Recently “big five” accounting firm BDO released its annual global M&A report for the Technology, Media and Telecom sectors, where it highlighted enterprise file sharing as a hot focus area. The “perceptual map” of selected vendors you see here — featuring CTERA at the top right — is taken from the report. The full report is available for viewing on BDO’s website.
What stands out for me in this map is that the smart people over at BDO understood that the key differentiator (other than the self-explanatory device support) between the various solutions is their topology, or more specifically: how the application is delivered and where the data resides.
Deployment: Where’s The Data and Who Controls It?
The lack of clarity in the market around how Enterprise File Sync & Share (EFSS) solutions can be deployed is a major source of confusion. The market is literally swamped with SaaS offerings, and only a handful of solutions – including CTERA – that enable companies to own the application and use the infrastructure of their choice.
So what are the different options and what are their relative advantages? We see three main deployment topologies:
- SaaS: This is where the EFSS solution is provided as a service by a provider, who stores the data in a datacenter (or multiple datacenters). This is based on the consumer model made famous by Dropbox, but there are more enterprise-oriented solutions out there. This is often referred to as ‘public cloud’ but I don’t like that term as it doesn’t differentiate between SaaS and IaaS (infrastructure as a service) solutions.
- Private Cloud / On-Premises: In this scenario, the enterprise runs its own solution in its own datacenter. It buys software, installs connects to its storage infrastructure and runs it as it would any other system.
- ‘Virtual Private’ Cloud: Deployments of a hosted cloud infrastructure with a service provider, but one where the enterprise controls everything except the physical storage facility. This is a great option for enterprises who would rather not invest in datacenter technology, preferring instead an OPEX model, but still with full control over the data and application layers. Amazon’s VPC is an example of such an environment, and most enterprise-oriented cloud providers offer this.
CTERA’s survey of 200 enterprise IT professionals, commissioned from independent survey firm Research Now, shows a clear preference (63% of respondents) toward private and ‘virtual private’ EFSS solutions rather than SaaS-based solutions. Given the deluge of SaaS offerings and the relatively few solutions available for private cloud deployments, there’s clearly a discrepancy in the market between what’s on offer vs. what customers want.
Enter the Platform
SaaS may seem like a good choice for some because it provides quick, ‘right out of the box’ (no pun intended) deployment and doesn’t require capital expenditure (CAPEX) – and for some, it is indeed a sensible choice. If Box’s IPO filing is an indication of how the market perceives this model, you’d think it’s the only game in town. But as evident from our survey and other data points we’ve seen these past couple of years, enterprises view things differently.
What private and ‘virtual private’ (we really need a better name for that…) deployments have in common is that they are based on a platform approach – the customer runs a platform from which the EFSS services are served. That platform runs in an environment controlled by IT, whether that environment is in-house or on a ‘public’ cloud (but as IaaS).
Why is that approach preferred by enterprises? Because when it comes to the larger enterprises especially, only that approach can satisfy key considerations that SaaS cannot address, even if it has the best security measures in place:
- Data governance: Creating a single pool of unstructured data makes sense. It provides a cost advantage but also benefits such as analytics and easier management of data assets. When you put a portion of your data in an external service, which is what SaaS services end up doing, you make it impossible to control your data assets as a whole.
- Security: When your data is mixed with other people’s data in an environment that is not necessarily multi-tenant with complete separation between customers’ data, and certainly with no control over physical storage, there is a risk that a breach into one customer’s data may end up in yours. Also, you should insist on managing your own encryption keys.
- Lock-In: An integrated SaaS solution stores your data in its own proprietary format. The only way to access it is via the application provided by the service provider. It’s a ‘vertically integrated’ offering in which you have no way out other than the way you came in.
- Total Cost of Ownership: If you’re an enterprise with several thousand employees or more, you have your own economies of scale. The 3-year TCO of a solution you run (not necessarily on your own infrastructure!) is significantly lower than the cost of monthly fees paid to a SaaS provider, and sometimes CAPEX is actually the preferred method of expenditure.
Those are some of the reasons enterprises understand (sometimes intuitively) that they need an approach that gives them better control over the data and the application, which only a platform approach can deliver.
Sharing solutions are not all alike. Make sure you share your files and not your cloud storage stack.