What is Platform as a Service?
Platform as a Service (PaaS) is often referred to as ‘application hosting’. Users rent access to a platform of managed server hardware, network resources and operating systems, rather than procuring and managing it internally. This offers users the opportunity to run or create their own applications.
PaaS includes a fully-maintained operating system (usually the PaaS subscriber will have a choice), which presents a more direct and obvious option for the seamless migration of both applications and data. For example, a business’ CRM system which currently runs locally on a Windows Server platform could easily be migrated onto a Windows PaaS solution; all you would need to do in a typical installation is to create access/ security roles and publish to your staff.
Who is PaaS for?
PaaS is ideal for businesses which are experiencing rapid growth, have sudden and dramatic spikes in computing requirements, don’t have the required skills in-house or simply prefer not to manage the IT infrastructure internally.
By passing responsibility to the Cloud Service Provider (CSP) you can benefit from the facilities, resources and expertise of that provider. Since they are an expert in managing IT infrastructure and environments, and have invested heavily in data centres, data backup and failover facilities, network, servers and virtualisation technology, and their staff, facilities and resources are committed to the task of keeping their platform up-to-date in order to secure competitive advantage, your CSP will be in the best possible position to ensure and deliver maximum uptime and availability for your company’s IT operations.
What are the advantages of PaaS?
PaaS offers the financial advantage common to all cloud computing: essentially shifting expenditure on IT equipment from a capital expense to an operational expense. It also promises to deliver greater agility for the business since your allocation of computing resources is better able to grow (or shrink) according to the demands of your business.
In addition, the business will no longer need to invest in the maintenance of hardware and operating software and providers promise ‘seamless and painless’ updates.
Since PaaS is delivered over the internet, it is an effective tool for the centralisation of your computing resources, so that they are equally accessible for all areas of your business, irrespective of location.
In addition, since PaaS includes familiar operating system environments, it is the most obvious option for server replication and hybrid solutions – and can form a highly effective and cost efficient basis for backup and disaster recovery solutions.
Are there any risks involved in PaaS?
Any provider worth their salt will have their own system in place for disaster recovery – but does it comply with your internal policies? We recommend taking time to ask and understand how your CSP approaches DR. Keep in mind that your disaster recovery planning should also include the recovery of your data in the unlikely, but possible, event that for any reason your PaaS provider becomes unable to provide the service.
Using a PaaS service can also make it harder to demonstrate accountability and control over the protection of data – but it doesn’t have to. It is worth researching your PaaS provider’s server, data storage and security methodology and options for 3rd party auditing for compliance.
PaaS is delivered over the internet or, in some ‘private cloud’ cases, over your wide area network (WAN). In either case, you need to ensure that the connection to the service is sufficiently stable, reliable and has sufficient bandwidth to support all business users.
What do I need to do before implementing Platform as a Service?
- Understand the security, data management and compliance policies and the disaster recovery strategies of the providers you are considering.
- It’s the same as outsourcing any service – you need to do your due diligence on the supplier to ensure they comply with your business policies.
- You also need to fully understand the performance which you’ll be guaranteed and how that is backed up with a Service Level Agreement (SLA) which includes penalty clauses for failure.
The demarcation of responsibilities must be clearly understood and contractually explicit. No less important is the level of support you can expect to receive – again this must be governed by an SLA. This needs to match – or exceed – the service levels you would expect to receive were you operating these services within your organisation.