We frequently encounter the SaaS-versus-On-Premises question when dealing with prospective customers, and the ultimate selection is fairly evenly split when it comes to deployment. For those clients operating in highly-regulated industries, or where the data is exceptionally sensitive, the choice veers strongly towards going with the On-Premises offering.
Even so, we’re seeing an increase in the number of these clients who are seriously considering Cloud-based BPM offerings, even where the application and data will be business-critical.
What is driving the decision between deploying a BPMS On-Premises as opposed to a SaaS offering?
Security
Traditionally, we have seen customers who are typically larger, enterprise-class businesses, or those with a high sensitivity to data security, go for the On-Premises BPM option. The idea that the application will sit on a server in that client’s data center, firmly entrenched behind their firewalls, lends an aura of security, and having done “the right thing.”
This week a client made the decision to go for the On-Premises version of HighGear, and despite some detailed discussions on the benefits of opting for the SaaS alternative, it just had to be On-Premises. Moving firmly into the deployment phase of this particular project, it is with some surprise that we have found the server upon which HighGear will live is not on the client’s premises, but in a third-party data center whose security is nowhere near as robust as that operated by our own.
In this instance, the client’s security needs would be better served if they opted for our SaaS product.
I think it is right that you should not be putting ultra-sensitive data, whether transactional or risk, on the Cloud, however opting for an On-Premises BPMS to then move it off your premises, challenges the validity of the decision.
For instance, our SaaS offering is operated from our data centers which meet and exceed all major security standards, including ISO, ITIL, NIST 800-53, SOX and SAS70 (and we have a 100% uptime track record).
Is the data center where your On-Premises applications reside meeting those standards?
Security is vitally important, but irrational fear of a perceived lack of Cloud security should not overshadow a mistaken belief in the strength of On-Premises security or availability.
Budget Constraints
For clients seeking a BPM solution without the heavy initial price tag, moving to a BPMaaS solution makes a lot of sense. That said, our experience is that customers will pay the price tag for a BPMS providing they can see tangible value in the projected results.
Price is a significant factor for all customers when you are basing decisions on ROI, however as my colleague, Josh Yeager has recently pointed out, the cost of a failed deployment far outweighs any TCO invested (read his article here).
Price in this respect is not a major driver in practical terms when it comes to the On-Premises versus Cloud debate. In any event, HighGear typically costs around 20% of the initial and TCO of a traditional BPMS, whichever option is preferred, and this makes price even less significant in the decision process.
Flexibility
This is where SaaS definitely wins in the debate. I’ll give a very brief overview of the major elements here, but there are many more advantages to going with SaaS.
First of all, while we are frequently engaged with IT staff in the sales and onboarding cycle, the bulk of the conversations revolve around how the deployment and support burden can be minimized for the IT department. IT is involved to ensure solutions meet business requirements, and also I feel that software deployment, of any flavor, is seen to be within IT’s wheelhouse. Moving to SaaS lightens the load on IT, as they don’t need to worry about provisioning servers, finding rack space, and so on – essentially SaaS represents simplified architecture and architecture integration.
Secondly, SaaS is much more open to fast scaling than an On-Premises deployment. HighGear customers typically start off with small, team-sized deployments (anything from a dozen users to 250) and grow from there instead of ‘Big Bang’ deployments. However, as soon as the adoption/honeymoon period is over and the power of Lean BPM is recognized, growth in use of the BPMS is rapid, both in terms of users (we call them contributors) and in the spread of the BPMS to other parts of the business and its processes. SaaS allows this rapid scaling quickly and easily, with much lower deployment risk and the ability to reverse out of the scaling up operation if need be.
Thirdly, the drive for social collaboration across the organization is important to customers, and there has been a definite trend upward in the frequency and weighting given to this. This is closely related to the SaaS advantage when it comes to Continuous Improvement (and process management and optimization generally). The ability to collaborate in real-time, engage SMEs on aspects of process improvement, manage the discussion outcomes and record them, is fairly common to both BPMS versions, but SaaS allows for much easier integration with a wider variety of data sources. This is especially important where BI data is closely aligned with the BPMS to drive process decision-making.
Other major benefits of going SaaS include reduced long-term costs of continuous improvement and BPMS support, faster upgrades, and better reporting (especially where IT links operations data with the BPMS for KPIs).
A Word of Caution with SaaS
SaaS offerings come in multiple flavors: public, private and hybrid.
This distinction is important as it involves your data security and the actual performance of the BPMaaS itself.
Private Cloud is exactly what it says – private. You are the only swimmer in this particular pool, and external access is non-existent unless you open it up (either generally or by strict invitation).
This is good for performance and security, but the cost can be high.
Public Cloud is the cheapest option, however, everyone prepared to pay the (low) cost of admission gets in to swim. This means multiple entities working off the same infrastructure as you, which weakens security and can impact operational performance of the BPMS if everyone is swimming at the same time.
Hybrid Cloud is a mish-mash of the Public and Private – essentially you get your own swim lane.
Operating off a Public Cloud is not recommended for your BPMaaS!
Summary
On-Premises BPMS’ are only as secure as the security you provide in your data center where the server resides.
Irrational concerns over Cloud security, and over-confidence in company data center security, are skewing business decisions over which BPMS option to follow.
SaaS (BPMaaS) provides greater business benefits, but test drive various options to establish performance, usability and costs before making the decision.