Skip to main content
Laptop on the desk with network attached storage. Computer, nas and stack of hard drives on the table. Cloud technology, online disk, remote backup, security copy and archiving internet concept.

SaaS, SOC, and API

Technology terms for modern tech stack  


June 7, 2022

Software as a Service (SaaS) is one of the biggest changes in technology in the past decade. It fundamentally shifts what the vendor provides from a product to a service. With SaaS, the vendor is responsible for physically hosting the software, managing software updates, disaster recovery and in some cases data acquisition. The software resides in a data center and the client accesses the software via a web browser (via “The Cloud”). Most vendors offer multiple flavors of their product including vendor hosted, private cloud and client hosted. It’s important to understand the benefits and drawbacks each hosting arrangement might offer your firm.

SaaS offers many benefits to family offices and business management firms.  You do not need to invest in expensive hardware or manage software updates and you have access to the product from anywhere. SaaS is an “on–demand” service versus a product and should be evaluated as such. This requires going deeper than a demo and understanding the details of Service Level Agreements in terms of system availability and disaster recovery.  Additionally, you should review the reporting your vendor can provide to prove they have the proper controls in place.


 

Service and Organizational Controls (SOC) Reports

Service and Organizational Controls (SOC) is a report published by an independent CPA that certifies the organization meets certain best practices and prudent controls for building technology and handling data. A SOC I report states that the organization has met these requirements as of a point in time. A SOC II report states that the organization has been tested and meets the requirements over a length of time.

It is expensive and time consuming for a vendor to go through a SOC audit. As such, not every software provider does it. If you are considering a SaaS solution that involves sensitive client data, it is an important consideration when selecting a new vendor or evaluating an existing provider.  Ask for a copy of their SOC audit.

API Connectivity

Application Program Interface (API) is a set of protocols and routines that allow different software systems to talk to each other - Machine to Machine. APIs are a modern approach to moving data between applications. API integrations are a scalable and secure way for applications to talk to each other.

Many providers have APIs that allow for seamless data and workflow integrations. APIs require coordination between vendors to ensure the two products share data securely and with proper authentication. Most vendors will conduct due diligence with integration partners to ensure a good business, product and security fit.

When selecting new technologies, it is important to consider whether the vendor has an API and if they can connect with other critical systems that are part of your ecosystem. It can be difficult to find a single solution to meet all the requirements of a family office or business management firm.  A provider with robust integration tools and a mature ecosystem may be a better fit for your business.

 

Technology Stack & Best of Breed

A final consideration is your vendor’s technology stack (tech stack) and it’s alignment to your firm’s needs. A tech stack refers to a firm’s integrated technology components. For example, your firm may use a CRM that is integrated with your investment reporting system that is integrated with your financial accounting system. These are the core components of your operations, and they ideally should have some level of integration.

Software solutions that have API integrations and develop integrations between providers allows firms to pick and choose the best solution for their particular circumstances. They are able to select the best-in-class vendor for specific solutions. No one vendor can be good at everything. APIs enable best-in-class technology stacks which allow firms to pick and choose the right technology components for their operational needs versus all in one solutions which may not provide the best technology outcomes for your specific firm.

These are just a few considerations when examining your technology strategy and making future buying decisions. Family offices and business management firms should look beyond the demo and price to consider other criteria in order to properly determine if their service is a good fit for your organization now and in the future.

Related Blogs:

Three Steps to take Before Selecting a Technology Vendor

Integrated Client Accounting Services

Datafaction is an RBC company and a wholly-owned subsidiary of City National Bank Member FDIC

City National Bank is a subsidiary of Royal Bank of Canada. Deposit products and services are provided by City National Bank.

This article is for general information and education only. It is provided as a courtesy to the clients and friends of AgilLink. AgilLink does not warrant that it is accurate or complete. Opinions expressed and estimates or projections given are those of the authors or persons quoted as of the date of the article with no obligation to update or notify of inaccuracy or change. This article may not be reproduced, distributed or further published by any person without the written consent of AgilLink. Please cite source when quoting.