Business Applications as a Service (BAaaS)

Moving business apps into the cloud carries big benefits

The rise and rise of the as-a-Service (XaaS) model continues. The various models based around the XaaS approach are all forecast to continue growing rapidly as organizations go on taking advantage of the increased flexibility, lower CAPEX (Capital Expenditure) and on-demand nature of the service. Gartner predicts that Infrastructure-as-a-Service (IaaS) will grow at a CAGR (Compound annual Growth Rate of 41.3 per cent through 2016, while Platform-as-a-Service (PaaS) will hit 27.7 per cent CAGR in the same period. The Software-as-a-Service (SaaS) market will grow at 19.5 per cent CAGR in that time too, demonstrating how significant the cloud delivery of IT services has become.

XaaS is about making life easier for the customer while giving the provider greater flexibility. Where previously, software licenses were bought and long-term contracts entered into, today organizations want and need to be more agile. Utilizing IT services on-demand means that businesses can deploy services as needed, quickly, securely and cost-effectively. The cloud has enabled this change in mentality; it has helped to create a more business-centric IT culture, where companies and organizations really do get to have IT on their own terms.

Beyond software and infrastructure

As every mobile user knows, this is the era of the app. Cloud delivery of our favourite films, music, games, magazines and books direct to our smartphones or tablets is now entirely second nature, and it has almost become hard to remember the world before it.  Similar to sourcing our personal apps on demand from the cloud, doesn’t it now make sense that we do the same thing with business applications?

Business Applications as a Service (BAaaS) is well set to become the next big thing in app delivery this year. As companies continue needing to cut costs wherever possible, shifting certain business applications into the cloud and utilizing them on an on-demand basis helps to remove the CAPEX typically involved in purchasing business services, and also reduces OPEX (Operating Expense) as you go along. Companies today often find that processes and requirements change on a continuous basis, meaning purchasing business applications outright can become a zero-sum game or even a loss-maker. Organization and end-user needs are always evolving, and new functionality is often required at short notice.

So just as Software as a Service began life delivering business applications like Enterprise Resource Planning (ERP), Customer Relationship Management (CRM) and Human Resource Management (HRM) tools on demand and via the cloud, so the BAaaS model will evolve to deliver other key applications like Business Intelligence (BI), security tools, plant control and business premises management apps – it’s the next logical step in this technology shift.

Why so popular?

In addition to the OPEX and CAPEX benefits, BAaaS tools can be used from any device, whenever and wherever the end-user wants. With so many personal apps delivered through the cloud to mobile devices today, end-users are perfectly familiar using the internet to get the apps they need. So there is no reason why this should not extend to the workplace. There’s also a shorter learning curve to be had because of this end-user familiarity.

Delivering business apps in this way also makes the upgrade process far easier. Organizations work with their BAaaS partner to establish the terms of engagement, the BAaaS partner then takes care of all updates and upgrades to apps. No additional hardware, software or capacity upgrades are required, even when scaling up the user base. It is a model of simplicity.

The changing nature of the CIO

The BAaaS shift also has major implications for the CIO and the IT department. With the role of the CIO changing into that of a business-critical one, the benefits of BAaaS can help make the transition simpler. With budgets remaining tight, the pressure is on the CIO to do more with less – their focus must become more strategic and they have to deliver commercially impactful initiatives – by being innovative, agile and prepared to adopt new technologies.

Every stakeholder today expects more. They expect more apps delivered more quickly and more reliably, wherever they are, while ensuring that the network remains more secure. The modern CIO now has a very different role. The IT department has become both the engine room of a company and also a business unit in itself which must innovate, think strategically and drive the organization forward. BAaaS is the latest cloud service which can help make the CIO’s mission easier and more relevant.

Understand the current security model

It sounds obvious, but often it is taken for granted. Evaluating the security controls currently in place in your organisation and what risks they should be eliminating, is important in knowing what you need to ask for when you seek a BAaaS provider. This process also helps identify what is working and what isn’t, and provides you with the ability to request the same security standards with your BAaaS provider. If this assessment uncovers gaping holes, you have the opportunity to rectify this with your new BAaaS provider, or if your security is up to scratch, then you have a benchmark by which to measure. Ensuring that internal security measures and your new BAaaS provider’s security credentials matchup is critical in delivering the safest environment possible for your organisation.

With a growing variety of BAaaS solutions available, your choice may need to integrate with existing security standards. In such cases, firewalls and other traditional security measures can be adapted to integrate with new security policies. In theory, this is the case; however a full assessment and understanding of these traditional measures may uncover non-compatibility with current systems. Understanding the full scope of your business, your requirements and your current security measures will direct you to what you need from your BAaaS provider.

Keep in mind: Change can be difficult, and risky. Have a safety net in place. Your security systems are going to change in your organisation, and to make sure it is for the better means you need to understand the security bottom line. Don’t be afraid to take this security investigation as an opportunity to give your security system an overhaul.

Read more: Privileged-account risk multiplies for Australia's cloud-hungry businesses: CyberArk

Join the CSO newsletter!

Error: Please check your email address.

Tags softwareCIOCSO AustraliaXaaS approachUtilizing IT servicesEnterprise Resource Planning (ERP)CAPEX (Capital Expenditure)business applicationsEnex TestLabYour security systemsBusiness Applications as a Service (BAaaS)Cloud

More about Gartner

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gordon Makryllos

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts