In the Beginning, There Were Updates

This month marks the 15th anniversary of SaaS—or “software as a service.” Prior to its widespread adoption, end users had to install frequent updates, software and hardware uptime often required expensive consultants and sys admins, and companies hoarded data inside their own castles (or servers).

Before SaaS, central computing and service companies described themselves as ASPs  (application service providers). This model existed for quite a long time–arguably since the 1960s–but lacked several components of success. Then, Salesforce launched in February of 1999 and began a rally cry of “no more software!” But like all pioneering tech solutions SaaS was originally met with backlash and skepticism.

“IT people worried that they were going to lose their jobs,” said Brian Flood, OpenDNS’s Business Systems and Analysis Manager and resident SaaS expert. “They said, ‘We’re never going to trust that our data is safe in someone else’s servers.’”

Salesforce_Logo_2009However, the benefits of the SaaS model soon overwhelmed the objections.

Why did SaaS become so essential for the enterprise? Several reasons, but a few stood out as being key to massive growth: speed (of both implementation and administration), cost (although heavily debated, generally lower initially than traditional products), and maintenance (or lack thereof).

The success of early SaaS companies also paved the way for more “as-a-service” verticals to take off. This evolution ultimately led to a new computing landscape and the need for new security solutions that aligned with the SaaS model—security-as-a-service.

SaaS + Security: Protecting the Roaming Workforce

Back in 2012, OpenDNS CEO David Ulevitch spoke to GigaOm on the very promise of security as a service when he said, “One thing that’s easier now than it ever has been is to raise the bar for security. And there’s now a way to do that without trading off user experience or performance.”

Cloud-based network security services complement traditional systems, and protect the modern workforce—roaming employees who rely on SaaS business applications and WiFi networks to do their jobs anywhere, at any time.

Prior to when software as a service became the norm, the office wasn’t only a place you went, it was a place you had to go. Accessing corporate systems and data outside the office network was not easy—especially if you wanted to have a modicum of security.

And although SaaS adoption grew in the enterprise space, security solutions remained focused on the network perimeter even in the midst of a massive migration to remote computing. While attackers found new vectors to exploit in the cloud, the security industry responded by building higher castle walls—soon rendered useless as employees continued working off the corporate network. Realizing they could easily bypass signature-based solutions with speed and social engineering, attackers began quickly outpacing conventional security technology.

By taking advantage of the same benefits that software as a service used to conquer the business world (speed, lower costs, less maintenance), security as a service is a powerful defense in the fight against modern threats—network boundaries are no longer a limiting factor. In fact, Gartner predicts that the ‘cloud-based security services market, which includes secure email or web gateways, identity and access management (IAM), remote vulnerability assessment, security information and event management will hit $4.13 billion by 2017.

As an indispensable part of the cloud technology stack, security as a service is essential in  ensuring remote workers are protected. As the importance of network security becomes more visible with every breach that’s covered in the media, we can thank the original SaaS for blazing the innovation trail.

To learn more about the industry’s leading SaaS players including OpenDNS CEO David Ulevitch, read our post on the First Annual SaaStr event where successful SaaS founders shared their playbooks.

Image credit: KPG_Payless /

This post is categorized in: