Why there is a green for SaaS and red for open source?

12th July 2013

Here we are, SectionBox

10th April 2013
 
 
Back

This article is response to many questions that people ask. Many of the questions and concerns comes from SectionBox being software as a service (SaaS) and not being freely downloadable open source project. I want SectionBox to be best suited for most of the users and help sections to done administrative work as efficiently as possible. In following lines I will tell you why is SectionBox distributed as SaaS and on other side has not adopted open source ideology.

SaaS

Software as a service (SaaS) is one of the ways how to deliver software to users. It is quite different from usual stand alone distribution in the "box". In this part of the article, I will explain why it is the best way how to distribute SectionBox system.

SaaS is approached by an user in different way as regular standalone software. SaaS is not a product on user’s computer but service somewhere in the "cloud". SaaS is usually accessed via web browser to achieve better accessibility and platform independency. SaaS that you probably already know includes: iTunes Store, Google Apps or Microsoft Office 365.

In following paragraphs I will try to explain main advantages of SaaS. It is not full list but rather reduced one with regard on SectionBox system.

Updates

It is usual that every software is updated during its life cycle. Updating software is quite important, especially from point of overall software security, which will be later presented in detail. Security is not only reason why to update software. Within the updates there is usually new functionality or improvements introduced as it is in case of SectionBox updates. SectionBox system is updated regularly. In average once per month there is a small update. In addition to small updates a big update is released at the end of each summer (this year will not be the exception and update is going out in August 2013).

Updating regular software usually requires assistance of the user or in case of web application (e.g. ESN Satellite) time and knowledge of dedicated IT person. On the other hand updating SaaS is for user more user friendly because whole process is done by the provider of the software. When SectionBox system is updated user usually does not notice anything. In case of regular updates system transparently switches to updated version, without any outage. User realises that new update has been released only by update notification and appearance of new features.

To sum it up, user does need to update SectionBox, it updates itself by its own because it is SaaS. This saves time to user and also increases his comfort and security as update is applied as soon as it is developed in appropriate manner.

Availability

Since SaaS is running in the cloud, it is available 24/7 from any destination on the world that provides Internet connection to user. As SectionBox is internal information system, therefore it is usually used from the office, Internet connection is not the problem. SectionBox is accessed via web browser, which makes system platform independent and can be used on the PC, Mac or even Android tablet/smartphone.

To have SectionBox with you at all places that you work from, you do need to carry arround same device with software in it but you can use available IT resources at each of the sites. When you want to access it even in a bus, you better to carry decent smartphone with you all the time :).

Scalability

Every software is designed to be able only process certain amount of data. Good example is Microsoft Excel application processing vast spreadsheet of data. In some cases it does it very slowly and in some it is not able to process it at all. SaaS and therefore SectionBox has it limitations as well, but t is concern for the provider and not user. We try to provide service that will be fast enough, with no matter how many data system has to process. From my experience, it is no difference if you working with a hundred or a thousand foreign students, system is still well responsive.

SectionBox is build to be fast and reliable. With current hosting provider (Websupport.sk) we are able to provide service for hundreds of users (sections). Performance and availability is something that is no concern for us

Maintenance

This point mainly applies for systems that are run independently by the organizations to provide application to their members or public. In scope of NGOs it can be internal forum system or in bigger view corporate accounting system. In cases of such systems there needs to be dedicated administrator that maintains such system. This we can apply on ESN, where section needs to have IT capable person in order to be able to use systems as DokuWiki or ESN Satellite.

As SectionBox is distributed as SaaS requirement for maintenance is not present. System is maintained by the provider and users are left with service that is ready to be used all the time and working as it should. I am one of the developers and I can assure you that we know how to handle any sort of the problem with efficiency that can be hardly reached by anyone else. But it is not only us who participate on maintenance. Great deal of it is done by the community, users, who are giving us immediate feedback on bugs and issues that needs to be solved. In such cases , issuing hotfix is just matter of few days.

Open Source

After reviewing Software as a Service advantages and principles I would like to continue with explanation concerning SectionBox and open source approach to software development. For now, SectionBox is not an open source project and in following text I will explain why it is so and what are main benefits of it.

Non-IT Audience

One of the main reason why SectionBox is not open source is its target group. Usual open source project is developed with strong IT community and is not usually dedicated for broad public but rather IT professionals, who can fully benefit from accessing source code. One of the main arguments for open source is its ability to be further developed by the community and everyone can adapt software to his needs. But there are conditions to it. Only quite IT skilled people are capable of adjusting software to their needs without breaking it. Even smaller group wants to actually do it and even more smaller can benefit from it. In case of SectionBox, this number is so small that making SectionBox system open source would not make any sense.

Vast majority of SectionBox users, present or potential are end users with average IT knowledge seeking mainly service that is well functioning and they can benefit from. As those people do not have any desire to review the code and they are happy with system as it is (yes, they are quite happy about it :), then consequently we have no reason to spend our time on something that is not wanted and will be seldomly used.

Fragmentation of The Project

Ability to adjust software is one of the key features of all open source projects. One can take code from one project adjust it and then use application in other ways as original author mented. This can greatly helps to developers but hardly to any end user.

With every adjustment original project is fragmented to more similar projects and developers may end up solving very same problems on similarly aiming project, and therefore wasting human resources on solving one case twice. Another issue here is that with more even very similar projects, greater maintenance is needed, which is drawback for overall innovation.

I believe that for the future success and sustainability of the SectionBox project, it would be best if no fragmentation occurs. Such phenomenon that comes with every open source project can harm the project and that is last thing I want for it. If someone claims that he want to adjust SectionBox to needs of his section, he is very welcomed to join SectionBox team and improve functionality with us for benefit of all sections.

Security

One of the most crucial aspects of every software is its security. Security ensures that SectionBox data remain protected and consistent. Security is base for reliable SectionBox service as well. It is certain that security is big issue for us and in case of SectionBox, going open source would definitely decrease overall security rating.

Proprietary source code is accessible only to developers and not to public as it is in case of open source. Therefore possible attacker, who would not have access to source code of SectionBox will have to find software error from the outside by using SectionBox and not seek for error in source code, which is way more effective way how to find bug and abuse it. Therefore attacker that wants to hack proprietary software code faces bigger hurdle to overcome than in case of open source.

There is one good example from my practise, how open source code can be more prone to successful attack as closed source. Let us take for example Drupal project, an open source CMS that is ESN Satellite based on. Drupal is famous for its updates, they are released quite often. Sometimes update is fixing crucial bug that can be used to abuse whole system. Imagine that you have intention of compromise some Drupal (ESN Satellite) installation and just new Drupal update is released with crucial bug fixes. You do not need any exceptional hacking skills to take new version and old version of the Drupal a see what changes were made. According to those changes you will be able determine weak spot of the old system and develop technique for breaking into such system. Followingly all systems that are not updated can be hacked using exploit that was developed from reviewing of open source code. This example shows how crucial updating your Drupal (ESN Satellite) system is and how open source can help hacker to find his way.

Now you may be wondering, why is e.g. Linux or Android open source when it seems more risky. Well such software benefit from being open source by having great community. This also implies for security. There are thousands of developers who review Linux and Android code and only very few has intentions of hacking it. Unfortunately SectionBox community will never raise to such extent and there always will be only few developers reviewing code and there will be much higher ratio of those who will be trying to break into the SectionBox.

Overheads

Open source creates overheads, which are rooting from maintaining open source project, its distribution and documentation. This issue was partially mentioned above already, but I would really like to emphasize it. Making SectionBox open source would be ineffective and step back. We prioritize users and what service is delivered to them. Therefore we rather spend our time on developing new features and improvements of the system than on making and maintaining it open source for very small audience with no benefits for regular user.

The End

I hope that explanation of those few aspects brought more light into the discussion of SectionBox being SaaS and not being open source. Usability and value that is brought to the organization is what we try to maximize most. We are not trying to make technological marvel but rather we use available technology to bring exceptional tool for you.

Back
Back

For many SectionBox is something new and unknown. In this introductory blog and in many that will follow, I will try to present what it is all about. I will share my thought, problems and hopefully successes as well.

