The supply chains of the world are highly dynamic, complex, and require a high amount of expertise to keep them going. As we look at SaaS (Software-as-a-Service) as a delivery platform, it’s just as dynamic, complex, and requires a high amount of expertise. But SaaS can be boiled down to some key deliverables that set it apart from other platforms: Availability, Scalability, and Security.
Availability refers to the system being consistently accessible. To truly get a system with a high level of availability, it’s all about redundancy. In the case of a failure, having redundant systems is the only way to continue providing a service.
The redundancy required to truly provide high availability is at many levels. For a world-class SaaS TMS, the provider should employ redundant physical infrastructure, with multiple servers and multiple connections to those servers, multiple hard drives within the servers, and multiple processors that run those servers. That might sound like enough, but it’s not. Having multiple physical infrastructures is also critical. Having redundant, geo-diverse, provider-diverse data centers is required to deliver high availability. This practice allows for redundant infrastructure at a second location to be quarantined from any impacts to the first data center. Depending on the data center tier, those locations can have their own redundancy built in.
So for companies still using Excel to manage shipments and carrier assignments, low or zero redundancy runs a high risk for ineffective transportation management.
Scalability shouldn’t be hard to define, but in general, clients ask, “When I grow and double my current network, is the system going to be able to handle the increase in data?” Growth is a very good thing, but companies need to be ABLE to grow. Often, the system originally implemented to get the company going is not always scalable to the next phase in the company’s future. In a SaaS environment, putting checks in place and measuring results allows for dynamic scalability.
Since the system is highly available, those redundant systems are working non-stop to provide the service. To keep the systems running, the systems are load-balanced (sharing the burden) and are carefully monitored for optimal system utilization (how much is getting used). Part of the indication that it’s time to add capacity comes from monitoring and performance metrics. If the baseline for a task to complete was 100 milliseconds and suddenly it’s taking 400 milliseconds, it’s time to take a look under the hood. The infrastructure that is selected is often burstable, allowing the ability for short increases in capacity, but also the ability to add capacity quickly and for the long term.
It’s no surprise that a high emphasis on security is required for a best-in-class SaaS solution. Data being secure is keeping it from unauthorized access and not having anything corrupted or lost.
Security starts with backups. Having full backups daily is a must, synching the multiple sites together and replicating the important information. In some cases, physical tapes should be used to add another layer of replication. Physical tapes are used in the situation where a corruption of some sort infects the system and then both infrastructures sync. The physical tapes are used to restore back to a known good instance of the software.
Next are the physical boxes and software made to increase the security of a network: firewalls, intrusion detection systems, and intrusion prevention systems. Although it might seem like overkill to have so many different appliances, it’s table stakes with how advanced hackers are today. With these devices, the installation impacts only the critical elements of the service, therefore limiting the impact of a breach to the system.
The next step is for a provider to test their own system. By doing external scans of the infrastructure, from the outside in, the provider can identify any holes in the armor and identify a way to fix it. For those companies impacted by the Heartbleed bug, an external scan quickly helped identify the vulnerability to the bug (in our case, we were secure against the Heartbleed bug).
Lastly, it comes down to educating the user community. For anyone using a SaaS solution, or any solution requiring a login, strict password requirements should be implemented and reinforced. For your information to stay secure, the users of the system need to be the strongest part of the security. General best practices are having a password that is at least eight characters long, alphanumeric (letters and numbers), and changed periodically.
Combining the elements of availability, scalability, and security in one environment can be difficult for a local IT administrator trying to keep a company running. With SaaS based solutions, the work has already been done. As a company gets busier, grows, or sees opportunities, going with a provider that takes the “as a service” seriously is critical. Just like companies select specific, trustworthy partners to carry their freight, they should select a trustworthy partner to manage their freight systems as well.
Gabe Judson is Infrastructure Manager at LeanLogistics. Gabe has over 15 years of experience in the information technology field and holds a Bachelor of Science degree in Information Systems from Grand Valley State University. A version of this post was originally published on LeanLogistics’ blog. Watch a short video interview with Gabe discussing this topic.