We use four different SAAS providers here at Windward. There are others we have used that we have found didn't get the job done but these four all do a great job. We love their systems (well semi-like in the case of SFDC) and we find the lower administrative effort from SAAS to be a nice benefit. So all is good – no?
Well, actually we just discovered a serious problem with the SAAS approach. One that may cause us to have to pull all outward facing services back to our servers. One of our providers (not mentioned as I don't think this is their fault) as just blacklisted by the People's Republic of China. The great firewall of China now disallows connecting to their IP address. So none of our customers in PRC can get to our help ticket site.
This is a giant issue for SAAS providers. If a single one of their clients gets marked as a spam source, porn site, politically unacceptable, etc. – then every client of theirs is then blacklisted. This is similar to the cases of an SAAS provider being hit with a DDOS because someone is mad at one particular client – but all then suffer. We all pay for the sins of every other client of the SAAS provider.
And to make it worse, we only hear about the problem second hand. We are not monitoring the servers, we don't receive any notifications from 3rd parties. We are dependent on a provider who generally will prefer to try and fix an issue like this without letting anyone know there is a problem. And even when we learn of the problem – there is nothing we can do to fix it.
I'm sure we are not the first that have seen this. But my guess is that as SAAS grows this issue will grow with it. And the SAAS industry will need to figure out how to address it to continue gaining business.
