Considerations for Making the iPaaS Buy vs. Build Decision
IPaaS is a technology that has become a critical part of enterprise architecture.
Gartner defines Integration Platform as a Service (iPaaS) as a suite of cloud services enabling development, execution, and governance of integration flows connecting any combination of on-premises and cloud-based processes, services, applications and data within individual or across multiple organizations.
The key differentiator between this and a suite of custom developed integration services, or APIs is the “platform” aspect, which encompasses a suite of-out-of-box capabilities to ensure your integrations drive the best business outcomes.
A typical iPaaS implementation will include features such as drag and drop service design; a centralized control panel for monitoring service health; any-to-any connectivity with built-in connectors to popular SaaS platforms such as Salesforce and Workday; built-in technology adapters for protocols such as HTTP/S, FTP/S, SFTP, REST, SOAP; frameworks for logging,error handling, notifications; and the list goes on.
An iPaaS can dramatically simplify integration, accelerate future changes, and allow you to integrate your enterprise’s applications in a secure, scalable, and extensible way, all critical requirements for remaining both secure and agile in the digital transformation age.
Determining whether you should dedicate enterprise resources to create your own integration services (Build) by combining in-house developed and best-of-breed products or invest in a commercially available comprehensive iPaaS solution (Buy) is something that requires careful consideration.
Making the right decision can be difficult. On the one hand, building will require the right skill sets, tooling, and discipline to build something that can meet requirements and be supportable in a production environment. A vendor iPaaS solution can provide these capabilities natively, but will incur licensing fees. The choice will depend on your internal capabilities, budget, timelines, and regulatory pressures. The resulting impact will determine how well your enterprise is able to take advantage of current and future digital transformation opportunities quickly, effectively, and securely in an age where data breaches are happening more frequently.
When faced with the Build or Buy decision, you have to decide which option is the best fit for your enterprise based on a list of factors. Some of these factors are generic and apply to all organizations, and some are more specific and may not apply to you and your industry or organization.
The Entirety of iPaaS
The data movement aspects are often prioritized over the other equally important aspects of integration technology.
To build custom integration services, you should not discount features such as security, logging, auditing, data transformation, routing, version control, deployment, metrics, monitoring, feature enhancements, etc., which are all table-stakes for any mature iPaaS product offering. And depending on your industry, you could be held liable or responsible for failing to meet some of these requirements in your integrations.
For example, in the healthcare industry, you must ensure that patient data is not compromised by encrypting it both in transit and at rest,as well as redacting it from log files and restricting access to it by administrative personnel. Another example is finance applications. In these, you must ensure SOX compliance, that includes things like limiting access to financially sensitive data and ensure financial data is not modified outside of SOX approved software for that data.
Most mature iPaaS offerings provide features and services out of the box to deal with these issues.
Existing Technology Expertise
Before embarking on a custom-build route for your integrations, it pays to take a close, unbiased look at your existing staff’s core competency. The list of knowledge and skills required to build your own suite of integrations is extensive. If you have a team of SQL developers, it may be a stretch to task them with designing and developing secure, scalable integrations.
Your staff may execute integration tasks themselves using custom code, but would the code properly account for security, scalability, or performance? Are they able to write code that is self-documenting and easy for another to pick up and modify? Do you have a well-defined SDLC that leverages code repositories and CI/CD tools such as GIT and Jenkins?
Remember that even if your answer to this question is “yes,”would your business be better served reserving this innovation and development capacity for building tools that differentiate your business, rather than recreating the wheel and building what is essentially “data plumbing?”
The key takeaway here is you should realistically analyze the cost both in dollars and time if you are leaning towards a custom build approach and realize that integrations are rarely a one-and-done affair.
Current Application Inventory
Legacy applications and what will be required to get them integration-ready are another consideration to remember. If your enterprise does not have or support APIs, modern security protocols, and effective environment management, there may be a significant gap in your current architecture and what is needed for successful integration.
Most modern iPaaS tools provide technology connectors to help account for this and provide “legacy enablement” or “legacy modernization” features that can wrap and expose the data in those legacy apps that will stick around for the foreseeable future.
Regulatory and Compliance Issues
You must have a realistic view of the risks and compliance requirements associated with your particular industry and organization. Regardless if you build or buy, these external factors need to be considered in your approach.
If you are considering the build option, determine if you have the expertise and skills to ensure that your integrations will comply with industry standards and regulations.
If you are considering the buy option, ask about the expertise and options in the vendor’s suite. Many industries, such as the life sciences sector, whose work centers on services and products related directly to patient safety, have many regulatory and compliance issues to manage. IT solutions used in these industries must undergo significant scrutiny and reviews. Often in these industries, if you choose the build option, the source code will be reviewed by regulatory auditors. Choosing an iPaaS that has already undergone these reviews and have been certified can save significant time and money.
Packaged SaaS Integration Tools
Be wary of large software vendors that have grown through numerous acquisitions and make claims about seamless integration. While it may be tempting to assume all of the tools from a given software vendor are well integrated, they are often not,especially if they were part of a recent acquisition.
It often takes a year or more for the vendor to build these connections between the acquisition and their core product. This is another space where an iPaaS platform can help provide that connectivity and a higher degree of control over the method of integration.
For example, the first release of an integration between a large ERP vendor and its recently acquired expense software might be based on daily file exchange (and could still have bugs and/or limitations). Your enterprise may need this integration to be more real-time, for example, to reflect an expense in the accounts receivable portion of the ERP suite as it happens.
With a third-party iPaaS solution, you can develop a better integration via configuration and tailor it to your business needs, at least until the vendor-provided integration catches up.
Reject iPaaS Platform Compromises
You can find a very inexpensive third-party iPaaS platform or allocate time and budget to build your integration services. However, both solutions could fall well short of your business needs and expectations. It’s not uncommon to vastly underestimate the level of complexity needed to properly account for things such as security, performance and scalability, monitoring and notifications, and general maintainability in production.
The resulting compromises in cost, time, or quality could lose the confidence of your business and ultimately harm your ability to achieve effective digital transformation.
The Bottom Line
If you’re building custom integrations to meet a one-off business requirement, the chances are high that you will be continuing that same investment as your enterprise continues its transition to SaaS solutions in the cloud for everything they do: ERP, expense management, inventory, facilities management, CRM/sales and marketing, human resources and recruiting, benefits administration, etc.
If your business is growing, your investment in cloud services is likely increasing too, which means connections, integrations, and data movement requirements will increase. Think carefully about the path your business will take to support this growth in a secure, extensible, and scalable way.
At Big Compass, we know there are multiple iPaaS implementation decisions and understand the impact these decisions can have on your organization. Contact us and we’ll be happy to share how we’ve helped other businesses navigate the integration landscape and select and deploy cost-effective solutions that enable both today’s business and the business of the future.