Evaluate your SIEM
Get the guideDon't get punk'd in the cloud
Learn how to spot cloudwashing. Explore analyst reports, e-books, blog posts, videos and more.
November 23, 2018
Let me preface this article with a quick customer story. I was recently talking with the director of operations of a G2000 company and he asked in a nice, but pointed way: “All I want is a SaaS software solution to manage my applications. Why does the architecture of the software matter?”
At Sumo Logic, we couldn’t agree and disagree more.
First things first, SaaS is absolutely the way to go, especially when you are considering bringing on a scalable machine data analytics solution to manage your application performance and security. SaaS removes the need for organizations to install and run their management software in their own data centers or even their cloud and the time-to-value and low total cost of ownership (not to mention focus on their core application) makes this the right choice for most applications.
But, the architecture of the SaaS solution also matters. To help put a finer point on things and to help aid in your organization’s decision-making process, this blog will explain why enterprises evaluating a variety of machine data analytics providers should look for a true multi-tenant solution if they want to get sustainable value from a SaaS service.
Let’s start with some definitions.
Single-tenancy is an environment and architecture where a single instance of the software and its supporting infrastructure are dedicated to a single customer.
Many SaaS software vendors like Salesforce, Workday and Sumo Logic serve thousands of customers leveraging a “multi-tenancy” solution, where a single instance of the software application serves multiple customers. The customer of the software, or tenant, may be given the ability to customize some parts of the application, but they cannot customize the application’s code.
Some legacy software vendors have tried to “SaaS-ify” their on-premises/data center software by offering a hosted software model, where the vendor provisions and manages an instance of their software for every unique customer or tenant (think instance 1 for customer A, instance 2 for customer B, etc.). While the hosted model might provide some capabilities of SaaS like offloading the provisioning and management of software, the hosted software model only goes so far in the SaaS offering and introduces significant challenges for enterprises.
Let’s start by looking attributes of these models to understand how they work:
Learn how to spot cloudwashing. Explore analyst reports, e-books, blog posts, videos and more.
Multi-tenant software is architected for instant setup and self-serve value. You can sign up for Salesforce and be instantly productive. A hosted model on the other hand may require some time to set up, since every new software has to be purpose built (or at least provisioned) for the new tenant. Even vendors who have automated much of the provisioning process require hours, or even days, to set up tenant accounts.
To provide massive operational scale, a multi-tenant model enables customers to configure and customize their account. Customers can add users, data and even third party integrations and extensions with no administrative support from the SaaS vendor. Hosted software may provide a few of these capabilities, but typically requires administrative support from the vendor to do major configurations like third-party integrations and extensions.
Since multi-tenant software typically supports thousands (or even tens of thousands) of customers, the software is very scalable and elastic to demand. Single tenant models deploy resources to satisfy a single tenant, which might seem more flexible, but it is actually more limiting. In the hosted model, a tenant’s software is provisioned with fixed resources and it is very challenging and/or time and labor intensive to elastically scale up or down the system.
On the other hand, multi-tenant SaaS models can balance resources across lots of customers. Since customers rarely have exactly the same usage patterns, bursts in resource requirements by one customer can be absorbed by the larger shared resource pool. This is fundamentally the core operating model of the cloud — to provide greater flexibility for the single customer by planning for capacity at the group level. With a single tenant system, if you burst, and didn’t provision for your peak needs, you are now starved for resources (or as we say in layman’s terms….you’re screwed!).
This is a particularly vexing issue for machine data analytics where the volume, velocity and variability of data is very unpredictable. Imagine a denial of service (DDoS) attack or a performance outage where your machine data ingest and analytics requirements will spike quite dramatically. A hosted model will cripple the enterprise the most in these situations since the system cannot scale fast enough to support the analytics need. And unfortunately, this is the exact moment when you need the analytics solution the most.
Since there is “one software” in the multi-tenant model, all tenants are always on the latest (and same) version of the software. The latest version has all the recent capabilities and fixes, thus enabling faster innovation for customers. In the hosted model, the vendor needs to upgrade all instances when making new releases. Some of these vendors may be on different versions of software already, and other times, it could take a fair bit of time for the vendor to upgrade all the hosted software to the latest version.
Want to know how fast and often Sumo Logic releases updates to our service? Click here ›
Because of market and customer requirements, a viable multi-tenant SaaS platform has to be built with security in mind. Since SaaS services have to convince their customers to give up their data to another’s control, they have always been held to a higher standard. Whether it’s user interaction with the software or the storage of data, these systems must have the right security capabilities (encryption, key management, etc.) and policies (role based access control, multi-factor authentication/authorization, etc.) in place to protect tenants as well as their end-users and data. Since hosted software is in essence packaged software, it does not have similar exacting standards. In fact hosted software is meant to run within a customers environment, and was not designed to be secured at scale. After all, the onus of securing the package software is typically passed on to customer.
This may be a good time to also address the security “fear, uncertainty and doubt” (FUD) from the single tenant hosted model vendors — the fear that the multi-tenant model is insecure because the enterprise’s data is “collocated with other clients.” The reality is that nothing could be further from the truth. Most multi-vendors build software from the ground up to keep data logically separate on various layers throughout the entire service. In Sumo Logic, all customer data is tagged per organization, and this tagging persists throughout the data lifecycle and is enforced at every layer of the system. For instance, only processes and threads such as queries within an authenticated organization’s context may access that organization’s data.
To learn more about Sumo Logic’s service security, download the “Securing the Sumo Logic Service” white paper.
Finally, since the brain of the multi-tenant software sees all its tenants, including their activities, interactions, etc., the cloud platform can glean anonymized insights that provide value for all tenants of the service. The key to deriving useful, generalized insights from user and system behavior is to have a large enough population to infer real patterns. In the world of installed, enterprise software that hurdle was just too high.
A multi-tenant SaaS platform makes this feasible, even to the point where those insights can be extremely detailed and delivered in real-time. For example, by aggregating usage patterns across all the customers, multi-tenant software vendors can identify and highlight best practices and approaches, thus improving the efficiency and effectiveness of the entire community.
All-in-all and as evidenced above, the multi-tenant software clearly has many advantages over on-premises or hosted software.
So the next time a vendor is selling you a SaaS offering, ask, “Does it come in the true multi-tenant color?”
If you need to assess if your machine data analytics service will support your needs as you evolve and grow, here’s a handy-dandy set of questions to ask:
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.
Start free trial