Operating on razor-thin margins, retailers, particularly during the past year, have been increasingly interested in taking advantage of application delivery models such as software as a service (SaaS) to reduce overall cost — capital expenditures as well as operating costs. Retailers considering SaaS must perform due diligence when evaluating SaaS solutions, and look beyond the marketing hype.

• The global economic crisis during the past year has driven a noticeable increase in interest from the larger Tier 1 retailers in off-premises computing models, in particular SaaS.
• During the past 18 months, vendors have been developing, marketing and selling SaaS. They have been targeting retail-specific processes, such as merchandise planning and store labor scheduling, or offering turnkey retail solutions.

Retailers considering SaaS solutions should:

1. Realize that SaaS projects are not just about taking out cost. The business and IT must work together to determine whether this alternative off-premises delivery model is suitable for the business, not only in terms of reducing capital and operational cost, but also in terms of delivering a flexible solution for revenue growth.
2. Evaluate the SaaS solutions and do due diligence on these evaluation criteria:
   • The maturity of the SaaS solutions for the process under consideration
   • The architectural models offered by the vendor
   • The SaaS vendor's record on delivering applications that are reliable, resilient and scalable; finding out exactly how the application will be delivered
   • The security of the SaaS offering, especially for out-of-country SaaS providers
   • The pricing model
3. Ensure adequate planning for protection of data and plans in the event of data breaches.
4. Understand how to plan for redundancy and disaster recovery.
5. Investigate the financial viability of small companies, especially startups offering SaaS and cloud computing solutions.

Advances in technology during the past decade have underpinned the accelerated change and innovation in how IT is applied and delivered to businesses and consumers. New technologies, such as Web 2.0 and virtualization, and new and alternative acquisition and delivery approaches, such as SaaS and the adoption of the service-oriented architecture (SOA) approach to application development, are some of the advances that have contributed to this change. In addition, the lowering of broadband costs together with access to the Internet with cheaper devices of varying form factors has meant easier access to ever-growing online services. More recently, massive investments in online "on-demand" services and cloud infrastructure from IT and Internet powerhouses, such as Google and Amazon, point to IT infrastructure, applications, management and support progressively being delivered as services, possibly as a utility and eventually "out of the cloud."

Market hype over Web platforms, SaaS and other IT utility services is intensifying. This, in turn, is increasing business buyer appetites for new options and services. Operating on razor-thin margins, retailers, particularly during the past year, have been increasingly interested in taking advantage of these types of services to reduce overall cost (capital expenditures as well as operating costs), increase productivity and enhance their customer propositions to grow revenue.

There are many reasons why SaaS is driving higher levels of interest for retailers (see "Survey of Retailers' Use of Software as a Service") and is now firmly on the retail business agenda:

• SaaS providers typically promise lower total cost of ownership (TCO), faster deployment time and greater enterprisewide adoption.
• Application licenses are costs and, therefore, targets for cost reduction and outsourcing. Reduced in-house IT support also means reduced expense on the overheads of salaries and attendant benefits in kind, as well as reduced expenditures on real estate for housing this function.
• The trend toward delivering "cleaner" business processes and, therefore, the tendency to standardize all or parts of the process lean toward a more commoditized approach — one that is suitable for SaaS. For example, e-mail applications are so widely deployed, well used and understood that most users can switch from one system to another fairly easily.
• The rise in parameterized applications, particularly Web-based applications, means that any required changes or enhancements to the application can be created through parameters. This allows users to use a common application platform and apply parameters to configure the business rules to achieve the desired result. For example, the discount amount on a discounted pricing rule for preferred customers could be adjusted in real time, depending on sales volume. These types of applications are more flexible than older legacy applications where changes could only be made by relatively costly and time-consuming modifications to the actual code.
• Bandwidth of wide-area networks (WANs) has grown, and WAN optimization solutions are maturing in scalability, functionality and affordability. These solutions will enable retailers to better support their strategies for regional expansion plans. Uptake of these types of solutions can only increase as WAN optimization solutions become better integrated with security solutions and networking solutions for quality-of-service improvement. All this means that retailers are more likely to consider deploying SaaS solutions because they have more trust in accessing secure applications from remote locations with low latencies and acceptable speeds.
• The emergence of software that can take advantage of the cloud — browsers such as Chrome; operating systems such as Chrome OS, designed to run cloud applications on the client side; and open-source software such as Gears (formerly Google Gears) that enables addition of new features to the browser to deliver more-powerful Web applications.
• International expansion lends itself well to a SaaS model. The architecture of SaaS models allows new countries to use the same instance as others. Bringing in new countries can be done relatively quickly. Country-to-country process variations can be addressed upfront through configuration, or iterative-based changes can be made over time.
• For the midsize to small retailers, SaaS has the effect of "democratizing" software, allowing them to have less-expensive access to functionality that had formerly been the domain of large enterprises.
• As retailers carry on apace with the IT modernization agenda, SaaS can play several roles, including:
  • Serving as a bridge to eventually migrate to a new, on-premises business application environment
  • Serving as a permanent move to outsource the application as a service

