Once an experimental deployment model, SaaS is becoming the de facto business, technology, and user model for how organizations use software to run operations and serve customers 24/7. In our last post on Responsible Spending [1], we wrote about what spending on software and SaaS could mean in the 2020s.
In this post, we introduce the SaaS Supply Chain (“SSC”), applying the operational concepts of the physical world supply chains to the world of software and posit that SSC will be a key driver to scale future SaaS consumption. As almost all SaaS final products are composed of many other software suppliers–we believe this approach can also help SaaS buyers and sellers gain resilience, manage risk, and achieve their business goals.
Software composition, assembly lines, and supplier logistics
The platform model of building software and focusing on the best of breed product experiences has allowed software developers to compose their final product using other software providers. Building out great software products is increasingly becoming a low-code child’s play [2]. One can host the codebase on GitHub, deal with support issues on Zendesk, store customer information on Salesforce, and send marketing emails via HubSpot while running the application on Amazon Web Service. A software product vendor can focus on building the core value proposition to its customers whereas sourcing the non-core from other suppliers.
The modern software product has a lot in common with the product assembly line approach of manufacturing goods. For instance, on the production side, a hand-sanitizer manufacturer focuses on its unique formula of a great cleaning product and bottling and packaging the formulation, while sourcing the essential chemicals, the plastic bottle, the labels, the boxes from its network of suppliers from across the world. On the distribution side, a grocery store that sells the sanitizer relies on the logistics vendor to stock its shelves on a periodic basis.
Real-world supply chain complexity, visible and invisible interfaces
The traditional world supply-chain is a multi-hop network process defined to fulfill customer demand. The supply chain ensures that manufacturers don’t run out of raw materials, and customers don’t run out of finished products. Apple, Inc. ensures that its manufacturer Flextronics does not run out of batteries, glass screens from Gorilla Glass, and Taiwanese ASICs, while customers get their favorite iPhone delivered on time.
Let’s take a simple non-technology example of the neighborhood Target store to deconstruct the supply chain.

To the normal eye, a customer walks into the ‘Cleaning Supplies’ aisle, buys a bottle of sanitizer, pays by credit card, and walks out. Here are all the things we do not see behind the scenes happening at the store:
- Trucks of manufacturers and their network of upstream suppliers
- Loading dock with deliveries from distributors, stockists, and other intermediaries
- Plans and implements, and controls for the flow and storage of perishable versus non-perishable goods
- All the technology endpoints from cashier to a manager to store to back-office to run merchandise returns
- Secondary agencies such as security representing other nodes in the supply chain
- A pop-up Starbucks coffee’s own chain of upstream logistics
- Suppliers of cleaning materials for the bathroom
- Utility companies, waste management, and recycling operations
- Building owners, municipalities, and their code of operations
Software supply chain complexity, interlinkages, nodes, and networks
Modern-day software products are also the output of a creative assembly line that uses other software products to deliver value to customers. The sum of individual parts orchestrated in a unique way to solve a business goal is in many magnitudes better than a simple arithmetic sum of the individual applications.
Formally, we define SSC or SaaS Supply Chain as a chain of interlinked software products and software services. A node in this chain could be dependent on the upstream nodes to offer completeness of functional offering to its consumers.
We define downstream nodes as the ones that are closest to the user of a product. In contrast, upstream nodes supply software or IT services to downstream nodes. Additionally, we define mid-stream nodes when a few nodes are co-opting to serve a consumer downstream. Each downstream node depends on one or more upstream nodes to provide an end-to-end service to its customers. This can be further defined using swim lanes in Unified Modeling Language [3].

Illustrating the image with an example, a support operator (“business user”) depends on a Service A, such as a text chatbot that answers queries to customer questions. This chatbot further depends on a Service B, such as a Telephony and messaging API provider (e.g. Twilio), that receives/routes the text messages from/to a customer. Not shown in the illustration above is that Twilio is further dependent on an upstream Telecommunications provider.
How complex is the software or SaaS supply chain? Let’s take a simple example of Target’s online store. To the normal eye, a user logs in, adds a pack of sanitizers to a shopping cart, pays by credit card, and logs out. Here are all the things we do not see behind the scenes happening at Target.com:

- Website hosted on a cloud vendor or in a datacenter
- Homepage images being served using a Content Delivery Network (CDN)
- Customer service calls and support requests being handled by a third party software
- Customer profile hosted in a CRM
- Online reviews powered by an ISV
- Social profile powered by an aggregator
- Search services using another software
- GDPR Consent Management Platform powered by a third party
- Hidden from the common eye, provider of network security services to protect customer data
These various products are offered by different software vendors and together, they help distribute the final service to the customer. Under the hood, Enterprise companies today rely on a variety of small to large software products to serve their customers. The average medium sized company now uses 150-200 applications under the hood, and Fortune 500 companies use thousands of applications, some 10-100 times more complex than target.com.
Supply-chain agility, bi-directional management, SaaS at scale
Traditional real-world supply chains have emerged over the last many decades. There are theories, best practices, and models to deliver goods to customers while ensuring fault-tolerance, disaster management, and risk mitigation. The shift in how software products are being built and delivered is mimicking its real-world product counterparts.
A similar model of agility, resilience, and bi-directional management is required to guarantee uptime and availability. As consumption of SaaS grows 25-30% Y-o-Y, a similar approach of managing a supply chain of interlinked software would allow organizations to use software products more robustly and responsibly across their operations, while managing for both risk and growth, internally and across their business perimeter.
In our next post, we will outline these new possibilities and risks presented from the lens of the SaaS Supply Chain.
References
[1] Why Responsible Software Spending
[2] Battle over a world without code
[3] Upstream and downstream in Software Development
Images: Truck driver/Shutterstock. Target interior/Flickr/Mike_Mozart