5 years for

SaaS CRM online solution. Payback is 12 to 24 months. ROI is %20 as shown in

Figure 7.11.

Figure 7.11 Model: Total Economic Impact Analysis Summary - SaaS CRM

Source: Herbert, L., & Erickson, J. (2009). Forrester Research Incorporation the ROI of

Software-As-A-Service, p. 7

The following calculations in Figure 7.12 illustrate PV, NPV, and ROI calculation

for 5 years for SaaS HR online solution. Payback is 12 to 24 months. ROI is %26.

Figure 7.12 Model: Total Economic Impact Analysis Summary - SaaS HR



102

The following calculations in Figure 7.13 illustrate PV, NPV, and ROI calculation

for 5 years for SaaS IT Management online solution. Payback is more than 2 years.

ROI is %2.

Figure 7.13 Model: Total Economic Impact Analysis Summary - Saas IT

Management



7.4.2 Forrester Research’s Total Economic Impact Model Analysis

for Office 365

Forrester’s one-on-one interviews with 10 Office 365 beta customers and subsequent

financial analysis found that a composite organization based on these customer

companies we interviewed can expect to experience the risk-adjusted ROI, costs, and

benefits shown in the figure below. The following Figure 7.14 illustrates the risk-

adjusted financial results the composite organization can expect to achieve. The risk-

adjusted values take into account any potential uncertainty or variance that exists in

estimating the costs and benefits, which produces more conservative estimates

(Lipsitz, 2011).

103

Figure 7.14 Composite Organization Three-Year Risk-Adjusted Roi

Source: Lipsitz, J. (2011). The Total Economic Impact of Microsoft Office 365,

http://g.microsoftonline.com/0BXPS00EN/1106

The time to deploy the solution and the payback period, measured from the go live

date, were both substantially shorter than had the comparable solution been built on

premises. The following factors may affect the financial results that an organization

may experience:

Number of users: Office 365 subscription costs are calculated on a per-user

basis. Additionally, a greater number of users may require more data to be

migrated, which would lengthen the implementation period and cost. Conversely,

the larger the user base, the larger the benefits that should be realized. For

productivity related benefits, larger organizations should see significantly larger

gains that would increase the ROI and NPV.

Existing license structure: The total license and subscription costs can vary

based on existing license levels, having an EA and/or Software Assurance in

place, and when the previous version (if applicable) was implemented. The

composite organization had a Professional Desktop EA in place. Because

determining these costs can be very complicated, the reader is strongly

encouraged to work with Microsoft or their channel partner to understand any

new license/subscription costs as well as previous license costs that may be

eliminated.


104

Office 365 solution components used: An organization may decide not to

implement all of the Office 365 solution components – Exchange Online with

Forefront Online Protection for Exchange, Office Professional Plus, Lync Online,

and SharePoint Online. This will reduce the monthly subscription cost, but can

also result in some of the benefit categories discussed in the study not being

realized. The reader should take into consideration which, if any, benefits would

not be realized if the entire suite is not being implemented.

The benefits and costs of Office 365 are documented below according to Forrester

Research’s report.

The composite organization experienced the following benefits (the first ten are

included in the ROI analysis) that represent benefits experienced by the interviewed

companies:

Eliminated hardware

Eliminated third party software

Web conferencing savings

Teleconferencing savings

Enterprise Agreement (EA) licenses substituted with Office 365 subscription

Avoided on premises implementation labor

Reduced IT support effort

Reduced travel costs and corresponding CO2 emissions

Knowledge worker productivity gain

Mobile worker incremental productivity gain

Improved/latest functionality and ease of upgrade (non-quantified)

Better user experience (non-quantified)

105

Improved IT security (non-quantified)

Improved archiving and compliance (non-quantified)

Improved availability and disaster recovery (non-quantified)

Enabled mixed on premises/cloud hybrid solutions (non-quantified)

The composite organization experienced the following costs:

Initial planning and pilot labor

Implementation/migration labor

Hardware

Microsoft subscription and licenses

Training

Ongoing administration

Additional bandwidth

Office 365 delivered a 315% return on investment with a four month payback period

for the composite enterprise organization. Office 365 has a lower TCO, and greatly

reduces implementation times compared to a similar on premises solution. Forrester

created a composite organization that reflects the characteristics of the ten

interviewed customers. The financial results are for the enterprise composite

organization as show in the following Figure 7.15.

