Where does the software live — at someone else's place, or at your company's own place? That's the whole question. Let's break it down like a human.
Imagine you need a car. You have two choices:
Option A (SaaS): You use Uber. Someone else owns the car, maintains it, fills the petrol. You just open the app and go. But you don't control the car — Uber does.
Option B (On-Prem): You buy your own car. It's parked in YOUR garage. You maintain it, fix it, pay for petrol. Full control — but all the responsibility is yours.
In fintech, you're dealing with software like payment gateways, banking dashboards, fraud detection tools — the big question is always: where does this software live and who takes care of it?
SaaS = Software lives on the vendor's servers (their "house"). You access it via internet. On-Prem = Software lives on your company's own servers (your "house"). You manage everything yourself.
"You rent it. They run it."
"You own it. You run it."
No VPN needed. Everything goes through the internet. Vendor manages firewall + security.
VPN is a must for remote access. Your IT team runs the firewall + everything inside.
Think of it as a secret tunnel through the internet. When you work from home and need to access your company's internal system, VPN creates a safe private connection so no one can spy on your traffic. In On-Prem setups, VPN is essential for remote workers.
A Data Center is basically a big room (or building) full of servers — powerful computers that run your company's software and store all your data. In On-Prem, YOU own and manage this room. In SaaS, the vendor has their own data center and you don't have to worry about it.
Architecture just means "how is everything connected and set up?" Like a blueprint of a house — who talks to who, where does the data go, what happens when you click a button. Drawing architecture diagrams is how engineers explain complex systems simply.
Companies never test new features directly on the live system (imagine testing a broken payment button on real customers!). So they have separate environments: DEV (where developers build stuff), UAT/QA (where testers check it), and PROD (the real live system customers use). Keeping these separate = Environment Segregation.
In fintech, this is super important. A bug in a payment system can freeze someone's account. So you always have:
Developers write and break things here. No real data. Anything goes.
Testers and clients verify everything works as expected. Fake data used.
The real live system. Real customers, real money. Handle with care!
| What | SaaS | On-Prem |
|---|---|---|
| Where it lives | Vendor's cloud servers | Your company's servers |
| Who maintains it | The vendor | Your IT team |
| Cost type | Monthly/yearly subscription | Big upfront investment |
| Data control | Vendor holds your data | You hold your own data |
| VPN needed? | Usually no (just internet) | Yes, for remote access |
| Setup time | Minutes (just sign up) | Weeks/months to set up |
| Scaling | Easy — just upgrade plan | Buy more hardware |
| Used by | Startups, fast-growing companies | Banks, govt, regulated industries |
A client says "I can't log in to the payment dashboard." — You check if the SaaS vendor (say, Stripe) has an outage. Go to their status page. You can't "fix" the server — you just raise a ticket with the vendor and tell the client to wait.
A client says "The transaction service is down." — You SSH into your company's server, check logs, restart services. It's YOUR server, so YOU fix it. No waiting on a vendor.
A remote employee can't access the internal banking app — you check their VPN connection first. No VPN = no access to on-prem systems. That's your first question: "Are you connected to VPN?"
Client asks "Where is my financial data stored?" — With SaaS, you tell them: "It's on the vendor's cloud infrastructure, typically in [region] data centers." You'll need to check the vendor's data policy for compliance questions.