September 29, 2025

The Journey from SaaS to Agentic: Why Infrastructure Matters?

POSTED BY
Nicole Anderson
CEO, Co-Founder

SaaS and the Cloud as an Abstraction Layer

For two decades, SaaS and cloud acted as an abstraction layer. Customers focused on the application, while the underlying infrastructure was hidden from view. Vendors managed compute, storage, and networks. Customers cared about uptime, features and maybe where the database was hosted. Risk lived in the app layer, not the infra.

The Agentic Shift

Agentic systems break that pattern. Software no longer just analyses but acts. Agents can update records, send messages, or even move money between systems. That shift turns data risk into business risk, because a mistake or misuse doesn’t just produce bad insight. Rather it can trigger a live transaction or an operational failure.

The New Dependency

With agentic software, the questions expand. Where is data processed? Who controls the encryption keys? What evidence remains if something goes wrong? Unlike traditional cloud applications, the agentic layer cannot operate as a self-contained feature. It is deeply dependent on the infrastructure beneath it. And it’s the security, sovereignty and control of that infrastructure that now define whether the system can be trusted.

From Hidden Complexity to Visible Risk

Traditional SaaS kept complexity hidden. Agentic software changes the equation. Agents don’t just report, they act. And risk now flows directly from the technology stack itself.

Enterprises can no longer treat infrastructure as a back-office concern. They need to understand how each layer can introduce business risk.

The Agentic Roadmap - 5 Infrastructure Driven Risks

Here are five areas where the underlying stack determines whether agentic software is safe, sovereign, and sustainable:

1. Zero-Retention Inference → Risk of unintended data exposure

Inference is the stage where an AI system takes your input (a prompt, query, or file) and generates an output. In this process, the model briefly loads your data into memory so it can respond. If the infrastructure is designed to be zero-retention, that data disappears immediately once the response is delivered. If not, prompts, outputs, or embeddings can linger in logs, error reports, or caches, even temporarily. That creates a direct risk. Sensitive information may be exposed, reused, or even inadvertently used to improve a vendor’s global models.

2. Separation of Storage, Processing and Semantics → Risk of lock-in

When data processing and business semantics are fused inside a single vendor stack, customers face higher switching costs and reduced leverage. This limits flexibility and raises financial and operational risk if the vendor’s terms or pricing change. Eg. Industry observers have warned that Salesforce’s dominance in CRM and Slack integration strategies increasingly create closed ecosystems, pushing customers into tighter dependencies.

3. Precise Residency Maps → Risk of regulatory breach

Storing data locally is no longer enough. If inference jobs are processed outside the declared jurisdiction, enterprises risk falling out of compliance with data protection and sector-specific regulations. As Europe pushes toward data sovereignty, analysts emphasize that ‘data residency is no longer enough’ when AI workloads dynamically cross boundaries during inference or model calls.

4. Device and Edge Boundaries → Risk of uncontrolled execution

If agents default to running in environments outside enterprise control, on unmanaged devices, third-party clouds, or cross-border servers, customers face elevated risks of leakage, mis-execution or loss of auditability. Eg. Apple’s Private Cloud Compute model has been praised by independent researchers as a meaningful advance in extending device-grade privacy guarantees into the cloud, but critics note that once data hands off to ChatGPT, Apple’s assurances no longer apply. This highlights the fragility of trust when execution boundaries blur.

5. Open Infra vs. Closed Terms of Service → Risk of business disruption

Closed APIs or sudden terms-of-service changes can cut customers off from their own data or prevent integration with other systems. Without open infra and standards, continuity of operations depends entirely on vendor discretion. Eg. In May 2025, Salesforce revised Slack’s API terms to ban third-party applications from indexing or storing Slack messages. Enterprise AI search vendor Glean confirmed that this change broke its integration, effectively cutting customers off from their own Slack history within Glean’s platform. Analysts view this as an intentional move to consolidate Salesforce’s data moat and limit external AI competition.

Infra is the Real Trust Layer

Agentic SaaS will define the next decade of enterprise software. For enterprises, that means looking at the full stack not just through a technology lens, but as a source of business risk and business resilience. Each of the five areas - data exposure, lock-in, regulatory breach, execution risk, and business disruption can tip the balance between adoption with confidence and adoption with consequences.

At Redsand, this is where we focus: building infrastructure that gives customers control, sovereignty, and trust by design. Because when software becomes an agent acting on your behalf, trust is no longer a feature, it’s the infrastructure. And that’s the layer Redsand builds.

--

References

  • Corptec: How Ethical is Salesforce Generative AI? Analysing Top 5 Security Concerns – highlights concerns around trust claims and data handling (corptec.com.au)
  • Reworked: Salesforce’s Slack API Restrictions Spark Broader Questions on Future of AI – analysis of Slack API changes and ecosystem control (reworked.co)
  • Computerworld: Salesforce Changes Slack API Terms to Block Bulk DataAccess for LLMs – details on Slack policy changes and impact on third parties (computerworld.com)
  • https://incountry.com/blog/ai-data-residency-regulations-and-challenges/
  • https://www.nordicai.com/insights/from-data-residency-to-data-sovereignty-security-challenges-in-europes-ai-development

More Insights

Redsand and Botteq Automation Partner to Launch Sovereign Agentic AI Infrastructure Across the Middle East

September 15, 2025

Redefining AI Infrastructure: Where Speed, Privacy, and Cost Collide

July 18, 2025

AI Resilience: What It Is and Why It Matters More Than Ever

March 6, 2025
About UsTechnologyServices
Use Cases
Insights
Get In Touch
(   Social   )
(   Contact   )
hello@redsand.ai
Close Cookie Popup
Cookie settings
By clicking "Accept all cookies", you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Accept all cookies
Close Cookie Preference Manager
Cookie settings
By clicking 'Accept all cookies', you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings