Offtopic - SaaS ROI Explained and why On-Prem is a bad idea (for most)

In this post we explain what has been explained 50 million times over the last decade: SaaS has a better ROI than on-prem.

Our typical, existing On-Prem customer that should have SaaS looks like this:

  • They run very old versions of eramba (Btw - we are security people that is involved in writing patching and vulnerability polices)

  • The underlying Linux that runs eramba has very old PHP versions, Etc.

  • They raise 900 million support tickets to us, not about eramba, about their infrastructure making a waste of their and our time.

Why SaaS is cheaper?:

  • Infrastructure costs. Our SaaS infrastructure is layers and duplicated. In AWS terms this means two zones within a single region. This requires at least: 1 x WAF, 1 x LB, 2 x EC2, 1 RDS (cluster), Multiple EBSs, Backup Service from AWS, S3, Etc. To all that, include network traffic, storage costs, Etc. You are looking at least 250-300 EUR / Month. That alone is %100-%110 of our SaaS fee (bear in mind our fee includes 2500 EUR of software)

Note: If you run all that in a single EC2 exposed to Internet it will be cheaper. Of course. You can run eramba on a Playstation as well, but let’s compare apples to apples.

  • We do some 20-30 updates a year. This requires manual intervention. Doing backups before updating, letting people an update will take place, running the update, testing all is ok. At 25 updates a year, a couple of hours per update that is 50 hours a year. If your hourly rate is 50 eur / hr (?) that is 1250 eur a year. Add this to the on-prem bill.

  • Your IT teams will need to upgrade the underlying infrastructure. That will require some 10-20 upgrades a year. Same as above. Add this to the on-prem bill.

  • Skills - now to run the setup above you need to understand Linux, AWS, Dockers, Backups, Etc. You also need to understand how eramba works. Those skills costs money and we know for a fact, many of our customers do not have them. Building a house without skills is possible but the result will be questionable.

  • Continuity response times. If your IT department run the on-prem system then you are competing for their time with god knows how many other tasks and teams. We do not mean to disrespect, but GRC is hardly going to be a priority for them.

  • Our infrastructure operational processes are tested frequently (by us, a third party and a certification authority) and are ISO 27001 certified. Can you tell the same about the ones run by your IT department?

For the reasons above, we (and the rest of the planet) offer SaaS services. Is a simple financial decision, a very obvious one to make. We will be contacting all our existing customers with a tempting offer to move to SaaS soon.