Orchestrating a Hybrid Cloud: Using SaaS Solutions with On Premise Applications
By Bill Vancuren, SVP & CIO, NCR Corporation
When moving to a SaaS solution, assign an IT security architect early in the product selection phase. Doing this ensures that the data gets classified properly, the supplier’s security practices are understood, and the SaaS solution’s data security limitations are verified. Protecting the enterprise starts with classifying the data in the systems. Doing this helps establish the appropriate security controls. In many cases, the enterprise may need to define how it will manage its intellectual property in a shared environment. Part of the security due diligence needs to uncover how the SaaS solution separates the company’s data from other companies’ data, especially if the solution is multi-tenant (e.g., many customers use the same instance of an application). Understanding the security practices of the SaaS providers is extremely important. The industry has seen improved security practices of SaaS suppliers in the last couple years, but this area is still evolving.Many SaaS providers are not SAML compliant which prevents the company from enabling single sign-on across the enterprise or managing security in a central place. One of the data security limitations of a SaaS solution is data at rest encryption. Selecting SaaS providers that encourage multiple levels of encryption across their solution will dramatically limit or prevent loss. Integration When planning integration, the first step should understand how the systems communicate and what can be done to make the company agiler. The company needs to look at which integration technologies are used by its current systems, how often they pass data, and how well the business processes are being supported. The current systems integration approach will impact the ability to leverage data across SaaS and on-premise systems. Legacy approaches to systems integration will make it very difficult to create a flexible set of connected systems. Direct database links and static point-to-point connections are brittle, slow, and can cause system outages when the SaaS solution is upgraded by the supplier. Likewise, the enterprise needs to understand how often its systems need to communicate. Depending on how often they communicate and how much data is being sent each time, the company may need to plan for additional investments. The business processes will drive the type of integration and how often the systems need to communicate. That’s why it is critical to understand the company’s business processes, especially those that leverage multiple systems. Data Management It is important to adhere to industry norms, monitor the data, and communicate the data governance decisions and actions. A few of the data management issues are establishing a common data model, creating a “data hub” for the master record, and governing the company’s data. A common data model is key to allowing multiple systems to communicate effectively while reducing errors. Pick a standard data model and make each system leverage it to communicate. This will allow the company to add or replace systems in the enterprise much more quickly and reduce the cost of integrating its systems. Companies should create a “data hub,” outside any specific SaaS solution to centrally manage the master record for their critical data subjects (i.e., customer, product, organization, contract, etc.). This provides a single “source of truth” for their critical data that must be shared across multiple SaaS systems and hybrid cloud architectures. By doing this, the company can avoid having incorrect or outdated information across the enterprise. Companies also need to have a strong business supported governance team monitoring each data hub to ensure the data aligns with the business needs. This team should include a business data owner and data steward, typically outside IT, who are responsible for identifying the master systems and resolving data conflicts. Organizational Transformation Each business organization should have a single point of contact to avoid confusion when moving between on-premise and SaaS solutions. The company should also look at its internal processes to make sure they are optimized for a hybrid cloud environment. Finally, make sure the IT infrastructure and security systems are able to support a hybrid cloud. The business depends on it. By focusing on the four key success factors mentioned above the journey to cloud will be more manageable.
When Moving to a Saas Solution, Assign an IT Security Architect Early in the Product Selection Phase