In this initial blog I will try to unveil why SectionBox is alive. I will try to explain my motivation and incentives for this project. History and even some aims for the future will be introduced.

Before all of those, let me introduce myself. My name is Jakub Siska and I am founder and currently head of the SectionBox project. My alma mater is Brno University of Technology and this is the place where it all began, in summer 2008.

Since beginning of 2008 I was in local ESN section (ISC VUT Brno) and this experience was crucial for entire project. When I join ISC it already had around two-fifty Erasmus students per year. This was quite a decent number, which produced a lot of administrative overheads. In that time all students were recorder in one spread sheet and I was even more amazed when I found out how those entries got into the spreadsheet. Since section was provided only with emails of all incoming foreign students it had to obtain all other contact and personal information by itself. Therefore one of the members sent email to every foreigner and as they were replaying she entered data into spreadsheet. When I heard about it first time I started to feel very for the lady in charge since she had must spend hours on maintain that spreadsheet.

Only reason why I was stunned and others seen it as standard procedure was because I was in second year of IT in that time and already had experience with information systems. Rest of the section has different study background, mostly economics and business. So I started to look and analyze what can be changed for overall benefit.

Therefore I got to work again and soon I finished all necessities that were required in order to use it as fully functioning system. It needs to be mentioned that in that time system was much smaller. It included only functionality that is today known as Pickup/Buddy Module. Even users accounts were pulled from section’s ESN Satellite system.

Upon the finish, initial version was deployed and used. It was a great feeling to see bunch of people use your work for their benefit. This probably was point, which gave me motivation that lasts practically till now. As people were using it, we started to talk about things that can be done to make system even brighter. In this stage name for the project has been introduced. Everyone started to call it Pickup System, since it was all about selecting and then picking up Erasmus students from places of their arrival.

As time was passing minor updates were done. They were mostly covering fixes and small functionality or UI improvements. Notable change came in the beginning of the year 2012. As I returned from studies in UK and I got last semester at university ahead of me. During that time I had no regular classes only postgraduate project, therefore quite leisure time. So I started to focus on the project and changed it from base. First, system was divided into modules. User administration module was first from many to come. System got independent from ESN Satellite installation. Consequently other modules were born. Modules for handling events, ESNcards and FTP module had been designed and developed. Last mentioned is going through major redesign now, to better serve the purpose.

Not only functionality got extended but graphical part of the system got refreshment as well. I got very lucky that design was done by my friend Ivana. Ivana is great designer and she made system extremely good looking. And it is not only about how it looks and feels but furthermore it is about interaction with users, which was boosted by new design notably.

User interaction and how people are using system is another chapter that was quite a big thing in 2012. It happened few times that I have to redo certain parts as people found it uncomfortable and suggested other ways how to do it. Good example in this case is issue with payments in event module.

Originally payments were recorded for every event separately. User went on event page, where the list with all registered foreign students was and recorded payment for particular students. But it turned out that grouping by events was not optimal. Users complained about need of moving from one event page to another in process of recording payments. They wanted to have list of users where can record payment concerning one student but for multiple events. We discussed this issue further and designed new list for recording payments. You can see for yourself that the list is there and it is primarily used for recording payments, but still payments can be recorded in event page as well.

After the summer when I finished all of my studies I started to wonder how to secure the project after I leave. I want it to go on and support sections. As there was no one in the section who was ambitious to push project forward I came with an idea to make it international, to go bigger and find future team members in larger pool of users.

Now I have another five colleagues that are helping me spread the word and develop new functionalities. We set course to go further and establish entirely new community of students around this project to make it sustainable. Right now, it is several months that we are putting a lot of effort on this attempt and we are far from stopping. Marketing activities are fun and we are quite enjoining it, even though it is ride like on roller-coaster. One day we are up and another we are spinning down. This bumpy ride brings a lot of stories and I will try to share some of them with you in future blogs.

There is a lot to tell. In next blogs I will introduce core team along with future plans. There are many great things coming and I want to keep you being informed. It is important for me, for us, to communicate out every aspect, every question asked because issues need to be understood as they are and not as they may appear to be. I believe trust and communication is a key for success in every relationship.

Back
 

Contact us: