The concept of consuming software and other resources “as-a-service” has been around for decades. Some folks think of the old mainframe and dumb terminal “time sharing” systems as Software-as-a-Service (SaaS). Others consider SaaS to have been born of Local Area Networks and server-based applications with centralized file storage. Most computer users probably think of SaaS as a subscription to an online service, like Office 365 or Salesforce.
A world of possibilities
Whether these examples fit the definition of SaaS, they certainly fit the promise: higher cost resources made more accessible through affordability and ease-of-use. Thanks to the ‘as-a-service' model, mid-market has been able to leverage cloud computing, SD-WAN, and software packages that would normally be out of reach for anyone without an enterprise budget. According to research from Gartner, Techaisle, and Google and Accel Partners, the global market for mid-market SaaS is expected to outgrow that of enterprise SaaS by the end of 2020.
It makes sense that mid-market companies would adopt SaaS more rapidly than enterprise over the next couple of years. Enterprise companies can achieve a return on an in-house investment that is out of reach for most mid-market organizations, and they may have concerns that make their leadership teams more comfortable keeping things on-premises. Meanwhile, the mid-market are finding more applications that are dedicated to solving unique problems in their respective industries. They're also enjoying the licensing and tech-support savings provided by subscribing to always-up-date SaaS applications instead of installing these apps in their own back rooms. In short, SaaS is helping the midmarket become more profitable and competitive.
We've also seen other subscription-based solutions grow along with Software-as-a-Service and cloud computing. Infrastructure-as-a-Service (IaaS) has allowed companies to deploy powerful computing resources without dedicating the time, space, dollars, and effort it would take to deploy them on-site. IaaS refers to the virtualized computing resources in the cloud, such as networking, storage, and processing. When you deploy something like a Barracuda CloudGen WAF or Firewall, you are deploying it into an IaaS environment. According to Gartner, IaaS adoption will grow by 35.9% this year, and is the most rapidly growing segment of cloud-adoption. We are seeing a similar trend in Platform as a Service, or PaaS, as application developers adopt cloud computing services specifically designed as development environments. According to our own research, the US leads worldwide adoption of Desktop-as-a-Service (DaaS), with 51% of those surveyed using the public cloud for desktop virtualization.
What about security?
This leads us to the inevitable questions about security. If you've followed cloud computing topics, you're probably aware of the Shared Security Model. This is the cloud security framework put forth by cloud providers and it makes the most sense for the consumers. In short, the service provider is responsible for security OF the cloud, such as the underlying hardware in the datacenters. The service consumer is responsible for the security of the workloads and data that is IN the cloud. This is why Barracuda provides security solutions in the AWS Marketplace, Azure Marketplace, and the Google Cloud Platform. These aren't “as-a-Service” deployments; they are public cloud solutions engineered to take full advantage of public cloud capabilities like autoscaling, deployment templates, and metered billing.
What does it all mean?
We know that SaaS and web applications are growing and there are some great security solutions out there to protect them. We know that companies will migrate more workloads and data to IaaS environments and employees will learn new workflows that involve sharing and collaboration. We know that application developers will move development to the agile PaaS environments that make them more productive. And through all of this, we know that we'll be under constant attack from the creeps of the world. Nevertheless, businesses will continue to embrace Software-as-a-Service and the public cloud, and we'll continue to build security solutions to protect them.
- Cloud Ready Patterns of Security
- What the Barracuda WAF and AWS Security Competency mean for you
- BYOS – in the cloud, security is a shared responsibility
- Club Automation Case Study
Christine Barry is chief blogger and social content manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master in Business Administration. She is a graduate of the University of Michigan.