Archive for the ‘Enterprise’ Category

VeriSign’s New Cloud Identity Initiative

April 21, 2010

We’re very excited today about the VeriSign announcement of a new industry collaboration (which includes Conformity) to build trusted online identity solutions that will help accelerate SaaS and cloud adoption.   In conjunction with the initiative, we’re working with VeriSign as well as Ping Identity, Qualys and TriCipher to establish a blueprint for achieving identity trust by combining technologies and services with proven policies and certification programs.   The effort spans the major requirements for achieving identity trust, including

  • Strong mutual identification
  • Provisioning
  • Federation
  • Vulnerability and Compliance Management

We totally agree with Nico Popp, vice president of product development at VeriSign when he says “Trust won’t happen if users worry their identities are vulnerable, or if they’re unsure whether the cloud-based service they’re accessing is legitimate.  That makes identity trust the essential ingredient for cloud migration – and an industry imperative for SaaS providers.”

Read the full announcement here >>

SaaS Adoption and the ‘Scaling’ of Management Pain

March 2, 2010

The current approach most organizations are taking to managing SaaS applications and user access is unsustainable.

In our webinar today on SaaS, Access Controls and Compliance (an on-demand recording can be viewed here), we shared the reasons we think organizations are setting themselves up for a costly fall as they accelerate SaaS and cloud adoption:

  • The hidden costs of cloud applications – as SaaS apps have largely been deployed around IT, the costs of management and administration have also remained ‘hidden’  from CIOs and IT executives.  Manual, redundant administration of users and access results in costs and risks that often shock executives when we bring it to their attention.  For example, we’re finding that identity ‘exceptions’ across SaaS apps in customer environments typically range from 5-20%.  Translation – nearly 1 in 5 SaaS users today have inappropriate access or multiple, inconsistent identities across systems.  The risk and compliance implications of this go without saying…
  • The scaling of management pain – each new SaaS app deployed creates another ‘source’ of user identity and associated authorizations.  The need to understand roles, profiles and permissions across apps means that the hidden costs and risks of SaaS expand exponentially with adoption.  Thus not only are costs not yet visible at the executive level, they’re rapidly scaling with SaaS and cloud adoption!
  • The oncoming SaaS management ‘tsunami’ – it’s almost universally true that SaaS and cloud adoption is accelerating across nearly every market segment.  Combine this fact with the ‘scaling’ of management pain, and you start to see why we think organizations are headed for trouble.   While today it appears that manual and spreadsheet-based approaches to managing SaaS users and access will ‘work for now’, trouble is rapidly growing beneath the surface, as internal auditors, IT operations and administrators will tell you.

IT management problems are often analagous to heart disease  – foresight and preventative steps (diet and exercise) are far preferable to open heart surgery after the problem gets out of control.

Unfortunately as SaaS and cloud adoption accelerates many organizations today are on the costly path to the operating table…

Conformity Announces Integration and Partnership with VeriSign

February 10, 2010

We are excited to announce today a new partnership and integration with VeriSign. With our integration with the VeriSign® Identity Protection (VIP) Authentication Service , Conformity customers will have the ability to secure and safeguard critical cloud application access and authorization information, and have the ability to provide enterprise-class security to Conformity users. We also plan on extending our integration with VIP to provide additional functionalities to our customers in the areas of provisioning and policy enforcement.

In addition, we have also announced that we will be referring each other’s offerings to enteprise customers with a need for enhanced user authentication and authorization management for their cloud applications and users, and to engage in joint marketing and sales activities. We’re excited about the partnership, and look forward to working with the VeriSign team and our joint customers.

Thinking about “The Cloud”

February 10, 2010

Thanks, Scott, for the warm welcome to Conformity’s Blog universe.  I’ve been at Conformity for just about a month now, and I’ve been appointed (is there an opposite of disappointed?) at the excitement around the space, the quality and dedication of the team, and the interest in “our problem” (identity in the cloud) by customers and prospects.

Of course, unless you’ve been under a rock for the past, say, 10 years, you’ve no doubt heard that Cloud Computing (or On-Demand before that or ASP’s before that or Grid’s even before that) will solve everything from bad breath and world hunger to global warming and peace in our time.  While many of the developments are truly exciting, what we today call Cloud Computing should have been expected as an obvious trend from a whole collection of trends that have led up to it.

Why?  Because every advanced endeavor ultimately evolves into increasingly smaller and focused areas of specialization, where we (as individuals or business units or corporations) pay someone else to do things we’re either too busy, too inexperienced, or too lazy to do ourselves.

I suspect few of you reading this now actually grow your own vegetables.  It’s not that you can’t, mind you, since it’s not all that hard.  But farmers and grocery stores and the whole infrastructure behind the process of getting lettuce and carrots into the trunk of my car do it faster, cheaper, and better than I can (or am willing to – I do have small children, after all).

Historically, providing whatever computing services businesses large and small use in the course of their primary business activities has been difficult enough and expensive enough that these same businesses formed “IT Organizations” to provide those services for them (believing — largely correctly — that the IT group could do it faster, cheaper, and better than they could — an early and surprising enduring form of specialization).

No reason why this same process won’t happen again and again and again, with increasing segments of what has traditionally been the purview of what we now call an “on-premise” IT service being delivered by external entities that can perform more and more elements of what IT has traditionally done themselves, and with IT’s role evolving along the way.  With the introduction of a good enough transmission medium (the Internet), a good enough computing platform (LAMP stack, with or without virtualization), and sufficient consolidation, standardization, and economies of scale around certain business applications (e-mail, SFA, CRM, HR, etc), and *POOF* Cloud Computing and Cloud-based Applications are born.

The interesting news (and for companies like Conformity and our partners the good news) is that each of these forays into these areas of specialization come with their own technical and business challenges that must be solved along the way.  We, as technology professionals, get another chance to try to address long-standing questions around business process, pricing, ease-of-use, and the never-ending quest for a more efficient way to separate and distinguish between what Geoff Moore calls “core” versus “context”.

I won’t attempt to address the specifics of how we’ll be solving bad breath, world hunger, global warming, and peace in our time today (must leave something interesting to write about in future posts), but wanted to begin the dialog around what is and is not particularly new about Cloud Computing, what problems we might expect need to be solved (because they *are* different from what’s come before) and which problems are simply old wine in new bottles…

Recap: Enterprise SaaS Working Group – Identity Management in the Cloud

December 4, 2009

We had a great second meeting of the Enterprise SaaS Working Group this week, which focused on the topic of access and identity management for the cloud.  Participants in the session included Chris Bedi from VeriSign, Peter Dapkus from  Salesforce.com, Ryan Nichols from Appirio (who also provided a great summary of the event on the Appirio blog), Steve Coplan from  The 451 Group, Michael Amend from Dell, Doug Harr from Ingres and Scott Carruth from Initiate Systems.   Our initial discussion focused on the unique management challenges created by SaaS and cloud applications due to the the identity silos they create in the enterprise as shown below.

Cloud identity in the enterprise

The ensuing roundtable discussion focused on the impact these issues are having in the enterprises, with a particular focus on the following topics:

  • Speed bump or show stopper – on the question of whether access and identity management issues were a going to be a ‘speed bump’ or ‘show stopper’ for SaaS adoption in the enterprise, the answer really revolved around timing and depth of penetration.  While today it is more of a speed bump for initial adoption in the enterprise (or else we wouldn’t be seeing enterprise deals today), the issues become more problematic when considering what it will take for SaaS and cloud applications to become a ‘mainstream’ technology. Taken from that perspective, there was agreement that identity issues around access, authentication and authorization created by SaaS identity ‘silos’ were going to soon become major, and that they need to be reconciled and addressed.  
  • The directory redefined – one of the questions we posed around the future of the corporate directory, and whether enterprises would ever permit it to live in the cloud.  Chris Bedi of VeriSign made the great point that the more relevant and important question is around what a directory really becomes in a cloud-centric environment – where it ends up residing will be a function of how that question is answered.
  • Federated identity – related to the directory point, the group generally also agreed that in a cloud-centric (or even hybrid SaaS/on-prem environment) that there was unlikely to be a monolithic directory or source of identity related data, and that SaaS applications, HR systems and directories (on-prem and cloud) would also likely each contain ‘versions of the truth’ that will need to be synchronized and federated.  Ryan Nichols provided a very interesting example of how Appirio themselves have built a cloud-centric organization with Salesforce.com and Google both providing separate but complementary directory and identity data.
  • Identity done right – Doug Harr made the excellent point that current cloud identity challenges actually offer an opportunity for SMB and midsize enterprises who haven’t been able to invest in identity and systems management technologies to date to ‘get it right’.   IAAS and cloud-based identity management services will likely make these capabilities cost-effective for these target markets for the first time, enabling these organizations to effectively ‘white sheet’ their identity management approaches for both cloud and on-premise applications.

The full recording of the webinar is available and can be access by clicking here.  Please drop us an email as eswg@conformity-inc.com to be added to our mailing list, and to be notified of future Enterprise SaaS Working Group news and events.

