One big consideration is that the system is operated

This preview shows page 1 - 3 out of 8 pages.

One big consideration is that the system is operated at the vendor's location. It is much more likely that a vendor supporting multiple customers can achieve a higher level of security for the system than an individual organization. The vendor has the combined resources to hire and retain
security experts to manage the system, the hardware, the network, and the facility. Many SaaS vendors have implemented a distributed system so that hardware, software, and databases are housed at multiple locations; many vendors provide "hot backup" meaning that the database is replicated elsewhere so that if one database or system is unavailable, there is an automatic switch to the replicated database. SaaS vendors also can afford to offer quick recovery at a much lower cost than is available to an individual organization. They are also much more likely to have physical security measures in place to protect the data center, including fire suppression, surveillance, access security, and guards. Since SaaS solutions depend on use of the internet to connect users to the application or system, the following should also be considered: the availability and speed of the internet connection; protection of proprietary or personal information transmitted via the internet; and location of the system. Some government systems are required to be hosted within the United States, and not overseas. Identifying COTS/SaaS Solutions Over the past decades, COTS and SaaS solutions have proven to be viable models for acquiring software. SaaS is now a mature model that can be relied upon if a vendor is selected based on a deliberate evaluation and selection process. There are many sources for locating a vendor, including technical journals, industry survey, vendor advertisements, advisory or consultancy services, and even internet searches. An organization would be wise to identify a few solutions that appear to meet their needs and then conduct a detailed evaluation of each one. It is important to identify solutions that align with achieving the business strategy, improve the process(es), and meet the requirements. Evaluating COTS/SaaS Solutions In evaluating a COTS or SaaS solution, four major factors are involved: user requirements, system performance requirements (system quality and security requirements), the vendor, and cost. The method for evaluating each of these is discussed below. Most SaaS vendors provide access to a "free" trial version of their system. During the product evaluation period, the trial version can be used to determine the basic functionality and performance of the system. This version of the software is used for marketing purposes and may not exactly represent how the software would function in a specific situation. Some vendors may offer to provide access to a more robust version of their system in order to allow further testing and evaluation. An organization should try out the software for itself and not rely on vendor demonstrations, which can be set up to appear to provide functionality and ease of use that is actually not part of the system.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture