BYTES | SaaS, IaaS, PaaS, DaaS | Skadden, Arps, Slate, Meagher & Flom LLP

Confused by the alphabet soup of cloud acronyms like SaaS, IaaS, PaaS and DaaS? In the latest episode of “Bytes” — an extension of our “SkadBytes” podcast from Skadden's IP and Technology team in London — associate Emily Griffin breaks down what they mean, explains how these cloud “stack” layers interact and discusses why understanding your business’s position in the stack is vital for regulatory compliance and for managing legal and commercial risks.

Episode Summary

In this “Byte,” Emily Griffin from Skadden’s IP and Technology team describes the key acronyms that power today's digital economy. As she explains, SaaS (Software as a Service), IaaS (Infrastructure as a Service), PaaS (Platform as a Service) and DaaS (Desktop as a Service) form a comprehensive cloud "stack.” “Understanding where a business sits in the stack is crucial for regulatory compliance, legal and commercial risks,” she says.

Voiceover (00:01):
Welcome to Bytes from SkadBytes, jargon-free byte-size insights from Skadden’s IP and tech team on the key issues shaping the tech landscape.

Emily Griffin (00:12):
Hi, I’m Emily Griffin from the IP and Technology team here in Skadden London. In this Byte, we’ll break down the meaning of SaaS, PaaS, IaaS, and DaaS. They’re more than just acronyms. They describe the core models that power today’s digital economy. Let’s start with SaaS, Software-as-a-Service. This is where users access software online, usually by subscription. Think email, CRM tools, or accounting platforms. The provider hosts the application and manages updates, often relying on third-party infrastructure providers. Salesforce and Microsoft 365 are classic examples. Tools used daily by businesses with no installation or internal hosting needed.

(00:48):
PaaS, or Platform-as-a-Service gives developers the foundation to build and deploy their own apps without managing the underlying hardware or operating systems. Google App Engine is one example. It lets developers launch scalable apps without having to manage service directly.

(01:02):
IaaS, Infrastructure-as-a-Service offers virtualized computing resources, server storage, networking on demand. This lets businesses run their own platforms and applications while scaling infrastructure as needed. Amazon Web Services is an example of an infrastructure-as-a-service provider. And DaaS, Desktop-as-a-Service requires cloud-hosted desktops that users can access remotely. Citrix and Azure Virtual Desktop make this possible and have become increasingly relevant for hybrid working models. Together, these models form a cloud stack from raw infrastructure to developer platforms to software delivery, and finally, to end user computing. Understanding where business sits in the stack is crucial for regulatory compliance, legal, and commercial risks.

(01:43):
SaaS and DaaS providers, for example, often take on responsibility for uptime and data protection compliance. PaaS and YaaS can raise questions about ownership of user-developed tools, allocation of risk for infrastructure outages, and use of open-source or third-party code.

Voiceover (01:58):
Thanks for listening to Bytes. Be sure to subscribe for more tech insights. Additional information about Skadden can be found at skadden.com.

Listen here or subscribe via Apple Podcasts, Spotify, YouTube or anywhere else you listen to podcasts.

See all episodes of SkadBytes: Tech Innovation Meets Regulation