Rockawork’s proprietary solution, which supports electronic archiving and document workflow, is available in the Software as a Service (SaaS) model. Cloud ECM is a flexible business service, not a traditionally purchased IT technology. This is a significant difference that alters the approach to investing in such solutions and offers an attractive alternative to the license purchase model for organizations considering a professional system for document management and workflow.
Virtually every organization possesses IT systems that support the execution of its business processes. Most often, these are transactional systems such as ERP, CRM, HCM, BPM, SCM, EAM, alongside which large quantities of unstructured, diverse data are accumulated, generated in an uncontrolled and unplanned manner. This data does not constitute records in the databases of these systems but is related to the processes that these systems support. The manner of their creation and their volume are largely independent of the organization itself.
These primarily include text files, spreadsheets, presentations, scanned documents, photos, multimedia files, technical documentation (drawings, plans, device designs), organizational documentation (templates for offers, contracts, directives, regulations, instructions, procedures, process descriptions, manually completed application forms, etc.), email messages (with attachments), financial documents, HR documents, call center recordings, and other types of content that feed business processes or are a product of their execution.
Some of this information is often “hidden” in individually created workbooks, reports, or personal folders and is stored on workstation drives, network resources, or portable devices. This method of information accumulation generates significant risk for organizations, not only concerning security or accessibility but also document currency (version control), lack of knowledge sharing within the organization, or reporting of the data contained therein.
All organizations that:
should consider implementing an Enterprise Content Management solution as a way to optimize their business processes.
Due to the architecture of transactional systems, it is difficult to effectively manage documents and their workflow using them, meaning to identify and analyze accumulated content. Such systems are not designed to manage information flowing in from the environment in the form of correspondence, faxes, recordings, or documents created by employees as MS Office files, scans, photos, etc. By themselves, they will not provide effective mechanisms for large-scale document organization, i.e., their automatic recognition, classification, and structuring (e.g., by folders, types, cases), archiving, or web access combined with advanced and fast searching. According to various sources (Gartner, Forrester, IDC), it is estimated that about 80% of corporate information resources are created in such an unstructured manner.
An ECM class solution is a way to free an organization from the paralysis caused by suboptimal document management. Lack of access to documents (including archived ones), inadequate or insufficient security mechanisms, delays in information flow, lack of version control, incompleteness of documents in a case or process, inability to quickly collect documents from multiple sources, inefficiency in document processing (e.g., in financial document workflow, complaints, customer applications), or finally, increasing time spent on document management – these are just some of the problems that can be resolved using ECM.
Rockawork’s proprietary solution supports document scanning with automatic content recognition (OCR), automatically makes documents available within a process or case, and thanks to its workflow module, accelerates information flow and automatically delegates tasks to designated individuals in the process. This enables faster and better business decisions, optimizing working time and organizational costs. Furthermore, ECM allows for the organized and secure archiving of any content, full management of permissions, and making documents available to virtually any IT system (as a “content server”).
Rockawork was designed with security, user work efficiency, and simultaneous support for content management and workflow in the cloud in mind. The solution features an architecture that is unique in the ECM system market. It is based on the concept of logical systems, guaranteeing the security of stored and processed documents and data. ECM is a modern platform on which you can independently, without the help of All for One Poland consultants, design any document archive and manage its workflow in business processes. All these functions are available in the SaaS model.
Although ECM has a typical multi-layered architecture (i.e., a data storage layer, a layer related to processing logic, and a user layer), its functionalities are accessible via a web browser. During the design and development of ECM, we placed particular emphasis on enabling application configuration by the business user, with minimal involvement from an IT specialist.
User access, defining document types, and managing workflow processes are entirely possible through a web browser and by the business user. Consequently, for individuals performing tasks within a process, it is irrelevant where and on which server the application is installed, who administers it, or who ensures its security, performance, etc. It is accessible to them in the same way from both internal and external networks: functionalities supporting document and process management are available in a single web browser window.
But what makes the SaaS model a good alternative to the license model, which was so popular until recently?
Increasingly, organizations are opting for IT application outsourcing because they recognize the many advantages of this model and see it as a way to gain a competitive edge in the market. An ECM implementation project operates at the intersection of business and IT technology. When a business unit approaches IT with the initiative to implement an ECM class solution, it often turns out that the organization lacks sufficient IT resources. This could be due to a lack of appropriate technology and infrastructure, an insufficient number of middleware licenses accompanying traditional software models (licenses for databases, server operating systems, virtualization technology, backup, etc.), a shortage of specialists, or simply a lack of time for IT to support the project.