Conformity named to Network World’s Top 10 IT Management Start-Ups to Watch

December 3, 2009

We’re  honored to announce that Conformity has been named to Network World’s prestigious Top 10 List of IT Management Start-Ups to Watch for 2009. This year’s list features emerging management technologies that help IT organizations deliver optimized services in increasingly virtualized and cloud-computing-oriented environments.

We’re particularly excited by the fact that the focus of this year’s list reflects the realization that ‘the other shoe is about to drop’ with SaaS and cloud applications, and that IT is going to need a new generation of solutions to help address the unique identity and systems management challenges created by on-demand technologies.  Jasmine Noel, co-founder and principal analyst at Ptak, Noel & Associates characterized it well in the article, commenting that “Conformity offers an interesting concept because if all IT managers do jump on the cloud, then they are going to have to figure out the best way to integrate and manage access to these services, while ensuring that everyone’s identity is consistent.”

We believe that the initial challenges that enterprise CIOs are facing around SaaS and cloud identity (user authentication, provisioning, etc.) are just the tip of the iceberg, both in terms of the breadth of the coming problems and the solution that Conformity will be providing.  The migration to SaaS and cloud applications creates a fundamental convergence of identity and systems management issues, creating the need for a ‘rethink’ of what management solutions need to be in a cloud-centric environment – that’s our mission here at Conformity, and we’re excited about the validation of our vision by Network World.

Read the full article here >>

12/2 Enterprise SaaS Working Group webinar – Access and Identity Management for the Cloud

November 16, 2009

We’re excited to announce that on December 2nd  at 10:00am PST / 1:00pm EST we’ll be holding the second meeting of the Enterprise SaaS Working Group on the topic of Access and Identity Management for the Cloud.

One of the recognized challenges with SaaS in the enterprise is the silos of identity that are created by cloud applications. Each service contains its own ‘version of the truth’ around users, permissions and credentials, disconnected from legacy directory services and identity management systems. Based on feedback from our first event, this meeting will focus on the identity management and access control issues that need to be addressed for SaaS to become truly mainstream in the enterprise. Discussion will focus on several questions including:

  • SaaS identity issues in the enterprise – speed bump or show stopper?
  • What will be the identity source(s) in a cloud-centric world?
  • Can separate cloud and on-premise user identities co-exist?
  • Will enterprise IT ever put corporate directories in the cloud?

Participants in the session will include:

The discussion will focus on critical issues and corresponding best practices in the areas of access management, authentication, identity synchronization and identity policy enforcement and will include a Q&A session open to all attendees. Click here for more information and to register for this exciting event!

Register now >>

Emerging Best Practices – Extending Microsoft Active Directory to SaaS and Cloud Applications

November 13, 2009

Though cloud and SaaS solutions are seeing rapid adoption in the enterprise, management of these applications is not aligned with traditional IT controls and policies.  SaaS has been deployed and managed largely by business users, with limited input from CIOs and IT organizations.  As these cloud-based technologies replace mission-critical on-premise applications and host sensitive organizational data, enterprise IT is now regaining their ‘seat at the table’.   When seeking to extend policies and controls to SaaS, these IT organizations are disappointed to learn that existing directories and  IT management technologies don’t easily extend to the cloud.  These organizations struggle to achieve alignment of SaaS and cloud solutions with established enterprise identity sources including Human Resources Information Systems (HRIS), directory services, and Identity Management (IdM) solutions.  This alignment and resulting visibility and control is critical for IT and Finance departments concerned with regulatory compliance, governance, and identity and access management.

Given the role that Microsoft Active Directory and associated proxy services play in  providing centralized authentication, access control, and identity synchronization for on-premise applications  it would seem to be a logical integration point to also harness SaaS and cloud solutions.  Unfortunately IT organizations are finding that AD itself does not easily extend into leading SaaS applications, with direct integration difficult if not impossible.

Despite this inability to directly integrate AD with major cloud applications, forward-thinking enterprises are focusing on a “loose coupling” of on-premise Microsoft Active Directory and SaaS solutions through new third party management solutions.  This approach allows an integration path with the existing, deployed directory technologies and does not require major adjustments in the SaaS vendor technology roadmaps.  By integrating the current SaaS and directory solutions, the enterprise can align critical services including user identity and attributes, login services (Single Sign-On), and IT policies.  This alignment can lead to immediate benefits in security, IT efficiency, and governance and regulatory compliance.  In our new white paper, Extending Microsoft Active Directory to the Cloud, we explore the approaches and solutions organizations are leveraging to identity synchronization, policy enforcement and single sign-on (SSO).