106

Figure 7.15 Composite Organization Three-Year Risk-Adjusted Cumulative

Cash Flow

Source: Lipsitz, J. (2011). The Total Economic Impact of Microsoft Office 365,



107

8 DISCUSSIONS

There are some areas that are relative to the analyst perceptions which we discovered

during this study. These discussion points are:

Cost and Benefits: These calculations are parameter based. So each person

who makes calculations may or may not include some parameters for

objective numbers.

Security: It is relative to person who makes subjective judgments whether to

keeping data local is safer than putting it on the cloud.

Cloud Standards: SaaS vendors currently do not have any established

industry standard. There is some ongoing work in this area but SaaS vendors

have not yet agreed upon any public standards. There is also no established

standard for backup, restore, data export, and migration for SaaS solutions.

We expect some standards to emerge in the near future.

Laws, Regulations, and Compliance: Some countries require data to be

stored locally somewhere in that country’s premise. Some SaaS vendors have

certain datacenters in the world where they cannot cover all. It is not evident

yet how SaaS vendors will satisfy those government regulations if they have

been asked to.

SaaS software quality and features: Some SaaS applications are not as

strong as on-premise applications despite SaaS vendors claim that they are.

Hardware, Software, Service spending ratios: Turkish ICT services market

is currently developing and ratio of Service spending in the whole ICT costs

is relatively low. It is not obvious how these spending ratios will shape in the

future. Since SaaS subscriptions are part of service spending, it can be

guessed that Service spending ratio will increase comparably.

108

Facebook and SaaS solutions: SMEs can establish their business presence

and corporate portals in Facebook. SaaS vendors are also allowing FaceBook

to become a corporate hub for business application, corporate collaboration

environment, and even for customer relationship management. In Turkey,

Facebook usage is extremely high. Therefore, FaceBook using SMEs may

jump to the SaaS band wagon faster than others. This may be an advantage of

course. There are also some SaaS applications directly integrated into

FaceBook such as Zoho.

109

9 CONCLUSION

While it’s easy to declare that for small businesses without their own IT resources

there is no better option than SaaS, it is obvious that there are many tradeoffs and

there is no clear “winner” for large organizations indeed among SaaS vs. on premise

solution. Analysts debate the SaaS vs. On-premise war often forget that software

exist to resolve business problems. It’s the complexity of these business processes,

the need for customization, the number of user seats etc. that matters, and as we

move up on this scale, increasingly “traditional” Enterprise Software is the answer.

Eventually SaaS will possibly grow up to satisfy those requirements, but it will take

several years.

Basically, SMEs need solutions that enable them to meet their business goals, and

also help them to increase capital expenses for more profitable areas and reduce

operational expenses related to ICT. However, different SMEs need different

solutions; therefore one size does not fit all. For many SMEs, cloud computing

business solutions can help them to achieve low project startup requirements, and

provide added flexibility to scale as business demands require. SaaS vendors help

SMEs by packaging all of the application software, IT infrastructure and services

together in a Web-based, multi-tenant subscription model. SaaS vendors have the

ability to contain variable costs much more effectively than packaged software

vendors-and pass these savings along to SMEs. Additionally, SMEs won’t remain

small forever and SaaS can help prepare these businesses for serious competition, by

deploying world-class, high-quality software to run their processes without the hassle

of licensing, maintenance, and cost.

110

In this study, it is deduced that from the TCO, ROI, and operational qualitative

perspectives, it is wise for SMEs to move to the SaaS cloud computing after carefully

considering the right applications from the rights vendors. However, the checklists

and rating scorecards we provide shall be used during SaaS vendor selection and

evaluation of solutions. Objective evaluation is the key to reap the maximum benefits

from SaaS vendors in the long run.

