|
|
Jeff Hughes brings over 18 years industry leadership and skills as a marketer, publisher and keynote speaker in high technology industries. He has also worked for McAfee, Blue Coat Systems, Webroot, and Novell over the course of his career. Hughes is the author of 12 marketing and technology books and numerous trade press articles on high technology and marketing topics. Hughes has a BS in Marketing/Minor in Computer Science from Brigham Young University and resides with his family in Scottsdale, Arizona.
|
|
 |
|
|
We're always open to hearing what other identity management professionals have to say.
Click here if you'd like to write a guest post for our audience!
|
|
|
|
|
 |
Identity Management Blog | Symplified
|
 RSS Feed
August 2010
A few weeks ago Ping Identity’s CEO, Andre Durand, threw down a challenge to stop the proliferation of passwords across the enterprise to the cloud. As you know, the cloud presents a whole new set of challenges and concerns for IT and security personnel as they attempt to keep their networks secure with users connecting to the cloud. The problem is significant in that an administrator must manage user identities across enterprise and cloud apps and also try to limit the number of accounts that get created. It’s as if we’re experiencing the same proliferation of identities all over again like we saw many years ago with the rise of the enterprise network. Many years ago a user store with its own authentication mechanism was created for many applications on the network. Users had to juggle multiple passwords which soon became an impossible task and led to “sticky note” identity management with every user pasting sticky notes on their monitors to remember their passwords.
Something similar is occurring in the cloud with these applications also requiring a user name and password. Durand says delivering true Cloud Security “requires industry-wide collaboration on standards so that scale and loose coupling can be achieved". Durand goes on to state that "Identity federation – a single, strong user password – must be at the center of this new era of Internet Identity Security. Our customers show us again and again that SSO is key to enabling the access, authorization, account management and audit capabilities necessary to ensure Cloud security and bring an end to password proliferation.” But, is federation the only answer? Federation, for most organizations brings back thoughts of difficult and challenging implementations that they have attempted or have heard about from others in the field. Single sign-on is certainly an approach to solving the enterprise to cloud identity dilemma, but it doesn’t address all the needs of an enterprise.
You need to ask yourself if the IAM solution will work with what you need. Does the solution you are reviewing provide SSO along with integration into all the apps you use or is it limited to SAML apps only? Relying strictly on SAML federation will provide at best 5% coverage for you. You need to be able to extend integrated SSO across more cloud apps. You also need to look at your current needs and implement a solution that has the flexibility for your environment. For example, if you are looking to utilize a directory store from Salesforce.com in the cloud, is there a way to utilize your existing Active Directory store and migrate identities gradually over to Salesforce.com? Or, perhaps, you want to unify directories across your organization into a virtual directory. What about the deployment of your IAM solution? Do you want to install more hardware or are you looking for a cloud-based solution for IAM?
There are some answers to these pressing questions. The SinglePoint platform from Symplified is a revolutionary platform linking your existing security infrastructure securely to the cloud. This technology allows you to implement a powerful, cost effective IAM solution where internal and external users can gain single sign-on access to your cloud applications as needed. Only Symplified offers a truly integrated, yet modular, IAM stack unifying Web Access Management, Cloud Access Management, federation, SSO, lightweight virtual directory and auditing for both on-premises enterprise and Cloud apps. Unlike software focused solely on-premises, SinglePoint provides a unified solution capable of meeting your IAM challenges across enterprise, SaaS and Cloud platforms.
So, SSO is just one component of managing your identities in the cloud. I encourage you to think more broadly about the challenges and seek solutions that have the flexibility to extend your directories to the cloud. Flexibility is the key, and believe me; you’ll need it as you attempt to gain the upper hand on your cloud deployments.
Symplified | The Cloud Security Company
July 2010
Have you ever been to a town (or lived in one) where the number of homes has grown faster than the supporting infrastructure could keep up? In other words, the freeways and other services could not adequately keep up with the pace of home construction resulting in traffic delays, confusion, and frustration.
Something similar has occurred with the evolution of the cloud and cloud services. The cloud and its significant number of apps have grown explosively and many companies are adopting the cloud for at least some of their basic IT functions such as email, payroll, and HR. Still, other companies are taking bolder initiatives and outsourcing both data and applications to the cloud in an attempt to save money and streamline operations. Regardless of the intent, all companies have a concern about cloud security. How safe is my data in the cloud? How much risk am I at with multi-tenancy applications? And what about my user accounts and providing access to all these new apps?
As enterprises shift some of their data and applications to the cloud they are caught between managing identities locally at the network level, and providing access to their users to applications in the cloud. Just like the proliferation of homes without the supporting infrastructure causes problems, so does the proliferation of user accounts with cloud adoption. IT cannot reasonably manage user identities for both the cloud and the network, nor can the end user!
So, the cloud is challenging the typical security model like never before. Organizations know that in order to be competitive they must provide an environment with access to multiple types of users (employees, partners, and customers). But, they must also maintain unprecedented levels of security due to today’s threats and compliance requirements. As more apps proliferate to the cloud and more companies migrate some of the apps and data to the cloud, the issue becomes more acute.
The answer lies in maintaining security credentials where they currently reside; protected behind corporate firewalls and enabling cloud-based apps to reach out to these secure user stores to verify access and implement user policies. There is no need to replicate user identities across the cyberscape of the universe, but rather make use of the directories and databases that you already have in use and have already spent tons of money and time to implement. This type of solution bridges the gap between cloud applications which inevitably need identity management and local user stores that already have the user's access and credentials defined. Doesn’t that seem like a better approach to you and your users?
Symplified | The Cloud Security Company
April 2010
With the formation of the Open Identity Exchange and OASIS Identity in the Cloud TC there is a renewed interest in Identity Management Standards and a new focus on the Cloud model. This has led to some recent discussions such as "What standards to use?", "How to derive value from standards (old and new)?", and "What resources to leverage in delivering standards-based IDM?".
With Symplified's approach, enterprises can indeed leverage existing expertise and technologies. E.g., our embedded virtual directory allows you to retain any number of directories that you presently use for authentication and user profiles. If you have in-house SAML technology and expertise, we integrate with it--but if you don't, our solution still delivers and you don't need to purchase other tools or expertise. Although we are SaaS based and add great value to integration and protection of SaaS apps, we also can deploy on-premises components for customers who are more comfortable keeping certain functions inside their four walls. (This approach can be used to keep network traffic internal and to contain all user data within the enterprise.)
As with most infrastructure, employing third party products and services should allow an enterprise to focus on their own core competencies and lines of business. Value should be seen in not having to employ resources for the care and feeding of such systems, knowing that not only are initial needs met, but the solution continues to expand and evolve, for example integrating with new applications and services, and adopting new standards and functions. With the current splintering of standards, using a vendor that is not locked into any single standard is highly advisable. Time to implementation and TCO are important considerations as well. I have worked for large institutions that have implemented their own systems (as the need predated IDM technology) and can personally attest to the costs for creation and maintenance of such systems. With these lean times, CxOs, boards, and shareholders are raising eyebrows at large investments on internally developed infrastructure. Hence service based solutions, especially those with pay-as-you-go pricing, are increasingly desirable.
The fact that applications have differing trust models often complicates deployments and has contributed to failures in the adoption of federation. Eric Olden wrote an excellent article on this: Federation is Dead: Long Live Federation Fabric. So while I agree that federation is the way to go, the pragmatist in me knows we need solutions that work now. Waiting for a standard to mature and gain adoption means waiting to integrate, delaying such capabilities as User Provisioning, Single Sign-On, Access Control, and Compliance. I don't know of many IT managers willing to tell their business sponsor that they can't deliver a solution now because they must wait for an infrastructure standard to take hold! Please know I hold the utmost optimism and support for IDM standards to me this is all a matter of timing and planning of enterprise roadmaps. In short: set realistic expectations to leverage emerging technologies.
In closing I must add that I am excited to see renewed interest in making standards work. The biggest challenges I have seen are lack of adoption, and splintering not only in the adoption of specific standards, but also in decisions that determine interoperability--such as profiles, assertions, and semantics. It's the classic chicken and egg scenario: until standards adoption and interoperability are the norm there is less incentive to support the standards in the first place. For federation to become ubiquitous the network effect must be realized.
October 2009This is a good question, but we have to understand what is meant by Enterprise Architecture (EA). It is generally accepted to be a discipline and sometimes a role or organization responsible for those activities that strategically align an organization to its technology and business goals. Activities such as Enterprise Architecture Planning (EAP) serve this need and are essential to IT Governance. Other activities relate to the application of Enterprise Architecture to specific domains, such as Line of Business (LOB) portfolios, Technical Architecture (which may include networking, security, etc.) and Application Architecture.
