Archive for the ‘MSE’ Category

Recap: Enterprise SaaS Working Group – Identity Management in the Cloud

December 4, 2009

We had a great second meeting of the Enterprise SaaS Working Group this week, which focused on the topic of access and identity management for the cloud.  Participants in the session included Chris Bedi from VeriSign, Peter Dapkus from  Salesforce.com, Ryan Nichols from Appirio (who also provided a great summary of the event on the Appirio blog), Steve Coplan from  The 451 Group, Michael Amend from Dell, Doug Harr from Ingres and Scott Carruth from Initiate Systems.   Our initial discussion focused on the unique management challenges created by SaaS and cloud applications due to the the identity silos they create in the enterprise as shown below.

Cloud identity in the enterprise

The ensuing roundtable discussion focused on the impact these issues are having in the enterprises, with a particular focus on the following topics:

  • Speed bump or show stopper – on the question of whether access and identity management issues were a going to be a ‘speed bump’ or ‘show stopper’ for SaaS adoption in the enterprise, the answer really revolved around timing and depth of penetration.  While today it is more of a speed bump for initial adoption in the enterprise (or else we wouldn’t be seeing enterprise deals today), the issues become more problematic when considering what it will take for SaaS and cloud applications to become a ‘mainstream’ technology. Taken from that perspective, there was agreement that identity issues around access, authentication and authorization created by SaaS identity ‘silos’ were going to soon become major, and that they need to be reconciled and addressed.  
  • The directory redefined – one of the questions we posed around the future of the corporate directory, and whether enterprises would ever permit it to live in the cloud.  Chris Bedi of VeriSign made the great point that the more relevant and important question is around what a directory really becomes in a cloud-centric environment – where it ends up residing will be a function of how that question is answered.
  • Federated identity – related to the directory point, the group generally also agreed that in a cloud-centric (or even hybrid SaaS/on-prem environment) that there was unlikely to be a monolithic directory or source of identity related data, and that SaaS applications, HR systems and directories (on-prem and cloud) would also likely each contain ‘versions of the truth’ that will need to be synchronized and federated.  Ryan Nichols provided a very interesting example of how Appirio themselves have built a cloud-centric organization with Salesforce.com and Google both providing separate but complementary directory and identity data.
  • Identity done right – Doug Harr made the excellent point that current cloud identity challenges actually offer an opportunity for SMB and midsize enterprises who haven’t been able to invest in identity and systems management technologies to date to ‘get it right’.   IAAS and cloud-based identity management services will likely make these capabilities cost-effective for these target markets for the first time, enabling these organizations to effectively ‘white sheet’ their identity management approaches for both cloud and on-premise applications.

The full recording of the webinar is available and can be access by clicking here.  Please drop us an email as eswg@conformity-inc.com to be added to our mailing list, and to be notified of future Enterprise SaaS Working Group news and events.

Advertisements

The Three Key SaaS Management Challenges

October 15, 2009

We find very few people today that would dispute the notion that SaaS and cloud applications have become mainstream technologies in SMB and the midmarket.  The challenges for the SaaS industry are also changing as a result.   With the battle over the viability of the on-demand model largely won,  the questions are now turning to the operational and IT management  implications of a SaaS-centric environment.

Our customers and prospects here at Conformity are forward-thinking organizations that are aggressively leveraging the cloud delivery model for multiple, if not a majority of their business applications.  Given our strong  belief in the SaaS and cloud model, we believe that they are a good indicator of trends we’ll shortly be seeing more broadly in the market.    All of these organizations are struggling with what their management processes and approaches look like in a purely ‘on-demand’ model.   Among these multi-SaaS organizations we’re consistently seeing three general problem domains:

  1. User provisioning and administration – as they’re optimized for different problem sets, all major SaaS applications have fundamentally different ways of thinking about users, roles, profiles and permissions.  Organizations have tended to have separate business administrators for say Salesforce.com, NetSuite and SuccessFactors.  Each of these admins as a result has had to develop a separate model of their organization, deparments and role structures, with the result being that various siloed identity stores have been created across the organization.  These stores are are all independent from each other and from on-premise directory services (Microsoft AD) and identity management solutions.  Normalizing these identity stores in support of centralized, streamlined administration and reporting is a common theme we’re hearing, and what what our solution here at Conformity is addressing.
  2. Single sign-on (SSO) / authentication – another common challenge we’re hearing is the desire to provide end-users the ability to access multiple SaaS applications (and often on-prem apps as well) using a single set of credentials, both for end-user convenience and security purposes.  This is the problem set being  addressed by vendors such as Ping Identity, Tricipher and Symplified.
  3. Data integration – the final theme we’re hearing is around cross-application data integration, and the desire to integrate multiple ‘best of breed’ applications across a common business processes or workflow.  This issue set consists of integration of cloud apps to both cloud and on-premise applications.   This is the domain being addressed by vendors such as Cast Iron Systems, Pervasive and Boomi.

While the data integation challenge is fairly distinct from the first two challenges, significant market confusion exists around provisioning and SSO, and whether a solution in one addresses both areas.  The short answer is no – the very simple analogy we use is that SSO tells you if you should let the visitor knocking on the front door into the house – provisioning and permissions management provides guardrails around what they can and cannot do once they’re in the front door.  Both are needed, but complementary capabilities – more to come on this….

Recap: The Enterprise SaaS Working Group

October 1, 2009

It’s been an exciting few days here at Conformity after our recent GA announcement and the kickoff of the Enterprise SaaS Working Group yesterday.  We had a very lively, engaging debate on the key issues the group believes need to be addressed for SaaS and cloud applications to become ‘mainstream’ technologies in the enterprises.  The group featured a diverse set of executive perspectives from cloud vendors, thought leaders and practitioners, and included:

A quick highlight of some of the discussion yesterday:

  • PaaS/SaaS – which model ‘wins’ in the enterprise? While opinions differed, a common sentiment shared by the panel was that there’s not going to be ‘right answer’ for all organizations.  Depending on the industry vertical, business process or IT management model PaaS or SaaS could be the ‘right answer’, and in many situations organizations could have PaaS and SaaS offerings sitting side by side.   
  • Private clouds – part of the answer or indicative of SaaS market immaturity? As with the PaaS/SaaS discussion a common theme was ‘it depends’.  The core advantage to SaaS and cloud delivery models is the ability to share resources – what part of the stack organizations decide they’d like to share will likely be driven primarily by security concerns and issues.  A likely scenario, as with PaaS/SaaS, is that different models will likely be adopted by different types of organizations depending on security and operational requirements.
  • Enterprise SaaS adoption – when does it overtake on-premise? Two different perspectives were discussed around when SaaS will overtake on-premise apps in the enterprise.   A common belief of the group was that SaaS is winning in a majority of new deals in the enterprise today, with the perspective shared that 50-75% of enterprises would ‘flip the switch’ on cloud in some manner by approximately 2012.  Peter Coffee of Salesforce also shared his belief that total installed base for SaaS would outnumber on-premise apps by 2020, though there would also likely be 1-2% of the market that would be ‘holdouts’.
  • Any applications that SaaS/cloud won’t be able to penetrate? If architected and deployed correctly, there are no perceived areas in which SaaS and cloud application models could not be leveraged with Peter Coffee of Salesforce , Tom Fisher of SuccessFactors and Ryan Nichols of Appirio all providing compelling examples of large scale, transaction intensive customer deployments.

The full recording of the webinar is available and can be access by clicking here.  Also, Ryan Nichols at Appirio had a great post on their perspective on our discussion topics here.

Please drop us an email as eswg@conformity-inc.com to be added to our mailing list, and to be notified of future Enterprise SaaS Working Group news and events.

Conformity Announces GA Release of First Enterprise-Class Management Platform for SaaS and Cloud Apps

September 30, 2009

We’re excited to announce today the general availability of the Conformity solution, which provides customers the first enterprise-class management platform for cloud applications and users.  The Conformity solution is designed to arm enterprises with the same level of visibility and control over on-demand applications as they’ve come to expect with traditional packaged apps.  With our solution, enterprises can now be confident bringing new cloud applications into their business environments, knowing there will no longer be compromises made in the areas of management processes, insight and control.  With today’s GA, enterprises can:

  • Increase data security and reduce compliance risks
  • Optimize license allocation and expenses
  • Automate and streamline administration
  • Expand and extend enterprise usage of SaaS and cloud applications

Specific capabilities of the Conformity solution include:

  • User provisioning – provides centralized point of provisioning and deprovisioning of users accounts within cloud applications, and ongoing management of user permissions and authorizations.
  • Role and profile management – enables organizations to centrally manage cloud application roles, profiles and permissions through normalized permission models, and maps policies to users and roles.
  • Approval workflows – provides auditable cross-functional approval processes for users requiring new or amended access permissions, or role and profile changes.
  • Directory integration – enables organizations to seamlessly synchronize Conformity’s user repository with on-premise directory services.
  • Compliance reporting – provides reports required for effective preparation for audits for SOX, HIPAA, PCI and other regulatory mandates and standards.
  • Usage analytics – provides visibility, analytics and reporting on cloud application and license utilization.
  • Change management – enables archiving, management and recovery of application configurations and role models.

