SaaS, PaaS and IaaS in Cloud Computing
Software as a service (SaaS) is a cloud computing offering that provides users with access to a vendor’s cloud-based software. Users do not install applications on their local devices. Instead, the applications reside on a remote cloud network accessed through the web or an API. Through the application, users can store and analyze data and collaborate on projects.
Some of the Key features of Software – as – a – Service:
• SaaS vendors provide users with software and applications via a subscription model.
• Users do not have to manage, install or upgrade software; SaaS providers manage this.
• Data is secure in the cloud; equipment failure does not result in loss of data.
• Use of resources can be scaled depending on service needs.
• Applications are accessible from almost any internet-connected device, from virtually anywhere in the world.
Some Limitations of SaaS
• Interoperability. Integration with existing apps and services can be a major concern if the SaaS app is not designed to follow open standards for integration. In this case, organizations may need to design their own integration systems or reduce dependencies with SaaS services, which may not always be possible.
• Vendor lock-in. Vendors may make it easy to join a service and difficult to get out of it. For instance, the data may not be portable–technically or cost-effectively–across SaaS apps from other vendors without incurring significant cost or inhouse engineering rework. Not every vendor follows standard APIs, protocols, and tools, yet the features could be necessary for certain business tasks.
• Lack of integration support. Many organizations require deep integrations with on- premise apps, data, and services. The SaaS vendor may offer limited support in this regard, forcing organizations to invest internal resources in designing and managing integrations. The complexity of integrations can further limit how the SaaS app or other dependent services can be used.
• Data security. Large volumes of data may have to be exchanged to the backend data centres of SaaS apps in order to perform the necessary software functionality. Transferring sensitive business information to public-cloud based SaaS service may result in compromised security and compliance in addition to significant cost for migrating large data workloads.
• Customization. SaaS apps offer minimal customization capabilities. Since a one-size- fits-all solution does not exist, users may be limited to specific functionality, performance, and integrations as offered by the vendor. In contrast, on-premise solutions that come with several software development kits (SDKs) offer a high degree of customization options.
• Lack of control. SaaS solutions involves handing control over to the third-party service provider. These controls are not limited to the software–in terms of the version, updates, or appearance–but also the data and governance. Customers may therefore need to redefine their data security and governance models to fit the features and functionality of the SaaS service.
• Feature limitations. Since SaaS apps often come in a standardized form, the choice of features may be a compromising tradeoff against security, cost, performance, or other organizational policies. Furthermore, vendor lock-in, cost, or security concerns may mean it’s not viable to switch vendors or services to serve new feature requirements in the future.
• Performance and downtime. Because the vendor controls and manages the SaaS service, your customers now depend on vendors to maintain the service’s security and performance. Planned and unplanned maintenance, cyber-attacks, or network issues may impact the performance of the SaaS app despite adequate service level agreement (SLA) protections in place.
Examples of SaaS These are several popular examples of SaaS, including: Google GSuite (Apps), Dropbox, Salesforce, Cisco WebEx, SAP Concur, and GoToMeeting.
Platform as a service (PaaS) is a cloud computing offering that provides users with a cloud environment in which they can develop, manage and deliver applications. In addition to storage and other computing resources, users are able to use a suite of prebuilt tools to develop, customize and test their own applications.
Some of the Key features of Platform – as – a – Service:
• PaaS provides a platform with tools to test, develop and host applications in the same environment.
• Enables organizations to focus on development without having to worry about underlying infrastructure.
• Providers manage security, operating systems, server software and backups.
• Facilitates collaborative work even if teams work remotely.
Some Limitations of PaaS :
• Data security. Organizations can run their own apps and services using PaaS solutions, but the data residing in third-party, vendor-controlled cloud servers poses security risks and concerns. Your security options may be limited as customers may not be able to deploy services with specific hosting policies.
• Integrations. The complexity of connecting the data stored within an onsite data center or off-premise cloud is increased, which may affect which apps and services can be adopted with the PaaS offering. Particularly when not every component of a legacy IT system is built for the cloud, integration with existing services and infrastructure may be a challenge.
• Vendor lock-in. Business and technical requirements that drive decisions for a specific PaaS solution may not apply in the future. If the vendor has not provisioned convenient migration policies, switching to alternative PaaS options may not be possible without affecting the business.
• Customization of legacy systems. PaaS may not be a plug-and-play solution for existing legacy apps and services. Instead, several customizations and configuration changes may be necessary for legacy systems to work with the PaaS service. The resulting customization can result in a complex IT system that may limit the value of the PaaS investment altogether.
• Runtime issues. In addition to limitations associated with specific apps and services, PaaS solutions may not be optimized for the language and frameworks of your choice. Specific framework versions may not be available or perform optimally with the PaaS service. Customers may not be able to develop custom dependencies with the platform.
• Operational limitation. Customized cloud operations with management automation workflows may not apply to PaaS solutions, as the platform tends to limit operational capabilities for end users. Although this is intended to reduce the operational burden on end users, the loss of operational control may affect how PaaS solutions are managed, provisioned, and operated.
Examples of PaaS Popular examples of PaaS include AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App Engine, and OpenShift.
Infrastructure as a service (IaaS) is a cloud computing offering in which a vendor provides users access to computing resources such as servers, storage and networking. Organizations use their own platforms and applications within a service provider’s infrastructure.
Some of the Key features of Infrastructure – as – a – Service:
• Instead of purchasing hardware outright, users pay for IaaS on demand.
• Infrastructure is scalable depending on processing and storage needs.
• Saves enterprises the costs of buying and maintaining their own hardware.
• Because data is on the cloud, there can be no single point of failure.
• Enables the virtualization of administrative tasks, freeing up time for other work.
Some Limitations of IaaS
• Security. While the customer is in control of the apps, data, middleware, and the OS platform, security threats can still be sourced from the host or other virtual machines (VMs). Insider threat or system vulnerabilities may expose data communication between the host infrastructure and VMs to unauthorized entities.
• Legacy systems operating in the cloud. While customers can run legacy apps in the cloud, the infrastructure may not be designed to deliver specific controls to secure
the legacy apps. Minor enhancement to legacy apps may be required before migrating them to the cloud, possibly leading to new security issues unless adequately tested for security and performance in the IaaS systems.
• Internal resources and training. Additional resources and training may be required for the workforce to learn how to effectively manage the infrastructure. Customers will be responsible for data security, backup, and business continuity. Due to inadequate control into the infrastructure however, monitoring and management of the resources may be difficult without adequate training and resources available inhouse.
• Multi-tenant security. Since the hardware resources are dynamically allocated across users as made available, the vendor is required to ensure that other customers cannot access data deposited to storage assets by previous customers. Similarly, customers must rely on the vendor to ensure that VMs are adequately isolated within the multitenant cloud architecture. Examples of IaaS Popular examples of IaaS include DigitalOcean, Linode, Rackspace, Amazon Web Services (AWS), Cisco Metacloud, Microsoft Azure, and Google Compute Engine (GCE).