SaaS as a balancing act between machine learning and data protection
In the column “Stropek as a Service”, SaaS expert Rainer Stropek talks about exciting aspects of the implementation, monetization and use of software as a service offerings.
A Fine Line
Anyone responsible for the design and development of software solutions knows that unpleasant feeling in pit of the stomach, the feeling that they are possibly overlooking a technology or a trend. On the one hand, we do not like the feeling; it keeps us awake at night. On the other hand, we realize that it prompts us to keep our eyes open and not rest on our laurels.
There is currently one such topic that haunts practically everyone in the SaaS industry: Machine Learning. Every day you read about new, revolutionary breakthroughs. Inevitably, most SaaS vendors have begun to think about where machine learning might be useful in their field. I am no exception myself and must admit that this technology has bewitched me as well.
Tools are available
The fact that tools for machine learning have become available and, above all, affordable for a large number of companies, supports the trend. Libraries like Google’s TensorFlow, Web APIs like Microsoft’s Cognitive Services, and PaaS offerings like Azure Machine Learning are just three examples of tools that have dramatically lowered the entry-level hurdle to the world of machine learning. It is no longer the preserve of only the largest companies. Even small and medium-sized companies are being challenged to explore its potential applications and use it to implement new products and services.
Breeding data leeches
At the same time, machine learning has really shaken up software development. Programming the best algorithm is no longer a guarantee of success. Instead of people determining how programs operate, programs learn by themselves by analysing data or are trained specifically with correspondingly prepared data stocks. The key factors for innovation are, on the one hand, technicians who know how to handle machine learning tools. On the other hand, above all, you need data whose analysis enables programs to acquire the expertise that can then be used in software solutions. If you want to be at the forefront of machine learning as a SaaS provider, you need data, tons of data. The more the better. The more detailed, the better.
Damned if you do, damned if you don’t…
But what about the issue of data protection, a topic currently on everyone’s lips? When working on SaaS solutions in the cloud, you find yourself caught in the middle. You want to meet the undoubtedly justified need for user privacy. At the same time, you need more analytic data than ever in order to enable machine learning. It presents a dilemma that cannot be resolved easily.
I still encounter cloud scepticism when working with larger clients. Although you find fewer and fewer with a strict no-cloud strategy, when the issues involved are more than marginal, many companies are still reluctant or outright unwilling to use SaaS or PaaS offerings in the cloud. The servers they have on their own premises seem far more trustworthy. And for those products that they have installed locally, the first thing they do is to turn off “telephoning home”. Customers are afraid that data will leak out or even wind up in the hands of competitors. Even when it comes to telemetry data, they say no. After all, nobody knows what is hidden in the data packets.
So, as software providers, what are we to do? Should we bribe our customers with particularly favourable offers or even free services, so that they entrust us with their data? Should we simply cease offering customers an on-premise option? Should we forgo end-to-end encryption and overly strict privacy policies? It would be a good bet that the data we acquire is more valuable than the business we would lose in the short term.
In my view, it is time for SaaS companies to begin a discussion about how to deal with machine learning and data protection. The issue is not purely technical one, it is interdisciplinary. Legal framework conditions must be respected, especially in Europe. Internal processes need to be reconsidered to allow access to data in the right places, but to prevent unauthorized access. Personnel questions such as training and finding appropriate personnel for enhancing teams, for example, data analysts, must be considered. Ultimately, management must have the courage to make business decisions that nobody can predict with certainty.
Openness is required
The prerequisite for this discussion is that SaaS providers seriously start to address the basic concepts, opportunities and risks of machine learning at all levels and in all areas of the company. In doing so, those SaaS providers who create an open culture for discussion and a trusting, fair treatment of participants have a clear advantage both internally and externally. Companies with rigid hierarchies, a fear of change and blanket prejudices not only run the risk of missing out on the benefits offered by the sensible use of new technology. They also run the risk that employees whose suggestions are ignored or suppressed will seek paths outside of official lines of communication. Not infrequently this leads to the data protection catastrophes that one actually wanted to prevent.