‘Software as a Service’ (SaaS) is a specific price-effective software delivery model. In this model all applications are hosted and distributed by a service provider as a web-based service to the end user customer who accesses the service “on demand”.

Different to the traditional applications where users install the software on devices or servers, a SaaS vendor owns the provided software. The software is run on servers in a data center while data transfer is occurring across the internet cloud. The data transfer, storage and security considerations are handled by the SaaS IT staff, which alleviates the risk and cost of building and maintaining an internal IT team. Costs for SaaS are very reduced compared to other service models because the software is hosted remotely without requiring supplementary investment into additional hardware, installation, set-up and maintenance and because businesses pay only for the usage of the service. The SaaS service can be provided at an overall lower cost by the SaaS vendor because the cost of maintaining the SaaS IT infrastructure can be distributed across many companies.

SaaS is an increasingly established delivery model using technologies that support several web applications and service-oriented architectures that are continuously evolving. SaaS deployments are fast so that software implementations need less time compared with traditional software applications. Benefits of using SaaS for distributing services include the global accessibility, facilitated administration, automatic updates, patch management options and resolutions of compatibility issues that allow easier collaboration.

Since the internet business is growing, SaaS security in the cloud is a critical focus of vendors and users. Many SaaS developers and SaaS vendors invest intensively in building more secure software that is protected and available 24/7. For cloud security, encryption and VPN services must be considered, and each SaaS vendor is recommended to assess security risks, manage threats and provide remediation plans. Network security focuses on protecting virtual entry points into the SaaS environment and any vendor should have policies and procedures in place to respond to possible virtual and real attacks against software, servers and hardware components. Finally, physical security needs to be provided by choosing the right physical location where data is securely stored.

Considering all benefits of SaaS for distributing, managing and accessing data and services combined with innovative security strategies that protect the web-business within the cloud, SaaS remains an intriguing option for many enterprises.