A Potential Solution to the SaaS Trust Problem
The other day I was thinking about how trust is the exposed Achilles heel of the SaaS model: if the customer can't trust the service they're using with their confidential data, they won't use the service. This is a really big problem for startups in particular, because they have no brand equity to take advantage of. Getting new (and especially LARGE) customers to trust them is a pretty steep barrier to entry--especially for inherently confidential data such as financial data or M&A data. Then there's also the issue of the startup potentially failing and going out of business, and all the data built up in the application going "poof" along with it.
But the compartmentalized architecture that's becoming popular on the Web these days just may offer a solution. I've had some thoughts around this, and I've come up with a solution that would make me more comfortable storing my data with a startup that's an unknown quantity: Cloud Storage. While I haven't seen this model used very much at all yet, it makes a lot of sense to me and I can see it building some momentum over the next year or two.
The idea that I'm talking about is using a customer-owned data storage container to store the application data. Instead of the Web application storing data in its own internal data store, such as a hard drive in a server farm in a data center, this model allows the customer to store and own the data himself. The customer's data store would probably be in the form of a cloud storage service like Amazon S3 or Mosso.
Let the customer sign up and pay for his own storage, and simply use the application as a service. Not a service AND a rented storage unit, just a service. This lets the customer TRULY own his data, he can monitor access to it and see EXACTLY what's going on with it, and he can remove the application's access to it at any time. It also relieves the software vendor from footing the data storage bill as well as being responsible for the customer's data. (Obviously the application still has to be secure, but that's a different topic.)
I'm aware of a couple of consumer applications that already use this model: SmugMug lets customers store their photos and videos in their own Amazon S3 store, and Jungle Disk lets customers back up their computer to their S3 store. Right now this is probably a limited market just because of the conceptual complexity associated with getting somebody to sign up for their own S3 account--expecting the average person to understand that they'll be getting a monthly bill for hard disk space is probably a lot to ask right now--but that is changing. People are getting used to the idea of using SaaS applications, and storage as a service isn't too big a leap from there.
P.S. This isn't just for storage, either. Amazon and others also offer message queues and computing cycles as cloud services, and applications could certainly be built to use a customer's own account for those as well. In fact, the more decoupled the core of the application (the user interface and the logic) is from the back-end, the more of the back-end the customer can own, which is a win-win situation for all involved.
Comments