This research looks at some frequently asked questions (FAQs) that retailers are trying to answer regarding SaaS.

SaaS is software owned, delivered and managed remotely by one or more providers. SaaS delivery requires a vendor to provide remote, outsourced access to the application, as well as maintenance and upgrade services for it. If the vendor requires user organizations to install the application software on-premises on the user's own infrastructures, then the application is not SaaS. The infrastructure and IT operations supporting the applications must also be outsourced to the vendor or another provider.

The provider delivers an application based on a set of common codes and data definitions that are consumed in a one-to-many model by all contracted customers at any time. Users may be able to extend the data model by using configuration tools supplied by the provider, but without altering the source code.

SaaS is purchased on a pay-for-use basis or as a subscription based on usage metrics. Purchasing is based on a subscription (for example, per-user, per-month fee) or on the basis of use (for example, allocating a certain number of transactions for a fixed time period). A perpetual license purchase is not considered SaaS.

There's no single architectural approach (see Figure 1) to delivering SaaS. As SaaS progresses, variant architectures will emerge, depending on choices made regarding these attributes:

• Application Execution Infrastructure: The sharing/nonsharing of the underlying application execution infrastructure in terms of the tenancy models — single tenant or multitenant
• Application Versioning: The ability to have or not to have multiple application versions — single version or multiversion
• Data Separation: Physical or logical

The choices are not necessarily always binary. For example, the choice for data architecture in terms of data separation is not just between physically isolated data and shared logical data, but more along a continuum with many variations possible between the two extremes.

As SaaS grows as a deployment option for software, more and more traditional vendors are attempting to launch SaaS offerings in addition to their on-premises and hosted models. Some traditional on-premises vendors have positioned their offerings as hybrid SaaS — that is, a combination of SaaS and on-premises deployment options. The concept regarding hybrid SaaS is that the vendor offers customers the option of on-premises, hosted and/or SaaS, and the customer can start with SaaS and then move the deployment to on premises. Vendors often say that SaaS is an "on-ramp" to their on-premises offerings (see "Hybrid SaaS: Questions and Answers").

"SaaS" and "ASP" are terms that are sometimes used interchangeably. However, there are differences, and the main ones are summarized in Table 1.

SOA is a durable change in the approach to application architecture, and could be defined as following an architectural style that is modular, distributable, shareable and loosely coupled. WOA is a substyle of SOA, based on the Web. Although the Web is often viewed as a user interface (UI) architecture, WOA also enables it to be an application-neutral application programming interface (API) architecture for global application-to-application (A2A) integration across the Internet and within an enterprise.

According to Gartner surveys conducted in 2008, SOA is already the dominant architectural style for business applications (see "2008 SOA User Survey: Adoption Trends and Characteristics").

In a separate 4Q08 study of retailer use of SOA, 68% of retailers surveyed had implemented Web services, were implementing Web services or had plans to implement Web-services-based SOA initiatives during the next 12 months (see "Survey of Retailers' Use of SOA: An Approach to Application Architecture, Not the Solution Itself" and "Survey of Retailers' Use of SOA: Expected and Actual Benefits").

Put simply, SOA is an architectural approach, and SaaS is a delivery model. This means that, from a consumption perspective, SOA is not a prerequisite to deploying SaaS applications. However, for a large retailer, where a mixed portfolio of external services with on-premises applications is more likely, SOA will make it possible to more efficiently build, deploy and manage composite applications. SaaS can, therefore, take advantage of SOA to enable software applications to communicate with each other. Each software service can act as a service provider, exposing its functionality to other applications via public brokers, and can also act as a service requester, incorporating data and functionality from other services. Many vendors have leveraged SOA in building their SaaS offerings, some examples being SAP's Business ByDesign and Epicor's Enterprise 9 .

SOA is also an underlying enabler for cloud computing and other SaaS business models involving companies such as Amazon and Google.