The Conformity platform provides templates, tools and workflow needed to manage all cloud applications in a customer’s environment.  Conformity also provides additional analytics, reporting and provisioning automation through integrations with the following leading cloud applications:

The Conformity platform also supports directory integration for Microsoft Active Directory, and is compatible with industry standards such as SPML, SAML and WS-Federation.

Please click here to read the full announcement, and stay tuned for more upcoming news!!!

The Enterprise SaaS Working Group – Coming Soon…

August 20, 2009

As frequently discussed in this blog, here at Conformity we believe that there are a fundamental set of issues that the SaaS industry as a whole needs to address for SaaS and cloud applications to become truly ‘enterprise-ready’.  These issues range from management access and APIs to SLAs and performance monitoring.  To provide a forum to further surface, discuss and propose solutions to these issues, in September we will be introducing the first Enterprise SaaS Working Group.  The group will discuss challenges that need to be overcome to accelerate adoption of on-demand solutions in the enterprise, and will include a broad range of perspectives from thought leaders and practitioners alike.  Participants will include:

  • Enterprise CIOs and IT executives
  • SaaS vendor executives
  • SaaS consultants and service providers
  • Industry analysts

We will be formally introducing the group at an exciting event we’re going to be hosting in late September.  Please stay tuned for more details…

SaaS, the Cloud and the ‘Big Bang’

May 11, 2009

Here at Conformity we recently wrapped up some interesting market research on the topic of adoption of SaaS and cloud-based services and the management challenges it is creating for organizations and their IT departments in particular.  Conducted in conjunction with a leading analyst firm,  we spoke with IT and business executives at nearly 50 midsize and large enterprises that were adopters of multiple SaaS applications, and who were planning on extending their adoption of the model.  We’ve summarized our findings in a new whitepaper titled SaaS, the Cloud and the Big Bang.

The results?

In organizations we spoke with, business users drove the initial wave of SaaS adoption and largely took on the associated management and support responsibilities.   In a pattern similar to what happened with distributed computing 15-20 years earlier, as SaaS adoption hit ‘critical mass’ in these organizations (particularly those with compliance exposure),  IT has been brought in to extend existing management processes, controls and tools to SaaS and cloud-based resources.

The problem?  SaaS and cloud-based services are fundamentally exploding the traditional IT management model, due to:

  • Decentralization of management – in ‘traditional’ management environments,  IT has near complete responsibility and accountability for governance and management of technology resources.  The focus on autonomous IT governance and managmeent has increased due to increasing regulatory compliance requirements (SOX, GLBA, HIPAA, PCI etc) and the resulting increase in adoption of best practice policy and control frameworks (ITIL, COBIT, ISO 17799/27001, 27002).   In the SaaS world, business users have taken on management and support responsibilities traditionally owned by IT.  For example activities such as user provisioning and permissions management, role and profile management, application customization and configuration, and vendor management are now decentralized and distributed in many organizations.
  • Loss of control – in addition to the applications themselves, metadata on users, role and profile models, authorization and credential stores, usage activity and application performance all move outside the corporate firewall.  IT loses visibility and control over this critical management data that is now fragmented across heterogeneous SaaS service providers, in addition to the applications and users themselves.
  • Broken integrations – many IT processes around application and user management are highly automated, supported by integration with on-premise directory services, identity management and systems management solutions.  These integrations largely ‘break’ in an on-demand world, and organizations are rapidly finding that creating a new management ‘blade’ for a given SaaS app in legacy management application is not a realistic, cost effective answer.  Additionally, SaaS applications must be integrated into existing business processes through configuration and management by line-of-business users, with little or no ability to automate integration into cross-application business processes.

While it is still early, clear perspectives are starting to emerge around what the characteristics of a new generation of management solutions that address the unique challenges of on-demand environments will need to include.  Organizations are finding that SaaS and cloud-based service models are driving a convergence in identity and systems management issues, which will require the reinvention of solutions that address these issues.   Areas such as  user access management, policy monitoring and enforcement, data integration and management and business process integration all need a fundamental ‘rethink’ in a cloud-based world.

If you’re interested in receiving a copy of the whitepaper, please contact us.

