More added
value –
with a focus
on security

The digital transformation is continuing apace, with an increasing number of workflows being shifted to the PC, tablet or smartphone – a trend accelerated further by the Covid-19 pandemic. Aareon is relying more heavily on cloud systems as it supports its customers on this journey. There are many good reasons why Software as a Service is becoming ever more important.

An even more rapid response to the challenges of the digital transformation was needed when the Covid-19 pandemic took hold. It quickly became clear who had already done their homework and consequently benefited the most from the order to work from home. Companies that had transitioned to Software as a Service (SaaS) in 2019 were more flexible and managed to make the shift to WFH relatively smoothly virtually overnight. That’s because the option of accessing software conveniently via the cloud – whether from business premises or from home – is one of the many plus points of SaaS, where everything goes via the browser.

How secure is SaaS?

3 questions for IT Security

SaaS as a business

“This technology has major benefits for all sectors. For instance, within the property industry, the trend towards SaaS is reinforced by tenants’ desire for smooth digital communication with property companies,” explains Felix Krohn, who is in charge of Aareon’s Value Creation Program. Expansion of the SaaS business is a central sub-project of this programme. Although Aareon has been offering software solutions from the cloud for a number of years, SaaS has recently become even more important with the ongoing advance of digitalisation and as a result of the benefits to customers of this type of operation. At the start of 2021, Aareon consequently announced that its ERP system Wodis Yuneo would focus more closely on a SaaS model.

Aareon Nederland also relies on a pure SaaS offering in the form of its ERP system Tobias 365. Plans are already afoot to offer additional systems in the form of a convenient service. The Aareon Smart World solution portfolio has also been aligned with the SaaS business model. This allows customers to upgrade the scope of services of their ERP system with various packages that can be tailored to their company’s requirements, thereby creating an individual digital ecosystem. Not only does SaaS benefit customers in any number of ways, but software providers also profit from a stable business model with recurring revenues.

“The outsourcing of our previous in-house solution to the cloud is a further, logical step in our digitalisation strategy, which we have been implementing since 2019 with Aareon’s support. The comprehensive cloud-based solution now enables us to work from anywhere and thus to create new working structures.”

Michael Küpper, Managing Director, Wohnungsbaugesellschaft Velbert mbH (Credit: Studioline, Düsseldorf)

predictable and

Using software from the cloud offers many advantages to customers, starting with the associated costs. SaaS costs are much more flexible than costs for software installed on site; for one thing, the high initial outlay on the requisite purchase of a licence is no longer required. Instead of the respective IT department operating the system on its own servers on company premises, Aareon is responsible for running SaaS in an extremely secure, highly available Data Centre. Property company employees simply access the software via their browser. Other market participants, such as tenants, owners and business partners, as well as technical systems in buildings, are connected to the ERP system via digital solutions.

“Thanks to offer packages that are tailored precisely to demand and always feature the latest solutions, our customers benefit from optimum investment and planning reliability, since updates, add-ons and – in future – convenient solutions are already included in the package.”

Felix Krohn, Director of the Value Creation Program at Aareon
(Credit: own image)

The software provider is also responsible for all maintenance and service tasks as well as all security, compliance and default risks. “Thanks to offer packages that are tailored precisely to demand and always feature the latest solutions, our customers benefit from optimum investment and planning reliability, since updates, add-ons and – in future – user-friendly solutions are already included in the package,” says Felix Krohn. All of this makes IT costs transparent and predictable – for both the user and for Aareon, giving all participants a greater measure of security.

“We want to use the resources at our disposal as efficiently as possible. The use of Software as a Service is more cost-effective in the long term, and the monthly invoices contain a precise breakdown of the associated charges. Every item is shown clearly.”

Christian Theimann, Management Board member, Allgemeine Baugenossenschaft Wuppertal eG (Credit: ABG Wuppertal eG)

Always up to date

But SaaS assures the user of something else besides: always having access to the latest software versions. This forms part of the user contract, as software is considered to be an ongoing service in this model. “It’s like streaming services,” explains Felix Krohn. “Users don’t have to think about whether they are downloading the latest version – it’s just there.” In the past, companies often put off upgrading to new software versions, due to the high acquisition costs and amount of time involved. SaaS enables users to react more easily to unpredictable, abrupt developments. This is because the software adapts to changing market conditions, challenges and legal requirements, as well as to relevant new technologies.

The latest software version is part of the user contract and adapts automatically to all new requirements.

Intelligent data use

Together, cloud-based software and new technologies pave the way for extensive options for customers when it comes to data use. With the help of artificial intelligence (AI), an ERP system can gradually provide more support to the user in performing routine tasks, having learnt how existing data is handled.

Another area in which the use of data is indispensable is reporting. Here, AI and Business Intelligence (BI) combine to ensure that the available data is put to the best possible use. This allows data to be comprehensively analysed, interpreted and visualised with a view to extrapolating business trends and relationships – an important prerequisite for taking informed decisions on the basis of established key performance indicators (KPIs).

In both cases, the bigger the database, the better the results. Pooling data from a number of companies enables individual businesses to avail themselves of a database of the maximum possible size, the requisite access being provided by cloud software.

AI, BI and analytics applications operate much better on the basis of Aareon’s cross-company database.

Ultimately, all software users from a variety of companies work with their data on the software provider’s servers. The data created is used – in anonymised form and in compliance with the strict GDPR provisions – for AI training. AI is then incorporated into PrediMa by Aareon for example, which enables the predictive maintenance of heating systems, pipes and other parts of a building – thereby offering customers significant added value in the maintenance of their property portfolios. Use of a shared database has another advantage besides: “It can help us to monitor how our customers use the software and deduce where there is still potential for improvement,” explains Felix Krohn. “That’s why SaaS is not merely a software model, but a customer success philosophy too.”

The point of it all:
more added value

It is this versatility that enables the cloud software to achieve something that is easily lost sight of when contemplating the digital transformation: focus on the core business. Companies that no longer have to manage their software, servers and IT personnel not only save operating costs, but are also able to devote themselves immediately and without interruption to what really matters, for instance to reducing vacancy rates. “Thus, SaaS quietly achieves the objective of any good business software: improving added value,” says Felix Krohn.

Three questions for Thomas Langholz,
IT Security & Licence at Aareon

How secure is
software as a service?

Personal data on tenants, addresses and invoices, as well as company documents on third-party servers: is SaaS secure enough for companies?

The data is even more secure than it would be on in-house servers – provided that the latter are run as they are in the Aareon Data Centres. The cybersecurity threat has increased massively in recent years, with cybercriminals becoming more professional, faster and more effective. Protection against this threat requires a great deal of investment in terms of time, skills, money and human resources. Current events have only exacerbated the problem: working from home, the requirement for seamless operation of all software tools and the shift to the cloud are aspects that are difficult enough to manage as things stand. But the growing threat landscape has been rendered even more complex by the trend of working from anywhere at any time. Companies that only deal marginally with the issue of cybersecurity can hardly afford to provide effective data protection. It’s much more efficient and secure to rely on a cloud solution such as Aareon’s.

How exactly does Aareon ensure the security of its SaaS solutions?

We have a Data Centre at two locations. This satisfies the most stringent availability requirements: the systems are always available, even in the event of a switching system failure, flood or explosion at one of the sites. We also protect our network with next-generation firewalls which are capable of detecting suspicious network activities. Our backups are saved offline at various locations. Even if a hacking attack on our Data Centre were to succeed, no data would be lost. Our employees are also given regular security awareness training. Finally, our products are programmed securely from the outset – with adherence to the most stringent security standards in software development. We check system security regularly in internal and external audits and by mounting test attacks on our systems and applications with a view to identifying potential vulnerabilities.

With which certification standards does Aareon’s IT infrastructure comply?

We have TÜV (technical inspection agency) certification pursuant to High-Availability Level 4, which also satisfies banking requirements, plus IDW PS 951nv type B attestation as defined by the Institute of Public Auditors in Germany (IDW), which is of particular relevance for our customers’ auditors. We are of course also certified in compliance with the globally recognised ISO 27001 standard for information security management, and the technical inspection agency TÜV Rheinland has awarded us certification for our data protection management.

More about the topic:

Certificates at Aareon

What are customers’ requirements in terms of IT security?

“For us, a crucial argument for the use of cloud-based solutions was the guarantee of optimum data security. We think that the best way to achieve this is to leave it to the experts. So, it didn’t take long for us to decide to outsource this task to Aareon.”

Michael Küpper, Managing Director, Wohnungsbaugesellschaft Velbert mbH (Credit: Studioline, Düsseldorf)

“The requirements associated with IT security have become considerably more stringent and are subject to ongoing change. As a small cooperative, we simply can’t achieve the same standard of security as that offered by Aareon in its own Data Centre. Another important consideration for us is that the servers are located in Europe and operated in compliance with the GDPR.”

Christian Theimann, Management Board member, Allgemeine Baugenossenschaft Wuppertal eG (Credit: ABG Wuppertal eG)

More Stories