Cloud computing is evolving from the combination of Internet technologies and technologies that enable economies of scale. Cloud computing can be very "public," where computing assets are owned by a third party (such as Google) and anyone can take advantage of them. Also available are very "private" cloud computing offerings, where the assets are owned by one organization, and access is limited to users from that organization. (For insight into distinguishing public cloud computing from private cloud computing, see "Five Refining Attributes of Public and Private Cloud Computing.")

Cloud has been overhyped during the past 18 months, and there is some confusion in the market as to what cloud computing encompasses. Some common cloud myths are summarized in Table 2.

Gartner defines cloud computing as a style of computing where scalable and elastic IT-enabled capabilities are delivered as a service to external customers using Internet technologies.

If the provider is to deliver a SaaS offering that is scalable, then cloud computing could be deployed as the underpinning infrastructure for delivery of that scalability. That said, many SaaS vendors tout the cloud as the delivery mechanism for multitenant SaaS models.

Gartner also provides clarification of cloud terminology in "Using the Right Words Will Ease Cloud Computing Confusion." For a comprehensive overview, see "The What, Why and When of Cloud Computing."

Gartner defines open-source software (OSS) as licensed software in which the source code is distributed with the product, and the user is able to modify and redistribute derived works from this software. The open-source model is a set of principles and best practices for software development, deployment and support. At its core, the open-source movement is focused on maximizing and protecting the privileges of the user, rather than the author.

Here are some characteristics of this type of model:

• Software Development — A strong focus is placed on collaborative efforts.
• Software Deployment — The model affects how the software is deployed, influencing service-based commercial models rather than software license fees.
• Software Support — There is a strong focus on quality assurance, "bug fixing" and evolution of the software directly within the user community.
• Software Stewardship — No single entity owns the software, so no single entity can control it arbitrarily. Instead, the software is usually developed through a project in which members of the open-source community develop, support, maintain and use OSS. It is this community that provides "stewardship" over the project. For example, the community can grant unofficial "primary maintainer" status to a group of developers. If these developers fail to properly support the community, this role is readily transferred to others. The software develops through "natural selection"; if conflicts emerge over the direction of the software within a community, the software can be freely split into multiple and distinct variations, with the "strongest" version being the most dominant.

Vendors are increasingly using open-source infrastructure to reduce the cost of software acquisition. For example salesforce.com (AppExchange) and SugarCRM (SugarExchange) have launched application platform as a service to enable user communities to develop and share extensions to the vendor-offered applications and new applications created by the community.

Open source will increasingly become a factor in SaaS solution providers' technology stacks. User communities will sprout up around application platform as service providers and will leverage open-source practices for sharing software applications.

Gartner expects that, as use of SaaS increases, along with the emergence of associated application platform as a service providers' open-source "type" practices (such as those with salesforce.com), application exchange will continue to grow. Community policing capabilities, such as voting and validation of those useful applications versus ones that are not, will help control these emerging communities. As more SaaS vendors use open source in the technology stack, the costs of software acquisition would be expected to get lower.

Gartner conducted a survey in 4Q08 to research retailer use of SaaS (see "Survey of Retailers' Use of SOA: An Approach to Application Architecture, Not the Solution Itself" and "Survey of Retailers' Use of SOA: Expected and Actual Benefits"). Here are the top lines from the survey.

We asked retailers:

• At what stage are your organization's plans for implementation of software as a service (SaaS)? Survey response:
  • No plans — 47%
  • Implemented SaaS more than 12 months ago — 15%
  • Implemented SaaS during the past 12 months — 11%
  • Currently implementing SaaS — 11%
  • Plans to implement SaaS, but not during the next 12 months — 11%
  • Plans to implement SaaS during the next 12 months — 4%
• Which of the following processes are targeted by your organization's current SaaS implementation? Survey response — top five:
  • CRM
  • Supply chain
  • Merchandising, pricing and promotions
  • Enterprise payroll
  • Multichannel order and fulfillment
• Which benefits did/does your organization expect from its current/planned SaaS implementation? Survey response — top five:
  • Ability to use resources better
  • Reduced or deferred capital costs
  • Faster time to implementation of solution
  • Increased ability to respond better to market changes
  • Reduced maintenance costs

Figure 2 is the Priority Matrix for the "Hype Cycle for Software as a Service, 2009."

The matrix shows the SaaS technologies offered and the different adoption rates. It compares the degree of benefit attainable from a technology segment relative to its progression along the Hype Cycle. This is intended as a general guideline, because the benefits and maturity of any technology will depend on industry conditions and an organization's capacity to exploit the technology effectively.