So, given this definition--YES, EA is essential because even (or perhaps especially) if the applications and business processes leave the enterprise four walls (ala SaaS), planning and governance are needed to ensure alignment to strategic goals. The role of EA is to periodically adjust those long term goals and the trajectory to attain them in response to changing technologies, business drivers, etc. So as new paradigms like SaaS and other types of Cloud Computing emerge, EA must evaluate them and establish standards, guidelines, policies, etc. For example, EA may incorporate SaaS based on cost benefit and an assessment that recognizes SaaS apps as being aligned to enterprise needs for security, privacy, compliance, service level, business function, etc.
And in addressing whether there is a need to architect solutions when adopting SaaS (presumably in support of EA as a discipline), then YES, there is still a critical need to define how SaaS integrates with the enterprise technology landscape. Questions such as What is the master of my data? How do I manage Identities and Accounts? How do I produce Compliance Reporting? How do I migrate to/from adopted and sunset SaaS Apps? How do I establish Trust Relationships? How do I provide Quality and Service to my constituencies? etc. require solutions in the domains of Information Architecture, Security Architecture, Network Architecture, Application Architecture, Technical Architecture and so on--presumably envisioned and vetted by architects of various types (including Portfolio Architects, Solutions Architects, etc.)
So while the GAME may have changed, the need for the PLAYERS has not. Architecture--in all senses of the word--remains essential.
In closing I will say that SaaS pushes the emergence of Business Architecture to a new height because of the direct empowerment of LOB owners. Acquisition and deployment of real solutions is now within grasp of business owners (seemingly) without the need for conventional IT delivery and support. But many of the above questions may go unanswered without engagement of EA, and latent risks (such as compliance and security) may turn into real issues.
Coby Royer
Technical Product Director
Symplified | Cloud Security Experts
September 2009  For years, enterprise architects worked toward standardization and consolidation to achieve economies of scale across enterprise LOB portfolios. Data centers often looked like IT museums with one of every imaginable RDBMS, App Server, Web Server, OS, and hardware platform--and capacity was underutilized while TCO was out of control. Platforms like J2EE were initially created around N-Tier discretionary architectures that provided scalability and standardization. As enterprises achieved some successes in the standardization and consolidation in the 1990s and early 2000s, a new technology entered the scene: Virtualization. Even with a diversity of stacks, economies could be achieved, as peaks and valleys in CPU and memory of VM guests averaged out in the VM host. And the ease of deployment and management of VM guests introduced unparalleled cost reductions.
So virtualization is here to stay, but is it the end game? I think of virtualization as a means to achieve micro-scale economies. At the macro-scale, we still have to address needs for ping, power, and pipe at the data center, and ensure availability, disaster recovery, and more. So the consolidation of VM resources represents the next wave of change. (And with grid computing, the VM hosts do not even have to be physically collocated.) So now I can use Amazon EC2 to fire up VM servers of my choosing, on demand. No, virtualization is not the end game—it is a crucial enabler for Cloud Computing (more specifically, for PaaS and IaaS). And given its importance, and the economies that are fueling this trend, I do see virtualization vendors making Cloud Computing more of a reality.
So what about security and enabling infrastructure such as IAM? The same economies that are driving Cloud Computing will extend across all crucial infrastructure that adds value to it. And in time, standards will be adopted to lend further economies and broaden the reach of standard infrastructure. (Standards can be a mixed bag, though, as they often embrace a philosophy of “Build it and they will come.”)
We are already seeing high demand for Cloud Security and IAM here at Symplified, and we believe this trend will continue strongly. We are building the network that enables SSO and Access Control across the full breadth of SaaS Apps, as well as COTS and homegrown Apps that our customers host. This is the real deal, and our own SaaS economies are delivering these capabilities at a fraction of the cost of the former generation of IAM technology.
Check out some additional perspectives on Cloud Computing and the Enterprise. Check out the Linked In Conversation surrounding this question written by Brian Nettles, VP of IT at CB Richard Ellis: “Everyone is talking about cloud computing these days. I've heard various opinions from execs but little from Architects and Engineers. Is this another passing fad? Do you think the moves by top tier virtualization vendors will make cloud computing more of a reality? If you believe this is the real deal, what direction do you see vendors going to provide security for large scale enterprises and will it be cost effective?”