In the case of traditional, license-based ECM installations, the aforementioned obstacles often lead organizations to abandon solution implementation. They do not seek alternatives that would overcome the barrier of long-term costs (related to system administration and maintenance) and high initial, one-time IT investment outlays (purchase of necessary infrastructure components, additional specialists, etc.).
The SaaS model can be an alternative to these problems, where all IT capital expenditures (CAPEX) related to the purchase of an ECM solution are entirely replaced by operational expenditures (OPEX). The costs of purchasing and using the application are spread over time. To implement ECM, we do not make a one-time investment in technology subject to long-term depreciation; instead, we systematically pay for a cheaper and more flexible service of providing the ECM platform via the Internet, which entirely burdens operational costs. Apart from end-user workstations, all IT elements necessary to launch the project are provided by the ECM application vendor – from delivery to system maintenance.
The most common form of payment for ECM in the SaaS model is a subscription. Its amount depends on the extent of application usage by business users. Their number may change, for example, depending on employment size or the actual needs of the organization during a specific period. Changes in employment levels or application usage (adding or discontinuing specific functions performed using ECM or subsequent processes) result in a change in the service fee. Therefore, a SaaS subscription does not have to be a fixed amount. SaaS also does not imply IT investment or the purchase of an ECM license with maintenance, which is why launching an ECM project involves much lower initial financial outlays than with the license model. This, in turn, lowers the financial barrier to entry and allows for quicker strategic initiatives.
Thanks to the SaaS model, there is no risk of abandoning an application implementation that could bring specific benefits or savings to the business due to excessively high IT costs. Moreover, investment outlays can be shifted from IT investments to alternative, strictly business investments related to optimizing the process supported by ECM itself.
In the SaaS model, there is also no risk of over-investment, as we do not purchase excess computing power, storage space on arrays, or unused licenses. The simple “pay as you go” principle applies, meaning we only pay for what we actually use.
Software as a Service changes IT expenditure liquidity, and this aspect can be particularly important when there is a need to collect and manage a large amount of data within a specific timeframe using a professional ECM system. For example: a client project, corporate mergers and rapid, secure document exchange, or temporary application deployment while awaiting a corporate rollout.
Additionally, with the SaaS model, the risk of facing the necessity to purchase new technology, upgrade, or extend licenses to ensure application continuity at some point disappears. SaaS, by definition, transfers the risk of application maintenance and security to the service provider – they should be obligated to provide updates, fixes, security enhancements, etc., within a single, predictable subscription fee.
Technologically, Rockawork is entirely based on the Data Centers infrastructure. We currently have two independent “sites” that guarantee redundant systems for ensuring the security of client data and systems. At All for One Poland, we independently manage the IT infrastructure for ECM in the SaaS model, thus client security is also ensured organizationally, through the presence of a single provider with significant implementation potential and proven server room infrastructure. We do not use subcontractors.
All for One Data Centers has an integrated management system, ISO 9001, ISO 27001, and ISO 20000, implemented and certified by independent organizations. Clients who entrust their applications and systems to All for One Poland can be assured that communication follows flexible and documented procedures, is supported by professional tools, and risk management is focused on systematic organizational improvement and threat minimization.
When considering the SaaS model, much attention is paid to security. For the business user, the security of the Rockawork application in the SaaS model primarily means operational continuity (availability), performance (work comfort), data security and rapid recovery in case of failure, ease of making changes to the application (ability for business users to configure the application), and continuous support from IT specialists.
In the traditional model of software installation on one’s own IT infrastructure, the client’s IT department is responsible for application security. In the SaaS model, responsibility is transferred to the Rockawork solution provider and governed by an SLA agreement. Thus, the risk associated with application maintenance is transferred outside the organization and accounted for accordingly.
From a technical perspective, the most important security elements include the Rockawork software architecture guaranteeing data encryption, user-transparent backup technology, the network and server infrastructure used in the data center, service request management procedures, applied standards, methodologies, and conducting periodic penetration tests, i.e., controlled attempts to breach or overload the application. Security also includes documentation confirming systematic checking and maintaining or raising the level of security, as well as operational and tested procedures and evidence of systematic and conscious risk management in the data center.
