What is Software as a Service (SaaS)?

Software as a Service (SaaS) is a software delivery model, through which applications are hosted in the cloud, delivered to customers via the internet, and licensed as subscriptions. Unlike traditional software licensing, SaaS does not require customers to purchase anything upfront, or to maintain an app’s underlying infrastructure.

The software that SaaS delivers is designed, developed, maintained, and billed by its cloud service provider. Meanwhile, a SaaS subscriber can access the application(s) in question as long as they have a compatible client device — often a web browser or dedicated application —  and an internet connection.

SaaS is one of the primary service models of cloud computing, alongside Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Desktop as a Service (DaaS). Whereas IaaS pertains to various infrastructures such as servers and databases and PaaS to development tools and environments, SaaS consists strictly of cloud-based software.

At the same time, SaaS is also closely related to DaaS. DaaS delivers virtual applications and desktops to end users over the internet, but is a bit more complex than SaaS. Whereas SaaS only abstracts applications, DaaS abstracts the operating system as well, to deliver a full desktop experience via the cloud.

Explore additional SaaS topics:  

High-Level Benefits and Risks of Cloud-Based Software

SaaS offers straightforward and scalable access to software with minimal overhead for the customer.

Examples of SaaS include customer relationship management solutions in the cloud, hosted collaboration platforms for chat and video conferencing, online productivity suites, and expense management software, among many others. All of these provide equivalent or similar functionality to traditionally licensed counterparts, while being easier to manage.

The SaaS model has become the primary mode of consuming software for businesses, and it now represents the single largest segment of the overall cloud computing market. Many organizations have made SaaS adoption central to their cloud migration strategies, as a way of streamlining access to key applications and reducing licensing costs.

However, there are some security risks associated with SaaS, due to how it greatly simplifies app access. Using a standard web browser to open an application means that a SaaS user is essentially free to do what they want, beyond the control of IT. Balancing SaaS convenience and security is essential.

How the SaaS Model Works

The SaaS model has both a technical and a financial component.

Technical

As cloud-based software, SaaS is centrally hosted by its service provider in a data center. It is most often delivered as a multi-tenant architecture, with a single configuration serving multiple customers and isolating their data from each other. The provider is responsible for administering all updates and patches to the application and to ensuring its overall reliable delivery to customers. Accordingly, the end customer does not have to manage any of the operating systems, middleware, or runtimes associated with the application.

Access to a SaaS solution happens over the internet. Depending on the specific software in use, there may be a web app and/or downloadable (desktop or mobile) application available. Although access is theoretically as simple as logging into an account associated with the SaaS subscription from any client, organizations may implement extra security measures such as single sign-on or a specialized launcher, in order to protect data and monitor activity during SaaS use.

Financial

SaaS is subscription-based software. Instead of paying upfront for one-time licenses and then supporting the application with on-premises infrastructure, subscribers pay for access on an ongoing basis. In other words, SaaS is an operating expenditure (OpEx), instead of a capital expenditure (CapEx).

This model makes SaaS appealing to organizations that prioritize flexibility and low-risk investment in their software. There is usually no upfront commitment and no need to procure and manage any supporting infrastructure. A SaaS solution can be easily scaled as an organization grows, plus it is continually receiving new features and updates from the provider. Startups, SMBs and enterprises can all benefit from SaaS.

SaaS in the context of cloud computing and cloud migration

SaaS is just one of the service types of cloud computing. Here’s how SaaS, PaaS and IaaS compare at a high level in terms of their functionality and relation to cloud migration.

  SaaS PaaS IaaS
Type of IT resources delivered Cloud-based software Development tools and environments, plus operating systems Servers, storage, networking, firewalls and data centers
Relative customer responsibility for solution upkeep Low Medium High
Role in cloud migration Replace traditional software outright Refactor, revise or rebuild applications Rehost workloads
Common use cases CRM, collaboration, ERP, email Business intelligence, development frameworks Website and web app hosting, devtest environments, high-performance computing

What is a cloud migration strategy and how does SaaS fit in?

A cloud migration strategy is a plan for moving applications, infrastructure and/or data from an on-prem site to the cloud, or for replacing or otherwise modifying them with cloud technologies. SaaS offers one of the more straightforward cloud migration paths.

More specifically, a SaaS solution may be able to completely replace a traditional on-prem application. For example, an on-premises CRM platform might be retired in favor of a SaaS equivalent hosted and maintained by a cloud service provider.

