From IaaS to SaaS: User Control in Cloud Computing Services

  
  

 

Once your company has made the decision to implement cloud computing services, you may think the benefits of cloud adoption will pour in organically. However, it’s important to understand that there is another step to be taken before reaching that goal: understanding the level of user control and user responsibility necessary for its success.

There are three main cloud delivery models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Each has different uses and requirements for user input. 

As a self-service model, IaaS offers the highest level of control. The IaaS provider furnishes infrastructure components, like servers, storage, and hardware for computing resources. The user is responsible for everything else, including the purchasing, installation, configuration, and management of applications, websites, and operating systems. Microsoft Azure and Google Compute are examples of IaaS. Compared to PaaS and SaaS, IaaS leaves a great deal of responsibility with the customer, which can be a drawback for some organizations. The advantages include being able to manage the environment and customize services to a larger degree.

With PaaS, the user has slightly less control. In addition to supplying the base infrastructure, PaaS vendors manage the operating systems, middleware, and other software tools required for application development, and supply these resources to consumers over the Internet. The task of buying and managing software licenses, business intelligence services, and databases, for example, falls on the provider; the consumer’s sole responsibility is to manage the applications and associated services. Heroku and the Google App Engine are examples of PaaS. 

The third and final delivery model is SaaS, or software, such Salesforce or Office 365, licensed, delivered, and accessed online via a subscription model. In SaaS deployments, everything, from hardware and software, to installation and management of the application, is managed by the provider. This model is the most affordable and requires few resources and little involvement on the customer’s part. The downside is very minimal control over the application’s features and a limited ability to customize the user interface.

Along with factors such as budget, in-house skills and resources, and time to market, the organization’s need for control and complexity will determine which delivery model is the most appropriate for a particular workload or business function. For instance, the SaaS model is often a good fit for generic functions, such as email, that have low requirements for complexity and customization. Specific business functions that require more control over data and processes are better suited to IaaS deployments, especially in large enterprises with the internal staff and expertise needed to manage and oversee dynamic infrastructure.

For an in-depth discussion about the levels of user control in cloud computing services, join us April 15 at 2 PM EST for Cloud Security: General Types, Concepts, and Frameworks, a live webinar presented by Paul Ashe, President of Securance Consulting.