Click here to request a free copy >>

Recap: The Enterprise SaaS Working Group

October 1, 2009

It’s been an exciting few days here at Conformity after our recent GA announcement and the kickoff of the Enterprise SaaS Working Group yesterday.  We had a very lively, engaging debate on the key issues the group believes need to be addressed for SaaS and cloud applications to become ‘mainstream’ technologies in the enterprises.  The group featured a diverse set of executive perspectives from cloud vendors, thought leaders and practitioners, and included:

A quick highlight of some of the discussion yesterday:

  • PaaS/SaaS – which model ‘wins’ in the enterprise? While opinions differed, a common sentiment shared by the panel was that there’s not going to be ‘right answer’ for all organizations.  Depending on the industry vertical, business process or IT management model PaaS or SaaS could be the ‘right answer’, and in many situations organizations could have PaaS and SaaS offerings sitting side by side.   
  • Private clouds – part of the answer or indicative of SaaS market immaturity? As with the PaaS/SaaS discussion a common theme was ‘it depends’.  The core advantage to SaaS and cloud delivery models is the ability to share resources – what part of the stack organizations decide they’d like to share will likely be driven primarily by security concerns and issues.  A likely scenario, as with PaaS/SaaS, is that different models will likely be adopted by different types of organizations depending on security and operational requirements.
  • Enterprise SaaS adoption – when does it overtake on-premise? Two different perspectives were discussed around when SaaS will overtake on-premise apps in the enterprise.   A common belief of the group was that SaaS is winning in a majority of new deals in the enterprise today, with the perspective shared that 50-75% of enterprises would ‘flip the switch’ on cloud in some manner by approximately 2012.  Peter Coffee of Salesforce also shared his belief that total installed base for SaaS would outnumber on-premise apps by 2020, though there would also likely be 1-2% of the market that would be ‘holdouts’.
  • Any applications that SaaS/cloud won’t be able to penetrate? If architected and deployed correctly, there are no perceived areas in which SaaS and cloud application models could not be leveraged with Peter Coffee of Salesforce , Tom Fisher of SuccessFactors and Ryan Nichols of Appirio all providing compelling examples of large scale, transaction intensive customer deployments.

The full recording of the webinar is available and can be access by clicking here.  Also, Ryan Nichols at Appirio had a great post on their perspective on our discussion topics here.

Please drop us an email as eswg@conformity-inc.com to be added to our mailing list, and to be notified of future Enterprise SaaS Working Group news and events.

Conformity Announces GA Release of First Enterprise-Class Management Platform for SaaS and Cloud Apps

September 30, 2009

We’re excited to announce today the general availability of the Conformity solution, which provides customers the first enterprise-class management platform for cloud applications and users.  The Conformity solution is designed to arm enterprises with the same level of visibility and control over on-demand applications as they’ve come to expect with traditional packaged apps.  With our solution, enterprises can now be confident bringing new cloud applications into their business environments, knowing there will no longer be compromises made in the areas of management processes, insight and control.  With today’s GA, enterprises can:

  • Increase data security and reduce compliance risks
  • Optimize license allocation and expenses
  • Automate and streamline administration
  • Expand and extend enterprise usage of SaaS and cloud applications

Specific capabilities of the Conformity solution include:

  • User provisioning – provides centralized point of provisioning and deprovisioning of users accounts within cloud applications, and ongoing management of user permissions and authorizations.
  • Role and profile management – enables organizations to centrally manage cloud application roles, profiles and permissions through normalized permission models, and maps policies to users and roles.
  • Approval workflows – provides auditable cross-functional approval processes for users requiring new or amended access permissions, or role and profile changes.
  • Directory integration – enables organizations to seamlessly synchronize Conformity’s user repository with on-premise directory services.
  • Compliance reporting – provides reports required for effective preparation for audits for SOX, HIPAA, PCI and other regulatory mandates and standards.
  • Usage analytics – provides visibility, analytics and reporting on cloud application and license utilization.
  • Change management – enables archiving, management and recovery of application configurations and role models.

The Conformity platform provides templates, tools and workflow needed to manage all cloud applications in a customer’s environment.  Conformity also provides additional analytics, reporting and provisioning automation through integrations with the following leading cloud applications:

The Conformity platform also supports directory integration for Microsoft Active Directory, and is compatible with industry standards such as SPML, SAML and WS-Federation.

Please click here to read the full announcement, and stay tuned for more upcoming news!!!