Migrating to the SaaS model comes with benefits as well as drawbacks, so it’s important to evaluate the application in question, the potential SaaS solution and the track record of the service provider before subscribing.

In addition to such SaaS-driven cloud migrations, an organization might use other cloud solutions in the IaaS and PaaS spaces to rehost and refactor its business applications, respectively, as indicated in the above table.

Advantages of SaaS and applications in the cloud

Putting applications into the cloud via SaaS confers numerous advantages on customers, ranging from consistent access to the latest functionality, to substantial cost savings.

Shorter time to value

Getting started with cloud-based software is straightforward. After setting up a SaaS subscription and the proper security controls, an organization can start using the business application right away and realizing its benefits. Extensive customization isn’t required in most cases, and client apps are easy to use.

Increased scalability

A SaaS solution can be scaled to numerous users without needing to set up and manage additional infrastructure. Usually, all that’s needed is an update to the subscription. The multi-tenant architecture of most SaaS solutions allows the service provider to support numerous concurrent users across the globe.

Lower costs

SaaS scales to actual usage, meaning that customers only pay for what they actually consume. There's no danger of overbuying licenses, nor is there the risk of making a major CAPEX investment that becomes a huge burden over the long term.

Easier remote work and flexibility

Because SaaS applications are delivered via the internet, they can be relatively easily accessed from any mobile or desktop device. This flexibility makes them ideal for remote work organizations and for consistent anywhere/anytime access overall.

Continual improvement

SaaS service providers are continually refining their offerings with new features and fixes.

Updating a SaaS application to take advantage of these enhancements is often as simple as confirming a prompt and restarting the software. Specialized implementation services and upgrade packages aren’t needed.

How to prepare for SaaS cloud migration

Two of the most important preparations to make before investing in SaaS are to:

  1. Choose a reputable provider with a service-level agreement that meets the customer organization's needs.
  2. Mitigate security risks related to accessing business applications beyond the company premises, e.g. in remote workspaces.

Although the cloud service provider handles the bulk of security work, the customer organization still needs to think about how to secure end-user access. Cloud-based software empowers users by giving them significant control over how and where they access company data, and this setup can increase the risk of security incidents and data breaches.

When SaaS is accessed through a normal web browser, IT has only limited visibility into user activity, plus there are no built-in protections against SaaS that might contain malware. With numerous SaaS applications now woven into daily workflows, more secure access is a must.

Some of the proven options for SaaS security include:

  • SSO: Access to SaaS apps can be centrally managed, simplifying provisioning and decommissioning of user accounts as needed.
  • Specialized embedded browsers: These applications may include controls for copy/paste, printing, and more, to prevent data exfiltration when using SaaS.
  • Web filters: When links are clicked within SaaS applications, a proper web filter can block malware, check for policy violations and if desired, launch an isolated browser to open unknown URLs outside of the company network.
  • Analytics platforms: These solutions can read data about SaaS usage, use it to rank behavioral risks, and take necessary corrective actions like logging a risky user off.
  • Secure network access: Firewalls, web gateways, and cloud access security brokers can all be used to protect network connections to SaaS.
  • Security integrations and multi-factor authentication (MFA): Connecting to services like Okta and Active Directory helps secure SaaS, as does implementing MFA.

Beyond these security measures, any set of SaaS migration preparations should include careful planning, with a focus on knowing what workloads and data need to be moved, how the new cost model will work, and which stakeholders should be involved throughout the transition.

Citrix Solutions for SaaS

Citrix offers multiple solutions to secure SaaS access, accelerate cloud migration, and improve application delivery.

By using Citrix Workspace and Citrix Secure Workspace Access, organizations can control the entire SSO experience of accessing SaaS applications, along with what happens during each session. Data sent to Citrix Analytics for Security can also be used by IT to better understand the current risk environment around an organization's SaaS usage.

For end users, Citrix Secure Workspace Access provides a convenient SSO experience plus fast app launching from their platform of choice. The Citrix Secure Browser also boosts productivity by isolating activity from the rest of the network.  Citrix SD-WAN and Citrix Secure Internet Access combine to create a complete Secure Access Service Edge (SASE) solution that optimizes app delivery while protecting employees from the threats and vulnerabilities of unsanctioned apps accessed via the internet.

Additional Resources