Article written by Jason Currill, CEO of Ospero.

When SaaS first emerged in the early 90s, businesses and consumers alike dreamed of a world where the capex for software no longer cost anywhere between a few thousand and up to several millions of dollars, and new releases made their purchase obsolete in a few short months. SaaS promised to change the face of computing by offering web based platforms, with little setup and minimal upfront costs – however skip forward to 2012 and the market penetration of SaaS hasn’t reached anywhere near the levels predicted back then.

While SaaS adoption is increasing, with a recent Gartner report indicating that year on year growth is doubling, with an estimated 2011 value of $12.3 billion, the piece of the overall $267 billion software pie is still worryingly low.

In a 2001 report by the Software & Information Industry Association, they had this to say on SaaS and the future;

“The SaaS market now comprises about 2 percent of software application sales, but the figure is expected to climb significantly by 2003, according to Forrester Research. Almost all projections agree that the growth rate will run at around 100% a year for the next five years.”

2001 saw an estimated software revenue of $77 billion, meaning that the two percent mention for SaaS equates to $1.5 billion. If we scale those figures over the predicted 5 years – that would mean we should have seen a SaaS market value of nearly $50 billion by 2006. Now obviously this was not the case, and in hindsight, perhaps that figure was a little eager, however a 3% market share increase in a decade that has been defined by computing seems far too small.

So, what are the barriers to entry for SaaS, and why hasn’t the world moved to a cloud based software delivery model?

Data Security

“Security is the No. 1 reason preventing firms from moving to SaaS,” Forrester analyst Liz Herbert wrote in a recent report on software-as-a-service adoption.

This is without doubt the largest concern that is come up against when migrating a traditional local software installation to a cloud based platform. Working historically on the premise that one computer contains one IT system, managing and controlling security becomes a minimal task. Now apply that to the cloud, where one computer can contain many instances of individual, virtual machines – and if a computer is hacked, all those virtual machines suddenly become accessible to the hacker.

This alone can be enough to persuade many CTOs to hold off on moving to the cloud, but there are other considerations as well.

Data Protection

As any Organisation should testify – having a solid reliable backup is key. Whether it is a simple case of cloning your computer contents to an external hard drive or a rack mounted server, running RAID redundancy; if a local system’s backup fails, it is largely your responsibility if not actually your fault.

Now while this may sound like a scary prospect in itself – the cloud removes any control. You have no real understanding of how your data is being stored, and how many backups there are. If you look at the debacle encountered by Microsoft in 2010 over their Sidekick mobile sync servers, you can easily see how a simple mistake can cause the loss of millions of accounts and corresponding data.

Legal Compliance

In January 2012, the European Commission published a package of draft measures, including a Regulation on data protection aimed at fundamentally overhauling and harmonising the EU’s data protection regime. If passed in its current form, the regulations will introduce significant new compliance obligations for organisations, enhanced rights for individuals and tough new penalties for non-compliance.

This legal minefield is enough to cause any CTO to run for the hills, with the prospect of multimillion dollar penalties enforced, if legal regulations, specific to the country they operate in are not adhered to. This is one of the main reasons that may SaaS based vendors have not branched outside of the US, which accounts for 64% of the global SaaS market. 

Data Sovereignty

The fourth and final boundary encountered has been that of data sovereignty, that is knowing exactly where in the world your data is.

Taking the US as an example, the Federal Information Security Management Act (FISMA) requires customers to keep sensitive data within the country. In virtualized systems, data and virtual machines can move dynamically from one country to another in response to load balancing needs and other factors. While this is a benefit for the end user, decreasing load times, whilst increasing reliability, whether in New York or London – for SaaS vendors, the headache of managing data location (and the aforementioned legal compliance can be too much to bare.

While this may sound like a grim report on the state of SaaS, the future is bright, as long as vendors embrace the perceived problems around them and adapt for a future in the Cloud. Ospero exists to help businesses make the move to the cloud and distribute globally.

Ospero’s distribution-as-a-service (DaaS) offering, helps business rollout global SaaS instances without vendors’ having to worry about legal compliance, latency issues and privacy headaches. Their service is helping CTOs and IT managers overcome the barriers to cloud entry and embrace SaaS.

Jason Currill is founder and CEO of Ospero, a global Infrastructure as a Service (IaaS) company. The company, through a federated cloud strategy, has one of the largest ubiquitous, single vendor cloud platforms in the world. Before founding Ospero, Jason, a seasoned technology Executive with over 15 years international sales experience, worked with Cisco Systems, Business Objects (a SAP company) and NetSuite, in charge of both EMEA and NA territories. Prior to his career in IT, Jason worked on the London International Financial Futures Exchange (LIFFE) for almost 10 years as a Futures Trader.