1. 10 Critical Requirements of Cloud Applications
April 18, 2011 by Steven John
Another day, and another software vendor—or two, or three—will announce
some strategy around the cloud. As a CIO, I've benefitted hugely from cloud
applications, and view it as a positive sign that more and more software
companies are exploring alternative delivery models.
What concerns me, however, is when vendors tout cloud applications (also
known as software-as-a-service, or SaaS) that aren't real cloud applications.
Real cloud applications deliver incredible benefits, but only if they were
designed to be cloud applications, and are delivered in a true cloud model.
So we decided here at Workday to document the many components that go
into cloud applications in an important, educational paper we call the "10
Critical Requirements for Cloud Applications." I believe CIOs, CFOs, and business managers will find
this paper enlightening. Here's a summary of the 10 requirements:
1. True Multi-tenancy. Multi-tenancy is the only proven SaaS delivery architecture that
eliminates many of the problems created by the traditional software licensing and upgrade
model—period. Multi-tenancy ensures that every customer is on the same version of the
software. That means no customer is left behind when the software is updated, and in my
experience that fosters a fantastic community for sharing knowledge and resources with other
CIOs, all of whom are using the same version of the software.
2. Regularly Delivered, Vendor-Managed Updates. A cloud application is a single version of
software that is regularly updated, often several times a year, for all customers, at no additional
charge. Change every four years is not a sustainable model (and never really was) as our
industries are constantly evolving and innovating, and business partners and customers won't
wait four years for us to change. We need partners that keep pace with us, not ones that
require us to slow down in order to keep pace with them.
3. Seamless Integration On Demand. Cloud applications should be built from the ground up to
lower the cost, time, and risk of integrating them with existing on-premise and on-demand
applications. As a customer you should expect your cloud provider to offer an integration
platform and tools, a strong partner ecosystem, and generally whatever assistance you require
for pain-free integrations.
4. Business-Driven Configurability. Cloud apps should be configurable, so your IT organization
is freed from costly customizations (the most over-rated virtue of traditional software, in my
opinion), and businesspeople can configure processes that meet the specific needs of the
organization. That said, you should be able to choose from among multiple types of
configurations.

2. 5. World-Class Data Center and Security. A cloud application provider should be able to offer
world-class security and data privacy better than its customers can do on their own, and at no
additional cost. That includes physical, network, application, and data-level security, as well as
full back-up and disaster recovery. The provider should be compliant with security-oriented
laws and auditing programs, including Safe Harbor, ISO 27001, and SAS70 Type II.
6. A High-Performance, Sustainable IT Infrastructure. The provider should maintain a high-
performance IT infrastructure, which includes the data centers and databases, operating
systems, networks, and storage systems used to run cloud applications and manage customer
data.
7. Predictable Total Cost of Ownership Model. There should be no surprise costs with cloud
applications. Implementation costs should be predictable, subscription-based pricing should
have no hidden fees, and no investments should be required for hardware and software
license fees.
8. Faster Deployment. Since cloud applications don't require investments and installation of
hardware and software, you should be able to get them running and productive in a fraction of
the time compared with on-premise software.
9. Control. Cloud applications should allow you complete control of your organization's data,
even though it is located off premise. Nothing should hinder your ability to import, export,
purge, and archive data to and from the application without having to first contact the SaaS
vendor.
10. Liberation from Non-Strategic IT Issues. This is my personal favorite. Cloud applications
should free CIOs and their teams from time and energy spent on non-strategic, back-
office IT operations and software coding. Today and into the future, the most highly valued
CIOs—the ones that become heroes to the business—are those who are closely aligned with
strategic business initiatives and drive the IT projects that support those initiatives.
I hope you you'll take the time to read this paper in its entirety. Have comments or thoughts about
these requirements? Send them my way to steven.john@workday.com.
- Steven
Steven John, Workday's Strategic Chief Information Officer, works with customer CIOs and IT groups
to help them realize the full benefits of Workday and cloud computing. Steven was most recently the
CIO at H. B. Fuller Company, a specialty chemical manufacturer and early Workday customer.
Steven was selected by Computerworld magazine as one of its Premier 100 IT Leaders in 2006, and
received the CIO Executive Council Leadership award in 2009.