Coby Royer
Technical Product Manager
Symplified | The Cloud Security Experts
http://www.symplified.com
March 2009 OpSource On-Demand Provides Scalable, Dependable Web Delivery of Market-Leading On-Demand Access Management Solution OpSource™, the leader in Web operations, today announced that Symplified, the on-demand identity company, is using OpSource On-Demand to bring its innovative access
management solution to the enterprise marketplace. Symplified enables companies to secure and audit SaaS
and Cloud computing resources by providing on demand identity and access management (IAM). Symplified integrates enterprise IT controls with Salesforce.com, ADP, WebEx, Workday and others, improving security and easing compliance. Symplified chose OpSource On-Demand for its unmatched security, reliability and
scalability.
“2009 is undoubtedly the year of the Enterprise Cloud, and Symplified is enabling this revolution by providing
centralized security and audit for applications that reside outside the firewall,” said Eric Olden, founder and
CEO, Symplified. “When we set out to choose an operations partner, our key requirements were security and
availability. We need to demonstrate to our customers that our on-demand infrastructure is more secure and
more fault tolerant than their internal network. OpSource meets these requirements in spades.”
Using an on-demand security model, Symplified can cut costs of IAM deployments by 80 percent while achieving an unprecedented level of integration between the enterprise and the Cloud. Symplified SinglePoint is the first Internet utility for secure SaaS and Cloud application access, delivery and integration. SinglePoint uniquely combines identity and access management capabilities through a pre-integrated cloud-based hub that links with the enterprise data center. Its unique ‘connect once, integrate an ecosystem’ approach accelerates secure SaaS deployments at a fraction of the cost.
For Symplified, it is mission-critical that their Web operations solution provider supply carrier-grade security and reliability. After an extensive review of vendors, Symplified chose OpSource On-Demand as its delivery solution because only OpSource On-Demand offers the SAS 70 Type II certification, PCI compliance, robust security, cost-effective pricing and far-reaching scalability that Symplified needs to help enterprises move to the Cloud.
“Symplified is providing a must-have access management solution for enterprises as they move to Cloud
computing,” said Treb Ryan, CEO, OpSource.
“OpSource On-Demand is ideal for companies such as
Symplified that have security at the heart of their business, as security is always top of mind for us for all our
customers. We look forward to working with companies like Symplified to make the Enterprise Cloud a reality
this year.” Santa Clara, California, March 2, 2009 http://www.msnbc.msn.com/id/29462903/ http://www.symplified.com/main/news-and-events/press-releases.html
February 2009 Cloud computing has emerged as the next wave of IT innovation for the
enterprise. It is driven by utility-scale economics and global reach,
while being enabled by breakthroughs in bandwidth, virtualization and
service oriented architectures. Cloud computing is compelling for
enterprises seeking to cut costs, enhance integration across their
business, and enable collaboration both internally and externally.
Whether
it is used to provide business applications delivered as services
(Software-as-a-Service) like Salesforce.com, or on demand utility
computing (Platform-as-a-Service) like Amazon EC2, the cloud is
changing the way enterprises consume IT. The wildcard that remains to
be addressed for the cloud is security. Until enterprises have a way to
secure data in the cloud, this model will not reach its full potential.
Everything Is The Same.
Security
has been central to IT since the days of the mainframe and has evolved
and adapted as technology extended from the LAN to the WAN to the Web
and now to the cloud.
One constant throughout this evolution has
been the need for control over access, authentication, auditing and
administration. The names for these have evolved over time and today
are collectively known as Identity and Access Management (IAM).
For
cloud computing to truly establish itself as a viable extension of the
enterprise computing ecosystem, it must first provide security on par
with what exists inside the firewall. Without this foundation,
enterprises will not trust the cloud for business-class computing.
Finally, compliance is impossible without controls.
Everything Is Different.
Security
must adapt to the unique technical and organizational demands that the
cloud presents. While security for the cloud must incorporate the
established principles of protection developed for enterprise networks,
it must do more. Specifically, it must address the new challenges that
arise when infrastructure resides across the Internet where it is
collectively operated by the enterprise, its partners, and service
providers.
What’s Different Specifically?
Access management, the
core of security, is different for the cloud because the most common
tool for access control on the Internet – the firewall perimeter – has
been turned into Swiss cheese. Firewalls can’t manage access to cloud
applications because by definition these applications are accessed over
the Internet outside the corporate firewall.
With the advent of
the Web, enterprises put applications outside the perimeter for
customers and partners to access. This forced enterprises to scale
access management not only for its employees, but for potentially
millions of customers. A new generation of access management, designed
specifically for the Web, was required and developed by vendors like
Securant and Netegrity. First generation Web Access Management software
relied on agents tightly coupled with web servers operated by the
enterprise.
