Late last year we held a Technology Leaders Network meeting to look at the government’s use of Software as a Service (SaaS). Our session focussed on busting the common SaaS myths we hear in order to increase adoption and maintain the effectiveness of on-demand software. These are the main 4 myths in no particular order.
Myth 1: SaaS isn’t secure
Perhaps the biggest myth about SaaS is that it lacks security. There seems to be a common misconception across government that SaaS isn’t as secure as on-premise software. Of course there are some weaknesses but that is true of any technology.
A competent SaaS provider has a large budget for security and can invest heavily in mitigating all common risks. If you have a security breach, a provider has a team available to help you 24 hours a day, 7 days a week available to tackle any issues. It often wouldn’t be cost-effective for Government departments to match such a comprehensive level of service, which is why we’ve recently published some guidance on public sector use of the public cloud.
Myth 2: You can’t use SaaS for serious applications
This myth relates to the idea that SaaS isn’t suitable for big business or government departments . Sometimes cloud services aren’t developed enough for use in government. But there are many areas where SaaS solutions are ideal, such as project management and planning, email and HR.
There are many advantages to using SaaS for major systems, including:
- you won’t need to do any patching or software upgrades
- you will get automatic access to new features
- you will have international, enterprise-grade security (as outlined in myth one)
In terms of disadvantages, the government has lots of capital expenditure and this can make it difficult to get your use of SaaS agreed.
Myth 3: You should block access to SaaS apps you haven’t bought
If staff aren’t given adequate tools to deliver in their job, then you run the risk of them going out and finding their own alternatives. If this happens then employers have no visibility or control over what is being used. Alternatively, if staff are given access to options that are approved, you can integrate those tools and ensure they are being used securely.
The Common Technology Services (CTS) team recently conducted a survey looking at the most common technology issues encountered by staff across the Civil Service. One of the key issues that came up was being able to find people working on a particular project without knowing their name or job title. Many noted that they had resorted to using websites like LinkedIn to track down colleagues, but not all departments allow access to external sites. At GDS it’s not uncommon to see people reach out via Slack, asking if anyone can point them in the right direction or make an introduction.
Some departments have stated that they haven’t allowed access to tools like Slack because they don’t have the capacity to research them. The Technology Leaders Network agreed to put together guidance on tools they use, outlining their pros, cons and security considerations. Having one centralised piece of guidance that is always being updated will remove the risk for departments using these tools and help allow wider access for civil servants.
Myth 4: SaaS is just about saving money
To demonstrate this point, we had a live demonstration of a virtual desktop which allows users access to their documents from any supported device. The demo showed that not only is the service cost effective but user friendly and flexible.
What next?
The Technology Leaders Network plans to publish more guidance on SaaS products. Giving departments confidence to use SaaS services should help ensure civil servants have the tools they need to do their jobs efficiently.
We would be interested in hearing what SaaS products are helping your organisation. Leave a comment or email us to let us know.
You can also read a summary of the meeting from Jon Lawrence, Technical Director for Assurance at the National Cyber Security Centre.
You can sign up now for email updates from the Government Technology blog or subscribe to the feed.