End-users continue to move toward the value they see in software-based services and Cloud apps of all kinds. Needs typically focus on improving collaboration across employees and departments; connecting in more effective ways with others in the supply chain, including partners, suppliers, and customers; and getting products and services to market faster. In the move toward Cloud apps, end-users are becoming increasingly savvy about security needs, particularly when it comes to what works and what doesn’t for accessing Cloud apps and being able to move and navigate information between enterprise systems and those hosted outside the data center. Social media trends have a lot to do with the sophistication of the end users in today’s information ecosystems.
And as the value of Cloud apps becomes more apparent to end-users and security becomes more user driven, CIOs are left with, among a few other things, the challenge of keeping up, leveraging where possible existing infrastructure, pushing for a good balance between standardization and customization, ensuring that complete information governance and management principles and automation are in place or in sight, and that vendor relationships, accountabilities, and service provider responsibilities and SLAs fit the corporate culture for risk, are well defined and supportable by the enterprise.
Merit Medical is a perfect case-in-point. The Merit sales and marketing team quickly identified Google apps and other SaaS applications as keys to their collaboration strategy, and in working with the CIO, they just as quickly found service-based solution to security - a hybrid of identity and access management - as a service platform with on-premise hardware/software and remote management. By clearly defining user and CIO requirements, sales and marketing was able to launch an effective information sharing and collaboration platform for the product marketing, direct and channel sales, and training functions using Google applications and other third-party SaaS solutions with an effective and simple identity and access management system that met all the needs not just of the end-user but of the CIO as well.
Action Item: CIOs, particularly of midsize firms, should listen to their end-users. Understand and acknowledge the value they see in Cloud apps, and understand the options for security as a service, particularly in the area of identity and access management. Lastly, understand the difference between identity and access management in the Cloud and single sign-on of the old days, and look for solutions for the complete identity and access management lifecycle – identification, provisioning/de-provisioning, entitlement granting, auditing, and lifecycle administration.