Cloud API, SaaS, connector technology or on-premise? Which option should you choose when integrating third-party services & applications?

By Barley Laing, the UK Managing Director at Melissa

As technology evolves so does the choice when it comes to selecting how you would like to access and integrate third-party applications to continue operating effectively.

Cloud API or software-as-a-service (SaaS); on-premise or connector technology like Microsoft SQL Server? All have their strengths – simplicity of integration, speed, security, automated maintenance and updates, for example.

Software-as-a-service (SaaS)

Starting with SaaS. It is software hosted by a vendor in the cloud, accessible via a web connection and paid for as a subscription service. It’s simple, secure and fast to access over the internet, enabling the service to be up and running on your systems usually within hours, rather than weeks or months.

SaaS is easy to scale up and down as and when you need it. Updates and maintenance are handled by the provider, and it’s possible to access the application anywhere with a reliable internet connection.

One of the key benefits is that technical skills aren’t needed by the user, as generally functions are designed to be straightforward and intuitive, meaning anyone in the organisation, with access rights, can use and benefit from the services provided.

Security used to be considered a potential issue by virtue of the fact it’s delivered by the cloud, but this is far less of a concern today, as security in the cloud has improved dramatically.

These factors make SaaS particularly suitable for startups, SMEs, organisations with scarce or no in-house technical skills for integration, or those without the budget to use third-party integrators.

Cloud APIs

Cloud APIs are one of the most common forms of service access today.

Cloud APIs are interface access points to software programmes that facilitate the transfer of data and services between cloud computing services, between cloud services and devices, or on-premise applications.

Using APIs it’s possible to share functionalities across multiple platforms and applications, without the need to rewrite code or rebuild existing functions into new apps.

With cloud-based APIs it’s easy to inject data quality capabilities, for example, into any existing platform, such as master data management (MDM), regardless of what software or systems the organisation might already be using. And via cloud APIs the appropriate service can be delivered quickly online.

A key advantage of using cloud APIs as an access method is its flexibility – in that the service can be ‘injected’ anywhere in an organisation’s process flow, and can be modified to fit the individual use cases, as required.

Integration is necessary to utilise an API, so someone or a team with the relevant technical skills are needed, however, this may not necessarily be overly complex, depending on the integration required as vendors usually offer sample code to speed the process.

Connector & plugin technology – example: Microsoft SQL Server

Many in the public sector, particularly the NHS, utilise Microsoft SQL Server – a database management system. This offers a great route to easily access services via SQL Server Integration Services (SSIS) which acts as a connecter between systems, and functions at a high operating speed. Tools can be simply accessed without further integration – just drag, drop and start using.

Other plugins for major platforms can be utilised to help minimise the integration of services, such as for SalesForce & MS Dynamics, for example.

Plugins help make integration more straightforward, but can also mean some flexibility in approach is lost due to the standardised out of the box set up many have.

On-premise

An on-premise system is technology that sits behind your organisation’s firewall, and retains all its processes, services, and data on local servers within your organisation, without the need of an internet connection or a web feed.

This is particularly important for organisations who want ultimate control to protect their data. This doesn’t mean they are any less likely to be hacked, but it does mean the ability to hack into is wholly dependant on their own controls.

On-premise also means that you have complete governance internally over areas such as: access, security, compliance, maintenance and improvements.

Throughput speed determination for processes can also be an additional benefit of taking this approach, as the organisation itself can decide how the service is deployed internally on its servers and processors to reflect the urgency, frequency and scale of the processing.

It’s important to understand with on-premise that the upkeep of all applications and systems can be very labour-intensive. You are responsible for uploading updates locally, maintenance, security, deployment, future-proofing, and anything else that the on-premise systems require to make them suitable for your business’ needs and changing requirements.

This means your own IT and support teams need to be on hand to work on the system. Because of all these complexities, deployment can take longer than via cloud-based channels, and ongoing maintenance and support costs could be higher.

Due to the additional self-determined security it offers of being behind your own firewall, it’s a good system for heavily regulated industries like banking or government services.

Support & training

It’s vital to ensure that those offering applications and platforms via the various routes can provide support and training on using the required channels to integrate the services into your systems, and also when utilising these tools, when required. This will help to allay any concerns amongst those who may lack technical knowledge.

Cloud-based options sometimes the only option

It is important to acknowledge that because of the nature of the service required, such as electronic ID verification (eIDV), that a cloud API or SaaS option are the only meaningful routes to take. This is because for such a service to work effectively it requires constant access to huge amounts of up-to-date data that can only be effectively delivered, in real-time, over the internet.

eIDV 

Being accessed via a cloud API or SaaS, eIDV is delivered as a scalable easy to deploy platform that supports cross-checks against an individual’s contact data in real-time as they complete an online application process. It does this by matching the name, address, date of birth, email or phone number against reputable data streams, such as government agency, credit agency and utility records, along with mortality screening checks, to effectively confirm the ID of an individual. Also, such technology should be able to highlight those who have been sanctioned, politically exposed persons (PEPs), offer adverse media screening and know your business (KYB) checks, for a full ID verification service.

In summary

All channels that allow organisations to access third-party applications have their strengths. When looking to integrate a third-party service source a provider with a range of delivery options to suit your needs. They must also offer support and training on using the channel that works for you, as well as on their service.