Using a mature product or service in your infrastructure is the difference between getting something done and getting it done right. New entrants to the market often look very exciting and sometimes even manage to fill in a gap or two in an existing service in order to make a name for themselves. But, the realities of product development mean that the product will be far from finished.
When you’re first releasing a product or service, you spend a significant amount of research and engineering time developing your backend infrastructure as well as your user interface. You need the basics of the product to reliably perform the necessary tasks, and you want the user interface to look modern and easy to use. This means that things that don’t necessarily get immediately noticed by a potential customer end up getting pushed farther down the timeline. Unfortunately, these other aspects of functionality are just as important as performance and the look of your UI, but a new product will de-prioritize them nonetheless.
Administration and security
A new SaaS offering tends to scrimp in terms of administrator security. There will typically only be one way to login, such as a username and password. The product will not typically integrate with other, more modern, authentication systems such as Okta. There will also tend to be only one level of administrator that has all power within the system, where a more mature product will have multiple roles and different levels of access for each of those roles.
Role-based administration is the best way to limit the blast radius of an inexperienced or rogue administrator. The final area of security that might get left behind is the idea of audit trails. If an inexperienced or rogue administrator does do something wrong, will you know who did it? Only audit trails can tell you that.
Resiliency and compliance
One area that a new product might be lacking in is in SLAs for resiliency and availability. The product is new; you have no idea how resilient or available it will be. The lawyers will therefore advise you to limit such claims to minimize your legal liability. A more mature product will know exactly how the product will perform over time and can easily offer such SLAs.
Compliance is another area where a mature product will typically excel and a new product will have no experience at all. When you’re spending all of your R&D time simply making sure the base product works, you’re not going to take the level of effort it takes to become FedRamp certified, for example. You’re not going to be familiar with the details of SOC2, HIPAA, GDPR, and CCPA, and be able to advise your customers whether or not you enable them to comply with these important regulations.
When you’re a new service running in the cloud you tend to limit the number of regions where you operate. There is a fixed cost in running in each region of a public cloud provider, and you’re not going to incur that fixed cost all over the world if you can limit it to one or two regions. This, of course, means that you will not be available in many regions around the world.
This matters for multiple reasons, the first of which is performance. You’re not going to get the same backup and restore performance when using a backup region that’s on the other side of the planet. More important than performance is the ability to adhere to regulations like data locality and understanding of local laws. It’s very easy for a new service to get into a difficult situation by offering a service that (if used) actually causes the customer to violate local laws. The only way to get around this is to be big enough to be running in all of the important regions in the world, and of course have local intel on the important laws regarding data protection. A new service simply will not have that ability.
You should always be examining all of the various products and services available to you as a customer and looking to see if a new product can better meet your needs. Just remember to examine all of the areas of functionality – especially these detailed areas that will often not be taken care of by a new offering.
Learn more about how the Druva Cloud Platform offers the maturity of features that you need to protect your data in the cloud.