However, Cloud infrastructures are different since
it’s impossible to run a web server plug-in on a multi-tenant
architecture where multiple organizations share common infrastructure.
Access management for the cloud must be controlled without agents and
without tightly coupling infrastructure components together.
Authentication for the cloud is different. Verifying
a user is who they claim to be on the cloud works differently than for
an enterprise network. The enterprise can rely on multiple layers of
authentication. For instance using Windows logons to verify an
employee’s identity and restricting authentication to only those users
that have access to the corporate Windows network.
This model
doesn’t scale to the cloud because users aren’t necessarily connected
to a corporate LAN - and many users, like customers, aren’t part of the
enterprise Active Directory. This is further complicated with global
enterprises that are widely distributed with users accessing IT
resources over the public Internet not using VPNs.
Because
clouds are often used for collaboration between organizations using
different technology platforms, an inter-organizational authentication
solution has evolved. Called federation, this model uses the Security
Assertion Markup Language (SAML) standard. With SAML, each organization
manages its own users and through trust relationships share
authentication between sites.
SAML is an elegant solution for
scalable authentication. Authentication for the cloud will rely on SAML
and provide the dual benefit of reducing the number of passwords that
users must remember (and forget) as well as improve user experience
through Single Sign On (SSO).
Administration for the cloud requires a new approach to
support the complex structures and business relationships between cloud
networks and organizations. User account management, known as
provisioning, on the cloud is different than the Web because it
comprises a mix of both enterprise and cross-organizational
requirements. On the cloud, organizations must not only manage access
by employees, but also customers and partners. Identity data for these
external users often reside in remote repositories across the Internet,
something that today’s provisioning tools aren’t designed to handle.
As
with authentication, user management must also be federated between
clouds and the partner enterprises. As companies adopt SaaS
applications they find that user accounts are now located in 3rd party
databases creating new management silos. User management for the cloud
must evolve to a ‘meta-management’ layer that abstracts the underlying
location of the repository and treat users consistently across both
internal systems like Active Directory and cloud-based applications.
Auditing and compliance for the cloud must also evolve past today’s enterprise-centric model. Currently,
enterprise solutions that centralize and aggregate logs are used to
demonstrate to auditors that controls are in place and report on user
activity. This approach works since access paths to enterprise
applications are more tightly controlled through a combination of
perimeter based controls. With on-premise Web application access there
are relatively fewer moving parts that must be monitored for compliance.
In
the cloud, the infrastructure for managing compliance must extend
across the Internet and encompass the applications, users, and
activities on remote as well as enterprise systems. Users access cloud
applications across the Internet, rendering perimeter controls
ineffective for compliance.
It is imperative to manage cloud
access paths through a consistent control point and the most scalable
way to do this is using an Internet-scale proxy utility. By channeling
all user access through a security proxy the task of auditing becomes
centralized. Since proxies do not require software agents this
technology approach of loosely coupling security with cloud
applications is massively scalable.
Consistency is essential for
compliance, and cannot be achieved using ad-hoc and siloed approaches
to access control and reporting. Too many applications are built and
deployed with only an afterthought given to security and compliance.
This is a problem in the enterprise today and must be addressed as part
of an intelligent cloud strategy from the very beginning.
Confidentiality of data is the last major element of security. Data
must be protected both in motion and while at rest. When data is
transmitted across the network, encryption must be used to prevent
eavesdropping and SSL/TLS is the best way to do this. This protects
data from being hijacked or user credentials from being stolen by an
attacker. Data at rest must be encrypted on the storage device or
within the database. This includes confidential (and regulated) data
like credit card numbers and especially user credentials.
In the
enterprise, data is further protected because it resides inside a
firewalled perimeter that deters possible attackers. When moving to the
cloud, enterprises must recognize that their users’ credentials are
scattered across multiple systems not under their direct control. If
proper encryption is not in place, user passwords are vulnerable to
theft and can be used to gain access to other applications.
Creating
a meta-security infrastructure for the cloud requires a comprehensive
strategy encompassing the 5 core elements of security – access,
authentication, auditing, administration, and confidentiality. Because
the cloud uses significantly different technology and a decentralized
organizational structure compared to enterprise networks, simply
extending existing security systems will fail. Enterprises must
implement a cloud-native approach that unifies these elements and is
also able to integrate with the existing IT infrastructure. Otherwise
new silos are created resulting in more work, greater expense, and
weaker security.
