Matters needing attention when purchasing SaaS products

Language 2023-06-21 10:42:58 views: null

Article directory


Recently, a colleague in the team is doing the evaluation of migrating local products to SaaS. He has sorted out some content that needs to be evaluated. I think it is quite good. I have made some additions and deletions based on his own experience. Here Make a note. The content here is also applicable to the checklist for purchasing a new SaaS service.

It is mainly divided into service availability, functional comparison between SaaS and local deployment, performance, security, operation and maintenance, data migration, and integration with other company applications.

service availability

Service availability is divided into two small aspects of SLA and service support.

SLA

SLA refers to the proportion of time that the service can be used normally in a year. Generally speaking, the SLA of commercial SaaS products is between 99.5% and 99.9%.
When considering this indicator, two factors need to be considered. One is the needs of other teams using this product within the company, and it is necessary to communicate with them about this situation; Pay extra attention, because the downtime of this SaaS product may also cause our own commercial products to be unavailable, which will affect our SLA to customers. If the SLA is not up to standard, we will lose money.

service support

Service support refers to how to get support from the support team of the other company when we encounter problems.
Generally speaking, there are several ways to obtain the support of the other party:

  1. Submit a case on the dedicated support page
  2. mail
  3. Specialized communication software, such as WeChat, DingTalk, Slack, etc.
  4. Telephone
  5. video conference

The convenience of different methods is different. When evaluating this point, in addition to paying attention to which types of support the other party will provide above, you should also pay attention to two points. One: Response time, which is very important for downtime and other important accidents; Two: Whether different response methods are charged separately, some companies (especially foreign companies) charge separately for real-time response , pay attention to this.

function comparison

Sometimes the SaaS version and the self-deployment version of the same product are different in some functions. Whether it is a new purchase or a local migration, you need to pay attention to these differences. It is best to chat with the other party’s SaaS pre-sales and self-deployment pre-sales Chat, and sometimes get different messages.

performance

The performance I want to talk about here mainly refers to network performance.
According to the dispersion of the company's office locations, it can be divided into two situations: there is only one office location and there are office locations in multiple cities across the country or even around the world.

only one office location

In this case, no matter whether the company builds its own computer room or uses the public cloud, when deploying products, the service is relatively close to the user, and it is also very close to other applications of the company (if it is a local computer room, it may be in the In the same computer room), so generally speaking, there is not much problem with network performance.

However, if purchasing SaaS services, it is necessary to test the network performance in particular, and to test common users and integrated systems at the same time.
Because SaaS companies are unlikely to deploy servers in every city in the country (global) due to investment considerations, your location of use may be far away from the location of the SaaS server, which will inevitably affect network performance.

have multiple office locations

The situation is even more complicated if the company has multiple locations.
In addition to those things to consider above with only one office location, there are generally the following situations to consider:

  1. If the CDN
    has more than 3 office locations and the distance is far away, it is likely to consider supporting CDN. Otherwise, no matter how you choose the geographical location of the server, it will be difficult to balance the performance requirements of each office location.

  2. Data transfer between different locations
    would preferably support mesh rather than star transfer of data. The so-called mesh means that data can be directly transmitted between any two points, and the star shape means that all communication can only be communicated by relaying messages through the server.
    However, this point is also determined according to actual needs, not all scenarios require this function.

Safety

Security is divided into data security and network security.

Data Security

There are some laws and regulations that impose restrictions on certain industries, such as the inability to host data, etc. Therefore, it is best to communicate with the company’s legal team when purchasing SaaS services, and leave evidence of the communication for future audits.

Even in the absence of legal restrictions, you must understand the data security part of the procurement contract in detail, and carefully study and check with the legal team

cyber security

In the case of self-deployment, services are likely to be accessible only on the intranet, but SaaS products are often released to the Internet, which brings hidden dangers to network security.
It is recommended to consider the following points:

  1. Whether there is a WAF, which is critical for services exposed to the public network
  2. Whether to support 2FA, that is, two-factor authentication
  3. Is there a detailed access audit function (who did what, where and when, whether it was successful or not)
  4. Joint assessment with the company's security team (on the one hand, they can use their professional capabilities to conduct a more complete assessment, and on the other hand, find another team to help you endorse)

In addition to data security and network security, another point of concern is the perfect audit function, especially in listed companies or multinational companies, because there may be legal requirements.

Operation and maintenance management

In fact, a SaaS product in an ideal state should have zero operation and maintenance, but the status quo is not up to zero operation and maintenance. Generally, two aspects of operation and maintenance need to be paid attention to: status change notification and monitoring.

status change notification

The so-called state change notification is to notify users in advance in an effective way when the state of the service changes, such as during upgrades, maintenance, or failures.

Most of the SaaS products now only support sending notifications to the administrator, but not to the end users of the product. The administrator (usually ourselves) needs to transfer it. It is best to automate this part, because relying on a few management Employees manually relay the notification, and if it is missed at an important node, it may lead to serious consequences.

monitor

Any system that provides external services should have supporting monitoring, otherwise, the maintainers will always be in fear, and do not know when a "bomb" will be thrown.

Some SaaS products will provide customers with complete monitoring and alarm systems, and even provide APIs that can be redeveloped, which is ideal.

However, there are also some SaaS products that do not provide customers with a monitoring system. If you still want to purchase this product in this case, it is best to do some black-box monitoring for important functions or scenarios yourself, otherwise it is really blind. do not know either.

data migration

In the case of migrating to the SaaS side after using self-deployed services, data migration must be considered. If the company's information security policy and legal affairs allow, it is best to do an actual before purchasing (such as POC) Data migration work. "The mouth of sales, the ghost of deceit", don't trust the words of sales and pre-sales, we are the ones who really have problems and headaches.

Integration with other company applications

The integration of SaaS products with other applications of the company should consider two aspects: functionality and network accessibility.

Whether the function is available

This point is still the problem mentioned above. The functions of the self-deployment version and the SaaS version of the same product may not be exactly the same, so you must actually do an integration to know whether it will work. Don’t blindly trust the documents provided by the other party. At least from my current experience, it is normal for documents to have errors and omissions, even if the other party is a first-class company in the industry.

network accessibility

SaaS products are often released to the public network, but many of the company's applications are only released to the intranet, so you may encounter network problems during communication: the network is unreachable or the network performance is not up to standard. This all requires actual testing to know.

In general, when purchasing SaaS products, testing is very important. It is necessary to communicate with stakeholders as much as possible and explore more test scenarios, so as to minimize pitfalls.

Published simultaneously on personal site: http://panzhixiang.cn/article/2022/10/4/54.html

Guess you like

Origin blog.csdn.net/u013117791/article/details/127251482
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com