Locus’ cloud-based environmental data management and EHS compliance software solutions are built on the cloud— read more about how we use the cloud to help our customers.

Cloud Apps Critical Requirement No 7: Predictable Total Cost of Ownership Model

There should be no surprise costs with cloud applications. Implementation costs should be predictable, and subscription-based pricing should be transparent with no hidden fees. Cloud applications should not require upfront investments in hardware and software license fees.
Real SaaS is a lot more than just hosting and data storing. Where multi-tenancy, a single version of the software and vendor-managed updates all come together and really payoff is having more predictability around your total cost of ownership. There should be no more highly unpredictable projects, with the most common among those being software upgrades.
One thing that can kill a VP of EHS reputation is surprises, particularly surprises with lots of dollar signs. With a valid cloud application to manage environmental and sustainability information and compliance, EH&S manager can determine exactly what it is going to cost over the next five years.

Such predictability lends transparency to the environmental compliance and sustainability budget process and means you will not have to fight budget battles for unexpected costs.

Cloud Apps Critical Requirement No 6: A High-Performance, Sustainable IT Infrastructure

The cloud application provider should maintain a high-performance IT infrastructure, which includes the data centers and databases, operating systems, networks, security, and storage systems used to run cloud applications and manage customer data. It should have stellar IT operations, security, maintenance, and performance tuning processes.

Livelihood of SaaS companies depends on their ability to securely and effectively manage their operations, and that means keeping pace with the most current technologies. They should also publish live their uptime monitored by the third party.

Cloud applications are also environmentally sustainable due to the multi-tenant infrastructure in which they are delivered. Multi-tenant SaaS reduces electricity consumption, paper waste, and lowers CO2 emissions. A hundred customers, using 100 different systems, is less efficient and more impactful on the environment than those customers all sharing the same data center.

Cloud Apps Critical Requirement No. 5: World-Class Data Center and Security

A cloud application provider should be able to offer excellent security and data privacy better than its customers can do on their own, and at no additional cost. Processes and policies should encompass physical, network, application, and data-level security, as well as full backup and disaster recovery. The provider should be compliant with security-oriented laws and auditing programs, including SOC 1 Report on Controls over Financial Reporting (SSAE 16), (formerly known as SAS70 Type II), and SOC 2 Report on Controls over Security, Availability, Processing Integrity, Confidentiality, and Privacy; both developed and administered by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements.

Reputable SaaS providers are proving that SaaS can be done at least as securely as most enterprise implementations, and in some cases more securely. For example, at Locus, direct access to the database is limited to a select set of people on Locus’ operations staff. A typical on-premises ERP implementation would grant this access to a much wider group, creating a security challenge. SaaS providers must take a holistic approach to security, ranging from technical safety guards such as encryption to understanding data privacy laws and compliance, and building those safety guards into every product and process.
Locus has adopted the following SOC 2 principles and related criteria:

  • Security. The system is protected against unauthorized access (both physical and logical).
  • Availability. The system is available for operation and use as committed to or agreed upon.
  • Processing integrity. System processing is complete, accurate, timely, and authorized.
  • Confidentiality. Information designated as confidential is protected as committed to or agreed upon.
  • Privacy. Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.

It should be the responsibility of CIOs to conduct due diligence on SaaS providers. Go in and see what they’re doing around data security and privacy.
No one should enter a relationship without thoroughly vetting the provider’s capabilities. Providers that won’t allow you a thorough examination, claiming all kinds of reasons, are the ones to avoid.

Cloud Apps Critical Requirement No. 4: Business-Driven Configurability

Cloud computing applications should be configurable, so your IT organization is freed from costly customizations, and business people can configure processes that meet the specific needs of the organization.

The greatest self-inflicted wound customers make is allowing too much customization to software they run on premises. It gets down to how customer balances freedom versus order. Customization is all about freedom, but if you go too far down that road, you lose order. At Locus, we have found that configurable environmental software lets an organization balance freedom and order. A configurable cloud application should include a catalog of industry standard choices, so that it becomes apparent how much time and cost has gone into a company’s previous efforts to customize software just because “a process has always been done that way” . With customizations, customers often are not designing for business processes, they are designing for personalities.

One of the myths of SaaS is that since it is in the cloud, it is one-size-fits-all, but that could not be further from the truth. Real SaaS solutions should not only be configurable for the company, but in different ways for different parts of a company. Many Locus customers with global footprints, for example, require different carbon management processes for different countries, which they can configure in Locus SaaS without the need for customizations. Similarly, customers can configure Locus to deliver DMR and other reports differently for different state requirements or different customer requirements.

The Value of True SaaS for EHS Compliance

What if there was a better way to manage your EHS, compliance, and sustainability information?

Cloud Apps Critical Requirement No. 3: Seamless Integration On Demand

A cloud application provider worth doing business with will share the burden of integration with its customers versus leaving them on their own. Cloud providers should make an integration infrastructure and integration tools available, assist its customers with integrations, and develop a partner ecosystem that includes consultants, integrators, and other software and SaaS companies.

At Locus, we believe seamless integration between our products and other products and services is another opportunity to transfer even more cost and complexity occurring within customers’ data centers into the cloud. We’ve developed, and will continue to develop, tools for customers and partners to build their integrations, and the infrastructure in our cloud to execute them. Customers can control the execution of integrations without baring the complexity of managing the infrastructure.