It is recommended that this matrix be read in the context of the SaaS Hype Cycle research to get a view of the vendor landscape for cross-industry SaaS offerings.

SaaS is a burgeoning market for retail vendors, and there are now SaaS solutions that can support some aspects of retail business processes. For example, vendors are marketing solutions for e-commerce on demand, CRM, distributed order management, supply chain, procurement, business intelligence (BI), merchandising, and enterprise functions such as payroll and finance, and store applications. However, they vary greatly in terms of:

• Maturity of solution
• Type of offer — for example, specialist vendors for focusing on specific processes, ERP vendors looking to enter the market, vendors offering turnkey-type solutions
• The retail markets for which they are targeted in terms of tiers and geographies
• Level of adoption — for example, sales force automation is the most widely implemented CRM-on-demand process

The current vendor scenario for SaaS applications for the retail market can be summarized as:

• Retail SaaS specialist vendors are relatively small. Some have offers for Tier 1 retailers but most are aimed at Tier 2 and even Tier 3 retailers, an example is Predictix :
  • In late 2007, Predictix launched a SaaS merchandise planning solution. Currently, the modules include merchandise, and assortment planning and optimization; and price, promotion and markdown management and optimization. Space planning and optimization, allocation, replenishment, and other demand-planning modules are planned for subsequent release. The goal is to tie together all decision making, planning and demand forecasting used in merchandising into a single suite (and platform).
  • Predictix's planning suite is designed to integrate with retailer core merchandising systems.
  • Predictix solutions use a Web browser interface, include advanced forecasting capability, have built-in reporting and deliver planning methodologies as well as price/promotion/markdown approaches that retailers expect to find in the latest versions of merchandising software available today (see "Predictix Shows Promise With a Software-as-a-Service Merchandise Planning Suite").
• The leading platform and application vendors, such as the leading retail ERP vendors serving the Tier 1 retailers, are not yet quite ready with their retail-specific SaaS offerings, but some have cross-industry offerings for enterprise processes such as financials and HR for small and midsize enterprises. An example is SAP Business ByDesign:
  • SAP Business ByDesign is fully integrated cross-industry business management software designed for midsize companies or small businesses that want the benefits of large-scale business applications without the need for a large IT infrastructure. It enables preconfigured process best practices for managing financials, customer relationships, HR, projects, procurement and the supply chain.
• Retail application vendors mainly serving Tier 2 and below have entered the market, with turnkey-type offerings. An example is Epicor:
  • A manufacturer, Kellwood, with retail outlets implemented Epicor's SaaS retail business applications to support processes for point-of-sale (POS) interactions, merchandising, allocation, order management, sales audit and CRM in 55 of its direct-to-consumer branded retail stores. The implementation was completed in a four-month period with no extra IT head count. During the first year of implementation, sales went up by 3% and inventory costs decreased by 19%. The scalability of the solution has been proven with the hassle-free addition of branded retail stores for two more brands.
  • For a fixed fee plus a one-time startup charge, Epicor delivered its turnkey Connected Retailer SaaS solution, including:
    • Retail business applications for merchandising, allocation, POS, sales audit and CRM
    • Client-side hardware and installation — for example, POS terminals
    • Hosting of applications on secure, redundant servers
    • Connectivity via reliable and high-speed networks, associated implementation and integration services
    • Support and complete system maintenance, including 24/7 data security and backups
    • Ongoing updates and upgrades to latest software releases
  • The "pay as you go" (per number of stores) SaaS pricing model eliminated the need to amortize the cost of traditional software licenses. (For more on this implementation, see "Case Study: Retail SaaS Applications Support Kellwood's Direct-to Consumer Strategy.")

Despite its promise, SaaS is not a panacea for the complex people and process issues in the retail industry. It still remains only a fraction of the software industry and the application code base in a typical retail enterprise. Retailers considering SaaS should take note of the following:

