Welcome!

@CloudExpo Authors: Pat Romanski, Yeshim Deniz, Liz McMillan, Jason Bloomberg, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security

@CloudExpo: Blog Post

The Challenge of Herding Cats: Your SaaS Portfolio and Security

As SaaS portfolios grow, the cloud-based SSO offers a centralizing alternative

It’s obvious the rise of SaaS (software-as-a-service) has changed the game. The benefits of subscribing to a cloud-based application service are already well-known and documented: cost-efficiencies, speed, hands-off maintenance, etc… It’s no longer an emerging practice and, for most IT managers, has become an inextricable component of any go-forward IT network strategy. What this means is now there are dozens of new sign-ons per user from a variety of endpoints (including mobile and tablet). And if we are talking enterprise-wide deployments, this is can be as challenging as herding cats.

And since it is highly likely, a SaaS portfolio will continue to grow, so will the challenges and the need to centralize authorization and control of all these new applications. Many organizations have considered single-sign on, but during recent needs for economic belt-tightening, see it more as a potential future expense.

I have seen estimates of upwards of $300,000 dollars (Montclair Advisors) to deploy and manage (just Year 1 alone) SSO on-premise, which is why I understand the reticence to actively move forward on this initiative. (Estimates amortized over 5 years put the figure at more than $2 million) However the cloud alternative can provide nearly a 75% savings. This makes deployment affordable for most modest-sized organizations looking to maximize the efficiencies of cloud-based applications. These figures include the software, set-up, infrastructure modifications, hardware purchase, service, maintenance, but also the ongoing administration of the solution.

There are those that realize the significant savings, instant scalability and accelerated time to value is enticing, but simply don’t trust security from the cloud. Most articles I come across regarding cloud-based applications revolve around the security debate. But these articles question the security of the applications themselves, not security-as-a-service. The issue persists just how secure is the cloud? Well, very secure if you have battened down the hatches on your own security initiatives, If you deploy a strong SSO program that not only creates a single authorized entry to these applications that also uses federated interoperability so you can expand protection beyond employee users to subsidiaries, trusted partners and other collaborative business partners.

Let’s look at the benefits of cloud-based security SSO another way. So you have all these apps (salesforce.com, GoogleDocs, ADP, Sharepoint, Webex/GoToMeeting, etc…) that your 500, 1000, 10,000 employees and other authorized users need to access regularly. How many sign-ons are that? How many potential open doors from however many endpoints are that? How many passwords? Before you faint from the overwhelming gravity of the issue, what if you could funnel and channel into a single sign on? And, what if you didn’t have to spend a significant portion of your day administering logins or forgotten passwords? How much easier has your day become? Or more to the point, how many internal resources have just been freed up to attend to high value tasks?

The SaaS genie is out of the bottle and the reliance on cloud-based applications outside your direct control is only going to increase. The efficiencies are showing to outweigh some security concerns. However, by applying the same cloud-based thinking to a cloud-based problem, you are able to manage the best of both worlds. But obvious cloud bias aside, the best way to maintain control is to deploy a policy that spells out what are permissible applications for any endpoint that touches your network, and distributes access to applications that pass your smell test through the single-sign on channeling process.

I have previously written about Identity Management managed from the cloud. Single-sign on is a component of that overall strategy considering that your sign-on credentialing can be customized to individual roles and responsibilities. For instance when a sales person sign on, they get the authorized access to CRM, sales reports, etc… What they don’t get is access to payroll or HR or R&D applications unless their responsibilities require it. If someone can’t get access to data that they really should not touch, your risk of data loss/theft or breach is diminished.

The central tenets of deciding whether SSO security-as-a-service is a positive addition to your arsenal must be based on a combination of three things: functionality, cost, and control. Does your solution handle the applications you depend on? Can it leverage and incorporate those you have previously invested in and live on your servers? Have you weighed the Total Cost of Ownership and calculated the ROI? And lastly, does centralization improve risk mitigation, IT resource deployment and maintain compliance requirements.

The cloud-based security solution I am familiar with says yes. It provides you with a large and powerful lasso to help start reigning in those pesky cats!

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
SYS-CON Events announced today that Cloud Academy named "Bronze Sponsor" of 21st International Cloud Expo which will take place October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara, CA. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud com...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists looked at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deliver...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
The Internet giants are fully embracing AI. All the services they offer to their customers are aimed at drawing a map of the world with the data they get. The AIs from these companies are used to build disruptive approaches that cannot be used by established enterprises, which are threatened by these disruptions. However, most leaders underestimate the effect this will have on their businesses. In his session at 21st Cloud Expo, Rene Buest, Director Market Research & Technology Evangelism at Ara...
When growing capacity and power in the data center, the architectural trade-offs between server scale-up vs. scale-out continue to be debated. Both approaches are valid: scale-out adds multiple, smaller servers running in a distributed computing model, while scale-up adds fewer, more powerful servers that are capable of running larger workloads. It’s worth noting that there are additional, unique advantages that scale-up architectures offer. One big advantage is large memory and compute capacity...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.