As a result, it can be deduced that moving to efficient, effective, and proven SaaS

solutions from on premise IT can be extremely beneficial for SMEs in terms of cost,

security, agility, robustness, availability, and reliability. Definitely, SaaS is not a

remedy for all ICT pains of SMEs, therefore companies need to evaluate and

understand the trade-offs that SaaS presents.

111

10 REFERENCES

AppLabs Report, (2009). Testing the cloud,

http://www.qaguild.com/upload/app_whitepaper_testing_the_cloud_1v00.pdf , p. 3

Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee,




Banerjee, U., (2011). The Evolution of Cloud Computing,

https://cloudcomputing.sys-con.com/node/1744132

Chou, Y., (2011). Chou’s Theories of Cloud Computing: The 5-3-2 Principle,

http://blogs.technet.com/b/yungchou/archive/2011/03/03/chou-s-theories-of-cloud-

computing-the-5-3-2-principle.aspx

Chou, Y., (2010). Cloud Computing Primer for IT Pros,

http://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-

for-it-pros.aspx

Hamad, S., & Erickson, J. (2011). Forrester Research Cloud Computing Market

Dynamics in Turkey Presentation

Herbert, L., & Erickson, J. (2009). Forrester Research Incorporation The ROI Of

Software-As-A-Service, p. 3, p. 7, p. 8

Hurwitz, J., Bloor, R, Kaufman, M., & Halper, F. (2009). Cloud Computing for

Dummies, For Dummies Publisher, Indiana: Wiley Publishing

Ivan, I. (2011). Small business owners lack cloud computing knowledge,

http://www.cloudbusinessreview.com/2011/06/04/small-business-owners-lack-cloud-

computing-knowledge.html

Jansen, W., Grance, T. (2011). Guidelines on Security and Privacy in Public Cloud

Computing, http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-

144_cloud-computing.pdf

Kutlu, B., & Ozturan, M. (2008). The Usage and Adoption of IT among SMEs in

Turkey: An Exploratory and Longitudinal Study, http://jitm.ubalt.edu/XIX-

1/article2.pdf

Laudon, K.,& Laudon, J. (2011). MIS Managing the Digital Firm 12th Edition, New

Jersey: Pearson Prentice Hall

Lipsitz, J. (2011). The Total Economic Impact of Microsoft Office 365,


Linthicum, D., (2011), The Clear ROI of SaaS, FORBES,

http://www.forbes.com/sites/microsoft/2011/03/21/the-clear-roi-of-saas/

Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L., & Leaf, D. (2011). NIST



Mell, P. & Grance, T. (2011). The NIST Definition of Cloud Computing,

http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

http://www.qaguild.com/upload/app_whitepaper_testing_the_cloud_1v00.pdf


https://cloudcomputing.sys-con.com/node/1744132

http://blogs.technet.com/b/yungchou/archive/2011/03/03/chou-s-theories-of-cloud-computing-the-5-3-2-principle.aspx

http://blogs.technet.com/b/yungchou/archive/2011/03/03/chou-s-theories-of-cloud-computing-the-5-3-2-principle.aspx



http://www.cloudbusinessreview.com/2011/06/04/small-business-owners-lack-cloud-computing-knowledge.html

http://www.cloudbusinessreview.com/2011/06/04/small-business-owners-lack-cloud-computing-knowledge.html



http://jitm.ubalt.edu/XIX-1/article2.pdf

http://jitm.ubalt.edu/XIX-1/article2.pdf


http://www.forbes.com/sites/microsoft/2011/03/21/the-clear-roi-of-saas/


http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

112

OECD Report. (2004). Small and Medium Sized Enterprises Issue and Policies,

http://www.oecd.org/dataoecd/5/11/31932173.pdf

OfficeOnlineIntheCloud TCO Tool. (2011). TCO Calculator,


Orminski, F. (2008). Does Software as a Service (SaaS) displace standard software?,

http://www.iwi.uni-

hannover.de/upload/lv/sosem08/seminar/www/orminski/HTML%20Homepage/index

.html

Pink Elephant Report. (2005). Defining, Modeling & Costing IT Services,

http://www.pinkelephant.com/DocumentLibrary/UploadedContents/PinkLinkArticle

s/Defining%20Modeling%20and%20Costing%20IT%20Services%20-%20Final.pdf

Pushp, S. (2011). A Perspective On Cloud Computing Standards,

http://www.globalservicesmedia.com/Strategies-and-Best-Practices/Emerging-

Models/A-Perspective-On-Cloud-Computing-Standards/24/32/0/GS11060239678

Ried, S. (2008). Forrester's SaaS Maturity Model,

http://www.forrester.com/rb/Research/forresters_saas_maturity_model/q/id/46817/t/