Cloud Apps Critical Requirement No. 2: Regularly Delivered, Vendor-Managed Updates–Rolling Upgrade Program

A cloud application is a single version of software that is regularly updated, often several times a year, for all customers. To realize the true cost benefits of SaaS, the provider should be managing all of those elements to adopt the latest capabilities in the updates on their own timelines. Software that has to be upgraded at the customer’s expense, even if the vendor hosts it, does not meet the requirements for a cloud application.

The update v. upgrade approach benefits both the vendor and the customer. The customer is not burdened by IT upgrade projects, while the vendor can focus on what it does best, which is maintain its own software. Vendors have a strong technical understanding of the software they developed, but the on-site world requires vendors to share this knowledge with customers, which is not an easy feat. When customers do not have deep insight into the software, or have difficulty obtaining employees or contract workers skilled to work on that software, the result can be problematic and even result in failed upgrades.

Vendor-managed updates deliver continuous improvement and allow companies to stay compliant with new laws and regulations. Traditional software vendors might offer some big, new changes every four to five years. With Locus, for example, customers receive consistent improvements through updates several times a year, and do not have to pay extra for any of them.

Locus Achieves a Microsoft Gold Application Development Competency

Locus demonstrates best-in-class capability and market leadership through demonstrated technology success and customer commitment

SAN FRANCISCO, Calif., 30 July 2013 — Locus Technologies (Locus), the leader in cloud-based environmental compliance and information management software, today announced it has attained a Gold Application Development competency, demonstrating a “best-in-class” ability and commitment to meet Microsoft Corp. customers’ evolving needs in today’s dynamic business environment and distinguishing itself within the top one percent of Microsoft’s partner ecosystem.

To earn a Microsoft gold competency, partners must successfully complete exams (resulting in Microsoft Certified Professionals) to prove their level of technology expertise, and then designate these certified professionals uniquely to one Microsoft competency, ensuring a certain level of staffing capacity. They also must submit customer references that demonstrate successful projects (along with implementing a yearly customer satisfaction study), meet a revenue commitment, and pass technology and/or sales assessments.

“This Microsoft Gold Application Development competency showcases our expertise in and commitment to today’s technology market and to providing our customers with the most advanced technology and functionality available,” said Neno Duplan, President & CEO of Locus. “We plan to accelerate our customers’ environmental data management success by combining this and other advanced web technologies with our deep domain expertise.”

“By achieving a gold competency, partners have demonstrated the highest, most consistent capability and commitment to the latest Microsoft technology,” said Jon Roskill, corporate vice president, Worldwide Partner Group at Microsoft Corp. “These partners have a deep expertise that puts them in the top one percent of our partner ecosystem, and their proficiency will help customers drive innovative solutions on the latest Microsoft technology.”

Earning the Application Development competency helps partners differentiate themselves as a trusted expert to their customers through development and deployment of commercial or custom applications built using core Microsoft technologies.

10 Critical Requirements for Environmental Cloud Applications: No. 1: True Multi-tenancy

There is considerable debate in the marketplace about whether organizations should know or even care about multi-tenancy. The truth is that multi-tenancy is the only proven SaaS delivery architecture that eliminates many of the problems created by the traditional software licensing and upgrade model, so it is extremely valuable to know whether a provider uses a multi-tenant architecture. A provider should be able to answer this question with a simple “yes” or “no,” and prove its answer.

Multi-tenancy ensures that every customer is on the same version of the software. As a result, no customer is left behind when the software is updated to include new features and innovations. A single software version also creates an unprecedented sense of community where customers and partners share knowledge, resources, and learning. Smart managers work with their peers and learn from them and what they are doing. Multi-tenancy offers distinct cost benefits over traditional, single-tenant software hosting. A multi-tenant SaaS provider’s resources are focused on maintaining a single, current version of the application, rather than spread out in an attempt to support multiple software versions for customers. If a provider isn’t using multi-tenancy, it may be hosting thousands of single-tenant customer implementations. Trying to maintain that is too costly for the vendor, and those costs, sooner or later, become the customers’ costs.

Multi-tenancy requires a new architectural approach. You have to develop applications from the ground up for multi-tenancy; otherwise, extensive work is required of the vendor to alter the on-premises application and underlying database for multi-tenancy, resulting in an even more complex, and potentially high-maintenance, application.

How to Recognize Cloud Providers and Applications that Deliver Real Value for Environmental and Compliance Information Management

Environmental, sustainability, compliance, CIOs, CTOs, and other business technology managers can free up valuable resources for strategic activities by deploying cloud applications that are less costly and complex, yet more intelligent and user-friendly, than on-premises applications. Tech managers can miss this opportunity, however, if CIOs are unable to differentiate real cloud providers and applications from imposters. In the enterprise software industry’s rush to fulfill rising demand, some providers may skip requirements that are critical to delivering the true benefits of cloud applications.

Industry pioneers for cloud applications (also known as software-as-a-service (SaaS)) know shortcuts do not exist. Applications, architectures, and processes must be built from the ground up to produce superior, leading-edge alternatives to the traditional on-premises software and maintenance model.

In next several months I will post 10 critical requirements for Cloud Applications that are relevant for our big data-driven industry focusing on importance of multi-tenancy. I hope that these 10 critical requirements of cloud computing will help organizations planning to replace legacy systems distinguish the difference between real and fake cloud applications. If cloud applications and their providers do not meet these requirements, it is unlikely they can deliver the full benefits of today’s SaaS.