New Midmarket | Enterprise SaaS adoption research

June 5, 2008

Saugatuck Research recently announced the preliminary results of their most recent worldwide survey on SaaS adoption and deployment. While most of the findings are consistent with other surveys of SaaS adoption (ie continued aggressive midmarket adoption, and a rapidly awakening enterprise market), there were a couple of interesting findings of note:

  • Among ‘large enterprises’ (5,000+ employees), only 4% are not planning on deploying SaaS, a radical departure from other market data we’ve seen from as recently as a year ago
  • Midsized companies surveyed (100 to 499 employees) had a 95% customer satisfaction rate with their SaaS deployments – we can’t recall seeing a number that high for anything, let alone anything associated with software

The customer sat number, in conjunction with several other observations, begins to shed some light on the dynamics driving aggressive midmarket SaaS adoption. Namely the SaaS deployment patterns of midmarket companies, vs SMBs and enterprises, tend to be characterized by:

  • Greater focus – the Saugatuck survey indicates that midsized organizations tend to be more focused and disciplined on where they deploy SaaS applications
  • Fewer expectations – midsized companies like SaaS for the core value proposition – lower costs, faster implementation and lower management overhead, and look less then their SMB and enterprise brethren for focus on ‘core business competencies’
  • Higher satisfaction – not surprisingly, greater focus + lower expectations = high mid-market satisfaction, leading to…
  • Increased adoption – adoption rates that are continuing to outpace SMB and enterprise segments

An article discussing the highlights of the survey can be found here – Saugatuck also mentions that more detailed survey results will be made available this summer….

New Microsoft SaaS offerings

October 4, 2007

Microsoft earlier this week announced the availability of SaaS versions of Exchange, SharePoint and Forefront, as well as a new SaaS-only unified messaging service named Office Communication Server. Interestingly, the offerings are not targeted at traditional mid-market adopters of SaaS, but instead at organizations buying a minimum of 5,000 licenses. An effort to fend off Google in the enterprise???

A big week for SaaS

September 21, 2007

Quite a big week for SaaS, with both Salesforce.com and SAP making major platform and product announcements…

At their annual user conference Dreamforce, Salesforce.com introduced their new Force.com application development platform. The new ‘platform-as-a-service’ or PAAS offering (yes, another new SaaS-related acronym) extends the AppExchange environment, providing users a platform and toolset that enables them to leverage UI, logic, database and integration ‘as-a-service’ components. An early peek also was provided at VisualForce (currently only available as a developer preview), which will enable the development of custom UIs on the Salesforce.com platform. On the application side, Salesforce.com appears to be continuing its strong focus on the CRM market.

SAP also unveilved (finally) Business ByDesign, its highly anticipated on-demand mid-market ERP solution which was formerly know as A1S. With standard pricing at $149 per user per month, the jury is out around the cannibalization potential of BBD on SAP’s ‘legacy’ business, and the resulting impact that might have on SAP’s excitement around and commitment to the SaaS model.

The net net? The addition of another major player to the SaaS market and the introduction of a new platform and tools to enable the rapid development of new SaaS applications – more choices and options for organizations seeking to leverage the SaaS model, and more to eventually manage as well…

The evolving role of IT in SaaS management

August 28, 2007

One question was inevitably bound to arise with the proliferation of SaaS within organizations- whether lines of business or IT should have ‘ownership’ of SaaS applications.  Which raises another question – what actually does ‘ownership’ of SaaS applications mean?  Without the need to manage, maintain and support on-premise applications, SaaS ‘ownership’ is less about managing the software life cycle, and more about ensuring that SaaS procurement, management and usage is consistent with corporate policies.  An interesting article appeared recently in SearchSMB exploring the role that IT is playing in SaaS procurement and management.

While business units typically have had free reign over SaaS deployments, evidence is starting to suggest that the pendulum is starting to swing towards greater IT involvement. A recent survey by Saugatuck Technology cited in the article shows that while 36% of organizations procure SaaS apps with no IT involvement, 24% require SaaS products to conform to pre-established guidelines from IT, and 44% require review by joint business/IT oversight committees. And why is IT increasingly feeling the need to get involved?

  • Integration – while business units have been happy to procure SaaS at will, IT is starting to be pulled in when business units realize the need for their SaaS application to integrate with data and/or applications that reside on-premise or with another 3rd party vendor. Many IT teams are only now finding out (the hard way) how broadly SaaS has penetrated their organizations and business processes.
  • Security and compliance – organizations are rapidly realizing the need for their SaaS and web-based applications to adhere to corporate access control, security and compliance policy requirements. Many organizations are increasingly looking to IT to ensure that SaaS usage in their environment is consistent with the policies and controls they’ve developed for traditional on-premise applications.

You can read the complete article here.