Software as a service (SaaS)-based applications allow firms of all sizes to access sophisticated platforms once relegated to large enterprises, at a fraction of the cost and none of the associated IT overhead. However, cloud adopters may not fully understand the delivery and deployment options available—specifically, that SaaS platforms may be deployed as either a vendor-hosted solution or an application hosted in the organization’s own cloud and/or data center. In this article, we’ll explore both vendor-hosted and self-hosted enterprise risk management systems, and explore the benefits and conditions for selecting the latter option.
Cloud Service Models
Cloud computing services are typically offered via one of three service/consumption models: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The first two options, IaaS and PaaS, provide the most control and creative latitude over deployed cloud resources, as customers have full rein over their servers and cloud environments; subsequently, IaaS and PaaS are ideal for developers and software professionals looking to build highly custom apps and manage their own cloud-based infrastructure.
On the other hand, SaaS solutions typically come in the form of specialized cloud/web applications that require little or no server and software maintenance on the user’s part; backend administration, security, and other management duties are left to the third-party vendor. The SaaS model is ideal for attaining business value and ROI from cloud computing in the shortest amount of time and least amount of friction.
SaaS is ideal for smaller organizations looking to free themselves from the burden of dedicating IT staff/resources for management and administration, among others. SaaS effectively levels the playing field in terms of equal access to enterprise software—specifically, by allowing price-conscious firms to leverage world-class enterprise risk management platforms on a subscription basis, without the need for their own IT staff and infrastructure. SaaS is the most commonly used option by organizations looking to balance scalability and cost-effectiveness, without having to manage their own infrastructure and environments.
Misconceptions Regarding SaaS Applications
A common, widespread misconception regarding SaaS is that it is a specific cloud computing technology, rather than an IT service delivery model that enables firms to achieve unprecedented economies of scale. The SaaS delivery model can accommodate both client-hosted and vendor-hosted configurations; these configuration alternatives become critical for organizations with specific/stringent hosting and data custodianship requirements. Enterprise risk management software vendors should provide claims organizations the option of selecting the SaaS model that best suits their particular business model, operating environment, and user base profile.
For example, firms looking to achieve maximum business value in the shortest amount of time, at the lowest cost and level of IT overhead, may look to a fully-hosted solution to fulfill their needs. Of course, this also means they are heavily reliant on the vendor for the functionality, security, and long-term operations of the solution.
In contrast, a self-hosted enterprise risk management system completely resides in the customer’s IT environment, affording them complete access to files, data, programs, and servers required by the solution. And despite being client-hosted, the solution should support the same ubiquitous access across browsers and devices that a vendor-managed solution would be capable of providing. At the end of the day, the appropriate SaaS hosting configuration varies depending on the requirements and capabilities of the customer, but a competent cloud solution should nonetheless offer both vendor and self-hosted options for maximum flexibility.
The Role & Benefits of Self-Hosted Solutions
Today’s SaaS offerings are mostly business productivity and specialized applications designed for delivery over the internet as a service, with the vendor taking on full hosting responsibilities.
Despite this prevalence of vendor-hosted SaaS offerings, claim organizations in particular often have compelling reasons for wanting to self-host their applications. For example, stringent local and regional data privacy and compliance regulations may require the organization to take full control and ownership of the application—a requirement most easily satisfied through self-hosting.
The following are some of the key benefits of self-hosting an enterprise risk management system.
Full Control of Data & IT Assets
With self-hosting, claims organizations retain complete management control within the hosted environment. This capability is critical for firms operating under strict data localization mandates—in fact, according to McKinsey, 75 percent of all countries have instituted some level of data localization regulation with stringent controls around a firm’s IT footprint, data governance measures, and data architectures. Organizations self-hosting their applications can more easily attain and validate compliance, and when more functionality is required, the solution in question should be capable of interfacing with internal systems and others for additional plug-ins, tools, or analytics capabilities.
No Hosting Fees and Additional Third-Party Costs
The cost of ongoing, external hosting is zero in the absence of a third-party hosting vendor. However, because the underlying servers and IT infrastructure supporting the application belong to the customer, the client organization is also on the hook for hardware maintenance and upgrades. Suffice to say, firms with the required resources and IT staff for managing on-premises IT may regard this as an added benefit.
Private Security and Data Protection
As mentioned previously, many organizations have specific requirements in regards to the treatment of sensitive data. Compliance requirements aside, other firms are mandated by investors or other stakeholders to manage their sensitive data behind their own corporate firewall. In these cases, self-hosted applications may be the only option.
Bespoke Testing and Updates
When it comes to applying the latest updates, bug fixes, and launching new features in a vendor-hosted cloud application, customers are at the whim of the cloud service provider. Many organizations prefer to implement patches and new features in their own client-controlled environment where changes can be tested before pushing into production; with a self-hosted application, they are fully empowered to ensure that all updates, fixes, and new features are properly vetted before reaching the end user.
Regardless of which set of benefits is most relevant to the customer, vendors sensitive to shifting customer requirements should offer the flexibility of self-hosting, hosting through the vendor, or even through an external third party.
Conclusion
In short, organizations looking to take advantage of SaaS scaling and ubiquitous accessibility without relinquishing control or data storage can leverage self-hosted options for more control. This also leaves server management, administration, and security in the hands of the customers; nevertheless, customers should have this option available to them, if needed.
Cloud adopters should understand the two options of SaaS available to them, self-hosted and vendor-hosted, and select accordingly based on their organization’s unique requirements and environments. Visit the Ventiv Technology website to learn more about how a SaaS-based enterprise risk management system can be tailored to the claim organizations’ needs.
