Other as-a-Service Options in the Cloud

In case all the hundreds (if not thousands) of SaaS options aren’t enough, a plethora of as-a-Service models are springing up around the cloud. There are service providers to help you manage your cloud and secure your cloud environment. There are providers to help you deploy desktops in the cloud. The list goes on. This section provides some examples.

Monitoring and management as a service

Is what you see what you get? Maybe. That’s why companies using SaaS need to do some of their own monitoring to determine whether their service levels have been met by their SaaS providers. Even more complicated is when companies are using more than one SaaS application in a hybrid model (refer to Figure 6-1 earlier in this chapter). To complicate things even further, you must monitor not just a single application, but also the combination of applications.

Companies in the systems management space are positioning themselves for this world. Vendors come at this market from two different perspectives:

From the top down, large telecommunications companies are packaging their capabilities so they can help provide cloud management and monitoring.

You also see traditional companies that provide web-services monitoring now offering services that will tell you whether your website has added new services to support the cloud.

For example, Cloudkick offers monitoring tools as a service for multiple cloud server providers, as well as server management tools. The company was founded in January 2009 and was quickly acquired by Rackspace, a cloud computing leader, in December 2010, in part because Cloudkick empowers customers to monitor an entire cloud strategy — both public and private.

Security as a service

Almost without exception, vendors providing antivirus software are offering their products as a service. These vendors include all the large IT security players: Symantec, McAfee, CA, and Kaspersky Labs. In addition, companies, such as Hewlett-Packard and IBM, have tools that scan environments for vulnerability scanning and testing.

Identity management — ensuring that people accessing a system are who they say they are and determining what access, if any, should be granted — is an important aspect of a company’s security strategy for both on-premises and cloud computing. A growing number of players deliver identity management solutions as SaaS. Symantec, IBM, CA, and Oracle, along with small vendors such as Okta, Ping, and Symplified all either have or are rolling out identity management as a service.

For more on security, see Chapter 15.

Compliance and governance as a service

Compliance and governance tasks are time-consuming and complicated tasks that large companies are required to do. Therefore, offering these capabilities as a service is critical.

Not surprisingly, hundreds of companies have moved into this area. Today a company’s full governance, risk, and compliance (GRC) solution can be delivered as a service. Some additional services that have become SaaS include the following:

Patch management: For security packs and service patches for your applications

Business continuity planning: To ensure that your software continues to run in the face of a disaster

Discovery of records and messages: Records management of inactive and semi-active records has become a big SaaS storage type service

Various governance reporting: Such as SOX (Sarbanes-Oxley), SAS 70 (Statement on Auditing Standard) controls for data, HIPAA (Health Insurance Portability and Accountability Act) healthcare requirements, and GLBA (Gramm-Leach-Bliley Act) requirements

For more on governance, see Chapter 15.