From a security perspective, choosing the SaaS model for the Rockawork application thus comes down to answering a few fundamental questions: will the security for ECM application users be higher in the SaaS model or in the traditional, license-based, internally maintained software model? Are we technologically prepared to provide and manage the IT infrastructure for an ECM application? Do the outsourcer’s work methods and organization ensure a sufficient level of security at optimal costs? Are the SLA parameters provided by the application vendor suitable for our business needs?
Our experience shows that often the level of security for applications in the SaaS model is the same as or higher than the security level of applications maintained in one’s own server room. It is then worth considering the risk-to-cost ratio of both approaches and taking into account other benefits associated with each model.
The SaaS model, for Rockawork solutions, offers a range of benefits, especially for smaller organizations strategically focused on outsourcing IT competencies. The lack of need to maintain non-business competencies, spreading payments over time, lower entry costs, and risk transfer significantly increase organizational agility, understood as the speed of responding to changes in the environment. In the SaaS model, an ECM solution can be implemented faster, allowing focus on business development and optimization rather than technology investments.
The Software as a Service model can also be a compromise between an organization’s current (urgent) needs and its current purchasing capabilities, reconciling the lack of IT resources on one hand with significant business pressure to improve processes on the other.
It is also worth noting that the SaaS model significantly simplifies service and reporting procedures on the client’s side, thereby eliminating another source of costs and organizational difficulties in IT. The burden of responsibility for the application’s efficiency, performance, and security rests with the provider. In the case of the license model, service responsibility is most often distributed among individual user support lines, and the IT sphere is almost always managed by a team of client specialists. In the SaaS model, not only is there no need to maintain such a team, but other costs related to organizing, documenting, and managing service requests on the client’s side are also optimized.
Due to the continuous shortening of the lifecycle of IT applications supporting business processes, organizations are seeking ways to optimize technology expenditures. A five-year return on investment period has long been unacceptable, which is why more and more companies are looking for complete, fully functional, secure, quickly accessible, pre-configured solutions that minimize IT outlays, and sometimes even temporary ones. With such a direction and approach to IT, also changing in the face of the availability of cloud computing solutions, in our opinion, the SaaS model will gain popularity. The added value that an organization generates through ECM, in the SaaS model, is achieved additionally (i.e., beyond the benefits associated with ECM itself) thanks to lower IT investment outlays spread over time and correlated with current business needs. SaaS is also an excellent solution in cases of difficulty finding project funding sources.
The Polish market offers a relatively large number of ECM solutions that can operate in a SaaS model. However, not all producers of such software are simultaneously IT service providers and managers of their own professional IT infrastructure. Relying on subcontractors for strictly IT components can be less secure and more organizationally challenging for clients than consolidating responsibility for the application with a single provider possessing adequate capabilities and a robust Service Level Agreement (SLA). Therefore, choosing an ECM application in a SaaS model is optimal when the technology (application) producer also provides its own managed IT infrastructure. This approach prevents the fragmentation of responsibility for SaaS service quality, centralizing all potential service issues under a single entity accountable for the ECM service parameters.
Organizations sometimes perceive externally maintained systems as inherently carrying higher risk, often without fully assessing the scope of that risk. However, it is crucial to consider whether internal IT resources genuinely guarantee a superior level of security at an optimal cost. Frequently, a direct comparison of these two factors – security and cost – ultimately favors a specific solution. The evolution of technology, coupled with financial managers’ increasing confidence in the efficiency of outsourcing models, is driving organizations to more readily adopt applications provided and managed by external entities. This approach is justified not only by enhanced security but also by the rationalization of IT expenditures.
The SaaS model occasionally raises legal concerns. However, it is important to note that the current legislative trends in Poland already account for outsourcing models, provided that appropriate levels of security and risk management are ensured.
In our estimation, the increasing pressure from managers to optimize IT costs that do not yield direct business benefits, coupled with the continuous need to optimize and enhance key business processes, will drive growing interest in SaaS applications. The SaaS model for ECM solutions is particularly gaining proponents among organizations that manage their IT independently.
Today – meeting.
In two weeks – a prototype.
Another two – launch!
Today
Our team will be happy to answer your questions.