1. SaaS projects are not just about taking out cost. The business and IT must work together to determine whether this alternative off-premises delivery model is suitable for the business, not only in terms of reducing capital and operational cost, but also in terms of delivering a flexible solution for revenue growth (see "Software as a Service: Understanding Whether It's Right for You"). Some things to bear in mind when considering business processes for SaaS solutions are:
   • The degree to which the SaaS solution provides a functional fit to the business requirements of the business process
   • The degree of customization required
   • The degree of usability required for the end users
2. Do due diligence when evaluating SaaS solutions:
   • Determine the maturity of the SaaS solutions for the process under consideration for SaaS.
   • Seek references from retailers that have deployed a similar project with the vendor, paying particular attention to lessons learned.
   • Examine the architectural models offered by the vendor.
   • Consider the sharing/nonsharing of the application execution infrastructure (single tenancy/multitenancy).
   • Consider whether you need to have single or multiple versions and inquire about the vendor's ability to deliver accordingly (single version/multiversion).
   • Analyze whether to separate the data physically or logically. For example, a multitenant/multiversion model offers version control and upgrades at your own pace.
   • Probe into the SaaS vendor's record on delivering applications that are reliable, resilient and scalable, finding out exactly how the application will be delivered:
     • If delivered through the cloud, do due diligence on vetting the cloud provider and any middle-tier brokers. Some examples — look at the relationship between the cloud provider and the SaaS provider; look at the cloud vendor's uptime record; ascertain the physical location of the data centers supporting the cloud, because this can have an impact on latency.
   • Determine the security of the SaaS offering, especially for out-of-country SaaS providers. Security groups should have an established set of security requirements that can be used as criteria for evaluating the network, platform, applications, data, operations and support services.
   • Examine the pricing model. Be sure to factor in all the costs when looking at SaaS solutions, not just the pricing model for setup of the solution:
     • Although SaaS may be cheaper in the short term due to the lower capital investment in infrastructure and setup, total cost of ownership could turn out to be more expensive in the long run. For example, there will be an increase in the operating budget because SaaS models require regular payments to the vendor. In addition, unlike on-premises applications that are depreciable assets over time, the increase in the operating budget from SaaS never lessens
     • Pay particular attention to "hidden" fees when negotiating SaaS contracts. These include additional setup costs, such as database installation and preliminary configuration, incremental fees for the test, development and deployment environments, as well as storage. Check on storage restrictions if on a standard recurring monthly fee; fees for transfer or migration of data; and additional cost to process at other sites if there's a disaster and the primary location is shut down.
   • Investigate deployment time. SaaS vendors claim that the model takes less time to deploy than conventional software and, therefore, saves money. Gartner believes that arguably the time to deploy both types of software is comparable only after taking into consideration:
     • The time spent "upfront" with the business on the design phase. For example
       • Understanding the impact on the business processes
       • Selecting the processes or parts of the processes for the SaaS treatment
       • Developing the data models and workflows
       • Designing the architectural model for deployment
       • Understanding the impact of integration in a mixed application environment
       • Taking into account the limits of the APIs
     • The time spent on performing the actual customization, configuration, integration at setup and while in operation
3. Ensure adequate planning for protection of data and plans in the event of data breaches:
   • Process flow the entire end-to-end flow of data.
   • Track the flow of data through the entire end-to-end process, making sure to incorporate any standards or regulations for data protection (for example, Data Protection Acts and Payment Card Industry Data Security Standards).
   • Have a plan in place in the event of data breaches, and ensure this is well-communicated and understood by those involved in the deployment of the applications.
4. Understand how to plan for redundancy and disaster recovery:
   • Retailers must understand what kind of measures are in place in case of failures, disasters and other mishaps. These measures and service-level agreements will be specified in the SaaS contract, but retailers will need to evaluate if they are sufficient for their situations.
   • Retailers must clearly outline the responsibilities of the vendors involved, especially when delivering a business process in a mixed application environment.
5. Investigate the financial viability of small companies, especially startups offering SaaS solutions:
   • Any new small vendor in the retail software space must be carefully scrutinized.
   • Retailers must understand what commitments the vendor has made to its business in the event of bankruptcy, breaking of contracts or if the vendor decides to stop investing in a product line.

"Hybrid SaaS: Questions and Answers"

"2008 SOA User Survey: Adoption Trends and Characteristics"

"Survey of Retailers' Use of SOA: An Approach to Application Architecture, Not the Solution Itself"

"Survey of Retailers' Use of SOA: Expected and Actual Benefits"

"Survey of Retailers' Use of Software as a Service"

"Five Refining Attributes of Public and Private Cloud Computing"

"Using the Right Words Will Ease Cloud Computing Confusion"

"The What, Why and When of Cloud Computing"

"Hype Cycle for Software as a Service, 2009"

"Predictix Shows Promise With a Software-as-a-Service Merchandise Planning Suite"

"Case Study: Retail SaaS Applications Support Kellwood's Direct-to Consumer Strategy"

"Software as a Service: Understanding Whether It's Right for You"