2

Saugatuck Technology Report. (2010). Software-as-a-Service Managing Key


Services/~/media/Category/CRM/SalesLogix/Assets/Collateral/SaaS_Concerns_and

_Considerations_072610_Sage.pdf

Seker, M. & Correa, P. (2010). Obstacles to Growth for Small and Medium

Enterprises in Turkey, http://www-

wds.worldbank.org/external/default/WDSContentServer/IW3P/IB/2010/05/27/00015

8349_20100527130349/Rendered/PDF/WPS5323.pdf

Skilton, M. (2010). Building Return on Investment from Cloud Computing,

http://www.opengroup.org/cloud/whitepapers/ccroi/index.htm

Stevens, M. (2009). IT Business Edge SaaS Checklist,

http://www.itbusinessedge.com/itdownloads/software-as-a-service-saas-

checklist/88731

Stevens, M. (2008). IT Business Edge The SaaS vs. On Premise TCO Calculator,

http://www.itbusinessedge.com/itdownloads/the-saas-vs-on-premise-tco-

calculator/88738

TUBISAD Report. (2010). Turkey's small and medium sized enterprises lag in IT,

http://www.tubisad.org.tr/Eng/News/Pages/enterpriseslaginIT.aspx

Turan, A. H., & Urkmez, T. (2010). Information Technology Satisfaction of Small

and Medium Sized Enterprises in Turkey,

http://www.eurojournals.com/ibba_9_04.pdf

http://www.oecd.org/dataoecd/5/11/31932173.pdf







http://www.globalservicesmedia.com/Strategies-and-Best-Practices/Emerging-Models/A-Perspective-On-Cloud-Computing-Standards/24/32/0/GS11060239678

http://www.globalservicesmedia.com/Strategies-and-Best-Practices/Emerging-Models/A-Perspective-On-Cloud-Computing-Standards/24/32/0/GS11060239678






http://www-wds.worldbank.org/external/default/WDSContentServer/IW3P/IB/2010/05/27/000158349_20100527130349/Rendered/PDF/WPS5323.pdf



http://www.opengroup.org/cloud/whitepapers/ccroi/index.htm

http://www.itbusinessedge.com/itdownloads/software-as-a-service-saas-checklist/88731

http://www.itbusinessedge.com/itdownloads/software-as-a-service-saas-checklist/88731



http://www.tubisad.org.tr/Eng/News/Pages/enterpriseslaginIT.aspx

http://www.eurojournals.com/ibba_9_04.pdf

113

CURRICULUM VITAE

S. Bülent Özkır

Work Experience:

Current: Principal Service Delivery Manager at Microsoft Turkey

Principal Presales Consultant - Regional Team Lead at CA

Senior Technical Account Manager at Microsoft Turkey

Senior Infrastructure Consultant at Microsoft Saudi Arabia

Project Manager at T-Systems Turkey

Lieutenant Consultant at Turkish Army Military Land Forces

Support Engineer at Microsoft Turkey

Application Development Manager at Vestel

Systems Engineer at Intertech

Specialties:

Microsoft Back Office Server Software

Microsoft Office suite and client Operating Systems

Project Management

IT Service Management

Contract Management

Problem Management

Active Certifications:

ITIL v3 Expert

Project Management Professional

Prince2 Practitioner

Microsoft Operations Framework Foundation

Education:

Maltepe Üniversitesi E-MBA English

İstanbul Üniversitesi Computer Science & Engineering

Gaziantep Anadolu Lisesi

Further information about the author can be obtained via LinkedIn web site5.

5 http://www.linkedin.com/profile/view?id=5656188

http://www.linkedin.com/profile/view?id=5656188