SaaS vs. open-source — Seven essential criteria to consider when choosing for your business
Companies today are migrating to cloud and Software-as-a-Service (SaaS) services in the belief that these are more cost-effective compared to running their own software. While this can be true when leveraging on-demand capacity only when required (elastic horizontal scalability) or at a small scale, in practice, we see companies migrate to the cloud without thoroughly investigating the longer-term consequences.
In this article, we cover seven criteria you should consider before deciding on buying an off-the-shelf SaaS product or leveraging open-source software to build your own customized solution.
Many companies opt for using SaaS cloud solutions because, at the entry point, the initial cost of getting started is very low or even free. For many companies that begin with small-scale rollouts or proofs-of-concept, this cloud model may initially be much cheaper than setting up hardware servers themselves.
But there is a catch. As the consumption of these companies grows (for example, the volumes of data or amount of applications), the costs will also increase accordingly.
This is something that organizations usually need to be made aware of since the general perception is that public cloud services are the most cost-effective option. However, at a large scale, creating solutions based on open-source software can be ten times more cost-efficient than opting for a SaaS service.
To help our customers, we typically assist them in preparing a forecast and estimating the volumes of data they will be processing, storing, and using in the future. Based on these estimates, we can make an objective estimation to enable customers to make the best strategic decision.
2. Vendor lock-in
Vendor lock-in means that once you move your organization’s data to cloud SaaS services, you may be unable to migrate to other solutions without considerable implementation effort.
Many companies end up in such a situation and become entirely dependent on one service provider that can increase their fees on a whim. Costs are also likely to keep rising as the volume of data and the data consumption (e.g., amount of queries) keep growing, as discussed in the previous criterion.
Vendor lock-in can also jeopardize business continuity: if your business-critical processes are entirely dependent on one provider and the service is down, your business operations will be interrupted and forced to a halt.
Open-source software, however, can help you mitigate these vendor lock-in risks. When leveraging open-source software, you are in control of the business-critical parts of your solution, with minimal dependencies on the underlying cloud infrastructure. In that case, migrating from one cloud infrastructure vendor to another becomes much easier.
Alternatively, you can opt for a real multi-vendor set-up, where your solution runs on multiple public cloud providers simultaneously, possibly in combination with on-premise hardware. Many companies operate using such a (hybrid) multi-cloud strategy to avoid entirely relying on one vendor’s whims while keeping all flexibility and control in deciding where to deploy services.
3. Data sovereignty
Every day, numerous companies collect vast amounts of personal information that people are not always aware of or have consented to. Furthermore, it is not always clear where exactly the data is stored, for how long, and who has access to it.
Data sovereignty means ensuring that data is stored in locations under the control of the data owners and compliant with laws and regulations with full transparency on who has access to data that may be privacy sensitive or contain company IP (Intellectual Property). It is not commonly known that foreign states have surveillance acts that grant access to data regardless of where data is physically stored and that these acts overrule any local regulation.
Having control over where data resides also impacts business continuity: are you able to retrieve or backup all your data and move data to other locations? Not all SaaS solutions provide ways to export, backup, delete, or migrate data, so customers have very limited control over their data.
Using open-source software to build custom solutions enables companies to run these solutions and store data anywhere in the world while remaining in full control.
Transparency can be an essential criterion for some organizations that need to have full visibility of their complete supply chain to know where the software is coming from and its exact functionality. This is important because these companies have to ensure that there are no back doors or security vulnerabilities and that they know all the risks involved with using the software.
The issue with a SaaS service is that you don’t get any transparency. In fact, you don’t see the underlying software at all. You can read and accept the terms and conditions, but apart from that, it’s a matter of blind trust without any real guarantee that your data will be protected or to which risks it is exposed.
If software transparency is an important factor for your business, we at Klarrio would recommend creating your customized solution with open-source software. These technologies are supported by large organizations, and they have good documentation and huge, vibrant communities working on bug fixes from all over the world. With open-source software and a Software Bill of Materials (SBOM), you have full transparency in the software, its dependencies, functionality, and any security risks involved.
In most cases, it is crucial that the technology you are using can accommodate and scale to larger volumes of data as your business grows.
One of the challenges with SaaS solutions can be that there is no guarantee that the underlying technology will provide sufficient elasticity and scale; you can only hope that it will cope with your increasing volumes of data and future data consumption needs.
When starting small with a proof of concept or pilot project, any solution will carry the load, but there is a hidden risk that at a certain point in time, you may encounter limits and will need to redesign and reimplement the solution.
If you estimate your organization and its data consumption to grow to a significantly large scale in the years to come, it may be wise to consider leveraging some open-source cloud-native technologies instead of SaaS services.
These technologies (for example, Apache Kafka, Apache Flink, Apache Spark) are designed and proven to scale; in fact, they were created by data-driven new economy companies because old legacy solutions were unable to meet their scalability requirements (volumes of data, elasticity of workloads, variety of data formats). When we work with this open-source software, we know from experience that these technologies will scale to your future needs.
By leveraging open-source software, you can remain in full control, and you can dimension and optimize the performance as required. The flexibility to migrate to any public cloud provider or even on-premise infrastructure avoids a complete dependency on a single SaaS provider and its ability to scale.
6. Custom requirements
Throughout the decades of working experience in our field, we’ve seen that customers have very different and specific requirements when it comes to data. These requirements may be in order to differentiate from competitors and keep an innovative edge or because of regulatory compliance for a very specific industry or environment. Most often, the generic off-the-shelf SaaS products cannot meet all of their needs.
Remember, these SaaS services have been designed to cover the most common requirements relevant to the highest number of companies and are not tailored to specific needs. In fact, they are trying to serve as many customers as possible with the most generic offering, hence providing the largest common denominator functionality.
By opting for a SaaS, companies become dependent on an external service that, in the end, may or may not implement the features that they require. They become completely dependent on the service provider roadmap with limited control or visibility on when their requirements will be fulfilled.
In most cases, there are alternative options for larger enterprises with specific security, functional, or integration requirements that want or need to take control over their own destiny.
While using custom solutions based on open-source software does require an upfront investment, in the long term, it provides the advantage of being in control of their roadmap and their own solution. This may be a business requirement to be able to offer innovative and differentiating solutions to customers.
7. Service Level Agreements (SLAs)
Most public cloud and SaaS providers don’t provide real guaranteed SLAs or Service Level Agreements. In most cases, they only offer best-effort objectives to meet service uptime for a limited number of services. If these SLA objectives are not met, service credits are provided for your next (e.g., monthly) billing cycle as compensation.
However, many companies need stronger and better ways to ensure that the potentially business-critical services they depend on meet the service availability targets. They need stronger guarantees and not just service credits as compensation for critical services not being available.
If this is a concern for you and your organization, we recommend opting for a tailored solution designed for service availability instead. With these solutions, companies have stronger service guarantees with full transparency and control.
While there is a clear industry trend to migrate to public cloud and SaaS services, the longer-term consequences and their strategic impact are not always considered. In this article, we covered seven criteria to consider when deciding to select a SaaS solution or go with a custom open-source software-based solution. There are long-term effects that may be difficult to revert, so organizations should think twice before establishing a cloud and data strategy.