Salesforce.com ushers in a new era of on-demand success with the industry’s first platform as a service (PaaS). With the Force.com platform, you can build any application, any database, any logic, and run it all on demand on our trusted, secure infrastructure. Now salesforce.com allows customers to create and run any application and even any user interface imaginable–all entirely on Force.com.
(Announcement made this week on Salesforce.com)
If you do not already know, Salesforce.com is the worldwide leader in on-demand customer relationship management (CRM) services. I’m not going to go into detail here and recommend that you spend some time browsing their website.
PaaS, and SaaS (Software as a Service) are exciting concepts. For an example of SaaS, look no further than Google Docs, a fully featured suite of office applications that allow you to create, edit and store your documents and spreadsheets without having to install any software packages on your own desktop. Now imagine if it was easy to build your own applications that also run on the Google platform. Potentially you could run everything you need for your business to function off of somebody elses resources. This is where Salesforce are heading, wanting to create a platform that anyone can build on, making it easy to integrate on-demand services and messaging features, create mash-ups, and develop custom applications to do just about anything.
Kendall Colins of Salesforce says “You can be anywhere in the world, log in, write code that saves on our servers, tests and runs on our servers, and share that anywhere in the world.”
It’s exciting stuff and I reckon it’ll catch on because, face it, where’s the fun in purchasing a disk-space and resource intensive operating system only to install onto it more diskspace and memory intensive applications that most people only use a small fraction of the functionaility of, when we could all be using zippy, lightweight systems that connect to online platforms where all the weight of the processing and storage requirements are taken care of?
So, what of security in the future business world where we no longer store our own data and rely totally on external service providers for availability of all our business functions? Will there ever be a time when we could move all our eggs to the PaaS basket.
There are certainly some barriers to the adoption of PaaS: security, compliance and privacy concerns will, I’m sure, hold growth in check to some degree while the “followers” learn the mistakes of the “early adopters”. However, I predict that as these concerns are addressed and competitive pressures mount, business will start to rapidly move to the on-demand, mix and match approach of PaaS.
We need to be careful not to repeat the same mistakes that usually get made whenever there’s a new flurry of innovation happening online. The same rules hold true: security must be a feature designed in from the ground up, developers must follow a secure SDLC, reliance and availability have to be guaranteed. Physical security, data encryption, user authentication, and application security are all essential elements.
PaaS providers won’t have any opportunity to relearn the rules because the day they suffer a data compromise or go offline will be the same day they go out of business. It’s a lesson that Salesforce already learnt early last year when they suffered an outage and demonstrated that SaaS was not yet ready at that time for the mission critical needs of enterprises.
In fact, as stated here Salesforce.com maintain their own computing infrastructure privately. They not only develop, sell, and service the application, but own and maintain the server and storage hardware on which the application runs. The point is made that it’s hard for any company to be great at two different businesses simultaneously so “it may have made sense for Salesforce to control its infrastructure when it was starting out” but will customers “be best served by the dual-focus strategy.”
I was thinking about the potential advantages of the PaaS model for the SME. There would be no more requirement to purchase, install and support complex software, much reduced real need for inhouse data storage and processing capabilities. Before you wave your finger in the air and warn about the consequences of data breaches, bear in mind that a PaaS provider like Salesforce.com will have the resources to be able to provide far more resilient and secure systems than the average SME ever could for itself. For that matter, probably better security than the average large enterprise too.
So, it will come down to being a matter of trust. Do we trust Salesforce.com and their competitors to be good guardians of our business? That’s for you all to decide. Personally, I believe the days of trying to run a mish-mash of conflicting, complex, expensive, and often unreliable systems on our own often unreliable networks are drawing to a natural end and that the SaaS and PaaS models are a natural evolution.
I’ve just been watching the Saleforce.com Dreamforce video that’s online here. It’s typical, over the top American conferencing but well worth watching. Quote “Business is like life….you need to know why you are here.” Love it!