Software as a Service (SaaS) provides computer equipment, OS, and software customised to the user’s purposes as a service. Access control can work in the same way. If you work in the physical security industry, especially concerning access control, you have probably heard about the term ‘ACaaS’ recently. ACaaS is a combination of ‘access control’ and ‘SaaS’ (Software as a Service). From a semantic point of view, ACaaS means providing cloud-based access control software as SaaS.
Cloud systems are mainly classified as IaaS, PaaS, and SaaS. IaaS (Infrastructure as a Service) provides computing equipment and operational support from an external cloud-based service provider. Amazon’s AWS or Microsoft Azure falls under this category. According to their contracts, users can remotely control computing equipment, provided by AWS and Azure.
PaaS (Platform as a Service) is the provision by an external service provider of an operating system (OS) and various frameworks required for application development. SaaS goes one step further, providing computing equipment, OS, and on-demand software services that can deliver value quickly.
"Adopting SaaS enables them to receive software services, without having to install and manage by themselves"
If you are not a developer nor in the software development industry, then what you know as a ‘cloud service’ is probably SaaS. Companies in various industries traditionally build their own infrastructure and purchase expensive software to install on-premises.
However, adopting SaaS enables them to receive software services, without having to install and manage by themselves, opting instead to pay a fixed monthly fee and access the software on the cloud. The best example is Salesforce.com, which offers customer relationship management (CRM) as SaaS, and Microsoft Office 365 and Google Workspace, which offer productivity tools as SaaS.
The SaaS market has been continuously growing since 2010. Salesforce.com recorded the largest market share with its CRM SaaS model. At the same time, Microsoft Office 365, a SaaS version of the traditional on-premises Microsoft Office, has surpassed its competition in the productivity software industry.
So, what is driving the growth of the SaaS market? On the surface, SaaS is recognised as a means of saving CAPEX and OPEX. However, its actual cost-effectiveness might not be so significant, since the cost of SaaS-based services tends to increase in proportion to the number of users and period of use.
What most drives SaaS-based services is the quality of their features, as determined by user satisfaction. In contrast with the on-premises systems of the past, where improvements came too slowly, as people could only provide feedback via email or phone, SaaS allows companies to detect inconveniences directly from the system and quickly respond. Considering the advantages of providing rapid feedback and improvements, SaaS makes a big difference in terms of the quality of features and user satisfaction.
▲SaaS-based cloud services can create new opportunities, by leveraging accumulated data
Additionally, SaaS-based cloud services can create new opportunities, by leveraging accumulated data. Using AI-based analysis of data stored in the Cloud helps to provide unprecedented convenience to the market. The best example of this could be Salesforce.com’s Einstein service, which provides an analysis of customers' growth potential or risks.
"ACaaS tries to incorporate all of the above benefits associated with SaaS to access control software"
However, the access control industry has been slow to adopt SaaS-based cloud services, when compared to other industries. This is because the life cycle of an access security system extends to around 10 years and many security managers still assume that internal services are safest and external services are unsafe.
It is now becoming important to rethink whether it truly is the case that internal systems are safe and external ones are not. For example, consider ‘intranets’, private networks unconnected from external networks, common use until the early 2000s.
We all gathered together in the same place to work in the past. But with the impact of the COVID-19 pandemic and subsequent digital transformation, working environments have changed in various ways and places.
Importantly, it is now very uncommon to be cut off from the outside world with an intranet. Modern work and life require a connection to the internet for communication with others and working remotely. In this age where few truly private networks exist, the idea that external services are unsafe may be misguided.
The question that matters most from a cyber security perspective is not whether the system is internal or not, but whether the system is really secure. There are many available administrative and technical solutions that secure systems, and many standards, such as ISMS and ISO27001 exist for safer system management. These solutions and standards make a system or service secure.
SaaS-based ACaaS services comply with these standards, meaning your systems are protected by numerous experts and specialists. Of course, when selecting a solution, security managers should consider whether the ACaaS is designed for and certified by a standardised security framework.
"ACaaS will improve quality, making it more convenient, safe and quickly responding to user feedback"
Access control software has long been regarded as a complicated matter by security managers. Although it is complex technology by nature, efforts to improve its convenience of usage have fallen short. For this reason, we should pay attention to SaaS, which increases usability.
As many SaaS-based cloud services in other industries have shown, ACaaS will improve quality, making it more convenient, safe and quickly responding to user feedback. Furthermore, ACaaS will facilitate the development of safer and more convenient systems, by leveraging AI analysis of accumulated data.
For example, access control systems may add a feature to identify abnormal behaviours and movements, based on existing access and behavioural data, in order to predict and prevent possible incidents.
Just as SaaS-based cloud services in other industries have adopted an unprecedented level of convenience with intelligent new features, ACaaS will also be able to increase convenience and safety for companies and users, with intelligent new features that could not be realised in previous times.
Attibute to: Seongbin Choi, the head of Suprema R&D Center, Suprema Inc.
ACaaS is a combination of access control and SaaS Ⅰ Security News (sourcesecurity.com)