SaaS products typically run on rented infrastructure as a service (IaaS) or platform as a service (PaaS) systems including hardware and sometimes operating systems and middleware, to accommodate rapid increases in usage while providing instant and continuous availability to customers.
SaaS architectures are typically multi-tenant; usually they share resources between clients for efficiency, but sometimes they offer a siloed environment for an additional fee.
As a result, infrastructure resources can be increased rapidly, instead of waiting weeks for computers to ship and set up.
IaaS requires time and expertise to make use of the infrastructure in the form of operating systems and applications.
[5] Without IaaS, it would be extremely difficult to make an SaaS product scalable for a variable number of users while providing the instant and continual availability that customers expect.
[7] Most end users consume only the SaaS product and do not have to worry about the technical complexity of the physical hardware and operating system.
[9] Another key feature of cloud computing is that software updates can be rolled out and made available to all customers nearly instantaneously.
[9] Cloud computing emerged in the late 1990s with companies like Amazon (1994), Salesforce (1999), and Concur (1993) offering Internet-based applications on a pay-per-use basis.
[20] One of the most popular models for Internet start-ups and mobile apps is freemium, where the company charges for continued use or a higher level of service.
Even if the user never upgrades to the paid version, it helps the company capture a higher market share and displace customers from a rival.
This model can provide advantages such as reduced deployment cost, less vendor commitment, and more portable applications.
[27] The subscription model of SaaS offers a continuing and renewable revenue stream to the provider, although vulnerable to cancellation.
[32] Many capitalize on the service-oriented structure to respond to customer feedback and evolve their product quickly to meet demands.
[36] SaaS companies have to protect their publicly available offerings from abuse, including denial-of-service attacks and hacking.
[36] The vendor is responsible for software updates, including security patches, and for protecting the customers' data.
[31] SaaS systems inherently have a greater latency than software run on-premises due to the time for network packets to be delivered to the cloud facility.
[48] Domain-driven design, in which business goals drive development, is popular because SaaS products must sell themselves to the customer by being useful.
[56] SaaS products differ in how these planes are separated, which might be closely integrated or loosely coupled in an event- or message-driven model.
[65] Pooling all resources might make it possible to achieve higher efficiency,[66] but an outage affects all customers so availability must be prioritized to a greater extent.
[69] In the United States, constitutional search warrant laws do not protect all forms of SaaS dynamically stored data.