My do’s and dont’s of hosting and managing a SaaS

1. Managing security and isolation

Ensuring security and isolation for their (often extremely) sensitive data is the first step we need to take.
Ensuring security and isolation for their (often extremely) sensitive data is the first step we need to take.
  • If your team doesn’t have experience in security issues, hire a consultant or get external help. If you fail in security, you might steer the whole company towards its death.
  • Organize security training within the team by trying to hack your own system. It really helps with finding the weak spots and includes the whole team to think security.
  • Read the Owasp top 10 vulnerabilities and make sure you cover all of those (web app-level security — which is enough if you run your application on Heroku or similar service that handles server- and infrastructure-level security and isolation)
  • Think in layers. The application is constructed from multiple layers, and securing just one is not enough. You should be paranoid when securing every single part of your architecture.

2. Scaling for uncontrollable end-user behaviour

  • As a developer to a developer: try to push the responsibility of scaling to your customers (that makes them actively think about their user behaviour and they can see a clear cause and effect relationship between it and the server costs)
  • If you decide to handle the scaling, focus on servers: they don’t scale as light as other parts of the usual SaaS (platform) infrastructure between the customer and the database
  • Don’t scale your infrastructure and servers just in case — or why would you produce festival facilities for 10,000 people if you expect 1,000.
  • Accept uncertainty: you cannot control your customers’ customers’ behaviour. Just learn to live with it: what felt surprising last week is the new normal next week.

3. Manage expectations internally and externally

SaaS doesn’t just scale. It is built larger, requiring larger infrastructure and larger servers.
SaaS doesn’t just scale. It is built larger, requiring larger infrastructure and larger servers.
  • Don’t hide stuff like server limits on your term sheet — no one reads them and that might cause some unpleasant surprises later on
  • Be as transparent towards your customers as you can and explain the different plans as clearly as you can
  • Let marketing make idealistic promises but remember to be totally honest in onboarding meetings and demos (at the latest)

4. Tying technical solution to the business model

  • Communicate internally between developers and business managers — wherever there is a price tag, should also be interest from both sides
  • Think in scenarios: the expected amount of customers, needed infrastructure for them, estimated peaks in customer traffic, desired service level,… (topical only if you aim for the automated scalability and don’t push the responsibility of scaling to customers)
  • Build for a realistic vision: it makes no sense to assume that you’re gonna have 100 times more paying customers next year and scale your product for them already now

--

--

--

Aito.ai decision automation in the cloud. #ML for #nocode and #rpa operators.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Python for ML

Liked YouTube Videos Catalog

My First 100 Days at Afresh

How to Create High Performing Teams 🎥

High performance with idiomatic Kotlin

An Intro to Offline First Mobile Apps

Empathy is the way to AutomatedOps

Why Camels Have Humps

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
aito.ai

aito.ai

Aito.ai decision automation in the cloud. #ML for #nocode and #rpa operators.

More from Medium

The Lean Startup Method | VYou

Build Ecosystems 🏞, not Platforms 🏭

The Cloud Explained Like You’re 5.