A cloud delivered security strategy is the only
efficient approach for aligning and bridging the technology and
processes that span enterprise infrastructures and internet delivered
services and resources. Using this model enterprises get the rapid
scalability, global reach and utility economics that define cloud
computing. Written By: Eric Olden, President and Founder of Symplified February 2, 2009 Eric Olden is founder and CEO of Symplified,
a developer of access management technology for SaaS and the cloud. He
previously founded and was CTO of Securant Technologies, a pioneering
developer of Web Access Management technology. The Securant ClearTrust
product was acquired by RSA Security.
January 2009 Part One
We’ve all heard a lot about the benefits of Software as a Service. But like any new paradigm, I’m sure lots of IT decision makers are faced with tough decisions about how to fit it into existing IT Strategies. Many companies have invested in careful Enterprise Architecture Planning to set a course that will ensure delivery on their business vision. Reducing costs, improving Time to Market, managing risks, and ensuring privacy and compliance are top concerns. How does SaaS fit it?
Cost reduction can be more complex than it appears. While I strongly endorse On-Demand SaaS applications to reduce capital costs and in most cases reduce operating costs as well, it may appear to undermine Information Architectures and Systems Architectures that attain cost reduction through standardization and consolidation. Enterprises reap benefits in treating information as a business asset. Business Architecture can drive standard data models that break down silos across lines of business and support analytic reporting that drive all manner of analysis and decision making. Operational data stores serve the needs of many different applications and avoid headaches in inconsistent syntax, semantics, and data quality typical of siloed implementations. Time to market and success rates of projects (especially those requiring significant integration) improve with the availability of quality data.
One of the things I find interesting about SaaS is that it appears to re-create the silos that we have fought so hard to break down. Business units may be empowered with decisions to use SaaS applications in the absence of IT governance. Disparate SaaS Apps service different business functions ranging across collaboration tools, workforce management, CRM, ERP, project planning, and more. Suddenly, the data that we have worked so hard to make available to all of our apps is locked inside the enterprise as more and more of our business processes are migrating out of the enterprise. And more and more master data is living outside the enterprise, too, in formats that you can't control. Best practices for data masters and replication no longer fit the emergent Cloud Computing Model that delivers so many other benefits.
So where is all of this going? As with any new paradigm, each enterprise needs a pragmatic strategy that reaps the benefits of the new without discarding the benefits of the old. The fact that many SaaS apps must master their own data does not mean we can't craft an Information Architecture to serve both SaaS and conventional apps. Adopting SaaS as part of an overall strategy can avoid many pitfalls. When adopting SaaS I strongly encourage IT Managers to consider the needs for data integration with those apps. How will Identities be standardized across apps? How can information be exchanged with them? Can your internal directory servers be the Master to data consumed by your SaaS apps?
In my conclusion to this article I will address Risk Management concerns, including privacy and compliance, and outline some recommendations for your SaaS integrations. Stay tuned for next week’s continuation of this topic in part 2 of the Identity Management Blog.
Stay tuned for next week’s continuation of this topic in Part 2 of the Identity Management Blog!
Coby Royer | Technical Product Manager | Symplified
December 2009
Twas the night before Christmas, good things should unfold
As Clayton Christensen’s predictions so soon would take hold.
New licenses paid from fiscal budgets with care,
In hope On Demand Computing soon would be there.
IT Managers and sponsors all smug in their heads
With visions of hosting and integrations to spread;
Unaware of disruption new technology would bear,
COTS apps and homegrown so well might not fare.
When out in the NOC there arose such a clatter,
I sprang from my pager to see what was the matter.
Away to the data center I flew like a flash,
For downtime I feared would cost us some cash.
When, what to my wondering eyes should appear,
But a cloud full of SaaS apps bringing holiday cheer.
Now Salesforce! Now Workday! Google Apps, Xactly!
On Taleo and WebEx, Concur, ADP!
Enterprises—all sizes, so soon now can turn,
To the business that drives them, less money to burn:
Economies of scale, core competencies,
Scalability, compliance, and reliability.
Yes, a New Year upon us, a tough economy,
New challenges and solutions, creative we’ll be.
In our decisions with limited Cap Ex to spend,
Less staff but the same users to please in the end.
So when St. Nick drops Cloud Computing down your chimney,
Embrace it and face it, good things you shall see.
And when you are deploying, bring Identity—
Your users will need it for who would they be?
Happy Holidays from Symplified,
The On Demand Identity Company
Written by: Coby Royer Technical Product Manager | Symplified
Error sending email
Email sent successfully
|
|
|
|
 |
|