Get your copy of the 7th Annual State of Smart Manufacturing and hear from 300+ manufacturers in this new survey report!
As more businesses move to SaaS (software-as-a-service) applications, some manufacturers still have some uncertainty about data safety and security, as well as uptime and reliability in the cloud.
If moving your operations to the cloud seems foreign to you, or if you aren’t sure how to evaluate cloud versus on-premise ERP and MES systems, just remember these four things: availability, reliability, scalability, and security.
These four measurable aspects of a cloud-based system can help you evaluate the right SaaS provider. Generally, your provider should outperform your own IT operations, because IT is their specialty. This is one of the biggest benefits of a SaaS solution: it frees up your resources so you can focus on what you do best—make products.
So, how can you be sure that a cloud data center and SaaS provider will provide equal or perhaps better service than your internal IT department? The provider should offer metrics that are meaningful to your CIO and other senior technical leaders. Let’s dive into the four key things you should look for, and what standards a world-class provider should meet and exceed.
Some applications are more critical than others. For example, while an outage in an HR or email application is certainly an inconvenience, downtime in plant operations means products aren’t being made—and this has a direct impact on your bottom line. In your business, any outage is a critical outage, and your provider should understand that.
Look carefully at a potential provider’s availability metrics year over year. Is the provider willing to commit to a SLA (service level agreement) of over four nines (99.99%) availability for their ERP and MES? This equates to roughly 53 minutes of unplanned downtime per year.
With any application, consider maintenance times as well. Your vendor should have short maintenance windows during minimally disruptive times.
Another key capability to explore is how the provider is equipped to handle disasters such as a weather event or terrorist attack that might take out an entire data center. How many data centers does the provider have, and how are they configured?
A world-class provider should have more than a single data center with a clear disaster recover (DR) or failover plan. Sites should also be identical so there is no degradation in service in the case of a disaster.
Also be sure to ask questions about infrastructure and testing. Is your provider leveraging the same infrastructure at each site, and are they optimized for that architecture? This can deliver a more seamless operational transfer. And while many providers test failover once a year (which would be necessary in the event of a disaster), the best providers are testing these monthly so they know the procedures and how to executive them.
Reliability can be summarized as how well the application performs its intended function. Is the application working as it is supposed to? In a mission-critical manufacturing application, it is important to track all transactions, since for some manufacturers this could translate to billions of transactions per day. Is the cloud provider’s infrastructure equipped to handle large transaction volumes?
In the event of a failed transaction, the provider should be able to determine why that transaction failed. For example, did it time out or was there an execution error? Can the provider link application performance to user experience? And does the provider have analytics that can determine the underlying cause of performance issues and provide proactive measures to prevent those problems?
Another important benefit of a cloud-based SaaS application is seamless on-demand scalability as your business needs grow. As you look at providers, be sure that the solution is multi-tenant so that no single customer affects any other. A multi-tenant SaaS model means companies use a single line of software code (instance) and common IT infrastructure, yet each company (tenant) has its own secure database and access controls. SaaS leverages the scale of provider-managed shared infrastructure (software and hardware) while delivering individualized, segregated, secure applications to each company.
Scalability goes hand-in-hand with availability. If your provider has multiple active data centers and modular infrastructure, you should easily scale up or down and have plenty of room for growth—without sacrificing uptime or performance.
With respect to security, make sure the provider is keeping up with industry security and privacy standards and regulations. In a multi-tenant solution, is your data separate and secure from other customer’s data? Does the solution enable role-based segregation of data within the company? What are the encryption policies? What are the protections against cybercrime and hackers?
Your provider should follow developing standards and regulations that make sense for the business, including more modern considerations such as the Privacy Shield data protection policy—one of the early adopters after Safe Harbor went away. The provider’s solution should meet NIST 800-171, since compliance was at the end of 2017, and it’s important for SaaS multi-tenant providers that provide goods to the U.S. government.
Most providers, if using elite data centers, should also keep their cloud private, meaning it is isolated from other servers and locked down. While the data center may house racks for other organizations, the only shared infrastructure should be services like power, HVAC, network connectivity, and multiple levels of security and monitoring. A good analogy is whether your money is safer stored at a local bank or at Fort Knox, with costs being relatively the same or similar. The local bank provides an adequate amount of security, but it can’t compare to Fort Knox.
Is the cloud trustworthy?
So, can you trust your manufacturing business to the cloud? Well that depends on the provider. Armed with the proper questions, you can easily determine whether your SaaS provider is going to meet and exceed your requirements for availability, reliability, scalability and security.