| This article provides a checklist for retailers who are | | | | online retailers must understand and be able to |
| evaluating SaaS based eCommerce solutions as part | | | | demonstrate. True eCommerce SaaS providers will |
| of their re-platforming project. These are the | | | | maintain PCI-DSS compliance and provide controls |
| characteristics of a true software-as-a-service (SaaS) | | | | within their platforms to make compliance easier for |
| eCommerce provider. | | | | the merchant. |
| The platform decision is arguably the most important, | | | | Beware: Providers should guarantee they will maintain |
| complex, and costly part of a retailers 3-5 year | | | | PCI compliance in their Master Services Agreement. |
| investment cycle. It is a decision that is often put off or | | | | 5. eCommerce Account Management |
| easily put on hold due to other priorities or the risks | | | | Outside of 24x7 support, true eCommerce SaaS |
| involved. And it is a decision that very few online | | | | providers will offer a dedicated account management |
| retailers are qualified to make on their own since it has | | | | resource to their Clients. This person is named on their |
| such broad implications across technology, marketing, | | | | account and is available as a single point of contact |
| operations, and sales. | | | | and is accountable for customer satisfaction at no |
| What is SaaS? | | | | extra cost. |
| A logical place to start. Software-as-a-Service (SaaS) | | | | Beware: It is important the person assigned to your |
| is a delivery model alternative for software companies | | | | account is not motivated by selling more services. |
| to license their software "on-demand", typically | | | | 6. Platform ConfigurationTrue eCommerce SaaS |
| delivered over the Internet using standard web | | | | platforms offer rich features that can be turned on or |
| protocols. In most cases, the SaaS provider has | | | | off (configurable) as part of the implementation and by |
| software running their own servers in a data center | | | | the merchant on-demand. This includes the ability for |
| they manage, along with all aspects of the application. | | | | complex merchandising, search, promotions, shipping, |
| This is opposed to licensing software | | | | checkout, payment, and other tools to be available to |
| "off-the-shelf".eCommerce SaaS Providers are | | | | the Client as needed at no extra charge. |
| companies that deliver their eCommerce software | | | | Beware: Many eCommerce providers will build a |
| platform on their proprietary infrastructure. True SaaS | | | | custom platform and website that offers limited |
| eCommerce providers can offer a much higher level | | | | configurable parameters after it's delivered. |
| of service overall to retailers over in-house or third | | | | 7. Rapid DeploymentSince a true eCommerce SaaS |
| party hosted models. | | | | provider already has existing infrastructure and |
| The "Service" in SaaS | | | | software running live, this drastically reduces project |
| Beyond the software delivery side of SaaS, and more | | | | times and allows the retailer (and the provider) to |
| important for retailers to understand, is the provider's | | | | focus on the most strategic parts of a project (User |
| ability to actually provide an ongoing service. The SaaS | | | | Experience and Integration). |
| provider is not coming in, building out a website, | | | | Beware: To reduce project risk, retailers must provide |
| charging licensing fees and leaving. A SaaS provider | | | | more time for testing (technology, procedures, etc.) for |
| makes their money over a 3-5 year period and is | | | | in-house or third party hosted solutions than with SaaS |
| accountable for keeping the website online and fast | | | | solutions. |
| every second of every minute. A tall order for just | | | | 8. NOC Monitoring and PerformanceTrue eCommerce |
| plain old software companies and is the fundamental | | | | SaaS platforms have a software and hardware |
| difference with SaaS providers over custom | | | | architecture that is scalable, allowing for quick |
| eCommerce solutions or third party hosted systems. | | | | provisioning of additional capacity to handle peak |
| 1. Redundant Server Infrastructure | | | | demands. To stay on top of capacity, SaaS providers |
| True eCommerce SaaS providers have redundant | | | | are continuously monitoring eCommerce websites |
| server farms with no single points of failure. The SaaS | | | | using global availability and performance monitoring |
| platform will offer load balancing, clustering, and | | | | tools (Gomez, Keynote, Uptrends) and have a |
| automatic fail over for all server tiers. In all likelihood the | | | | Network Operations Center (NOC) that can |
| SaaS platform will house more than one website and | | | | proactively stay ahead of load issues. |
| Client (called a multi-tenant architecture) - this is not a | | | | Beware: Many IT departments are just not staffed to |
| problem providing they can guarantee performance, | | | | handle 24x7x365 monitoring or have the resources to |
| security, and availability in a Service Level Agreement. | | | | properly architect a scalable solution. |
| Beware: We often hear of eCommerce Systems | | | | 9. Rental License vs. One-Time Lump SumSince SaaS |
| Integrators proposing one or two servers as "ongoing | | | | providers license their eCommerce platforms |
| hosting" instead of proposing robust, high-availability | | | | "on-demand" vs. lump sum licensing, most provide a |
| architectures. | | | | monthly based fee to "rent" the license. SaaS licensing |
| 2. New Features and Upgrades Included | | | | models vary, some which are based on transactions, |
| We are not talking about "18% per year maintenance". | | | | commissions, users, products, bandwidth or flat monthly |
| True eCommerce SaaS providers will deliver several | | | | fees. In almost every case, the ongoing monthly fees |
| releases per year of new platform features requested | | | | with a SaaS provider will be higher but the one-time |
| by their Clients. These features will be rolled into the | | | | fees will be significantly lower (than a licensed / hosted |
| software code base and seamlessly released to all | | | | or custom build hosted). Typically the monthly fee is a |
| Clients avoiding costly "customization fees". | | | | blend of License and Delivery of the service. |
| Beware: Software License Maintenance is often used | | | | Beware: The monthly fee for SaaS providers is not |
| as a placeholder during the sales process for new | | | | "hosting", it is a mix of licensing and service delivery (as |
| features, support, service, or other. | | | | defined in the plan and SLA). Go back to checklist #1, |
| 3. Service Level Agreement (SLA) Included | | | | the managed hosting fees alone for a redundant setup |
| True eCommerce SaaS providers have a "service | | | | will make the SaaS fees very reasonable. |
| culture". They are used to earning their money over a | | | | 10. Disaster Recovery - Business ContinuityAs a |
| 3-5 year period of time vs. one-time upfront fees. As | | | | provider of business critical services to online retailers, |
| a result, they will guarantee Uptime, Performance, | | | | true eCommerce SaaS providers will maintain a full |
| Transaction Integrity, and the Support Process in an | | | | disaster recovery (DR) and business continuity plan |
| SLA with the retailer. These SLAs should provide clear | | | | (BCP). This will protect the merchant by reducing |
| monthly reports on the status and a penalty structure | | | | possible downtime and data loss caused by a disaster |
| for not meeting the targets. | | | | in the data center. |
| Beware: Companies may try to use the 3rd party | | | | Beware: Backups can be part of a DR strategy, but |
| hosting company's SLA in place of an agreement with | | | | are not the plan alone. It is critical that the platform |
| the solution provider. | | | | provider has a replicated environment to recover |
| 4. PCI Security | | | | service if needed. |
| Payment Card Industry compliance is something that all | | | | |