Using the SaaSOps framework above is a great place to start when looking to map responsibilities to the business value and demonstrate cost savings IT brings to the table. While some, like spend reporting or spend optimization, are more obvious, others, like visibility and auditability are also key. For example, some regulatory compliance requirements may necessitate gaining visibility into data or having a predetermined incident response plan. By having all the pieces in place and achieving new compliance standards, you can enable your organization to go after and win new business in industries or verticals previously unattainable. Two other examples include developing a complete user lifecycle process to reclaim licenses from departed employees and avoid incurring costs, and establishing a least privilege access model to avoid assigning the costly admin licenses charged by some SaaS providers.
Securing remote work introduces its own set of challenges as employees use their own personal devices, accounts and/or networks, and collaboration via SaaS applications between employees and partners and customers increases. This can be further compounded by the fact that in the modern, more comprehensive IT role of today, the lines between IT and Security are blurred.
While the specific security implications will depend on your company and what the mix of remote versus in-office work will look like long term, the challenges from a technology capability perspective include more integrations across applications, more cross-functional collaboration, easier external collaboration, the ability to create no-code workflows, and greater visibility around reporting to provide a more seamless transfer of knowledge and data across applications. It is imperative technology decision-makers strike the right balance between supporting business initiatives while ensuring the flow of information remains secure.
How IT strategies will change overnight:— Aaron Levie (@levie) March 29, 2020
Some cloud -> 100% cloud
Trusted devices -> Any device
Protecting perimeter -> No perimeter
Monolithic tools -> Best-of-breed apps
UX secondary -> UX above all
Employees only -> Extended enterprise
For SaaS-powered workplaces, non-nefarious employees are often the gateway to data loss in the flow of information. Sharing a document with a personal account and inadvertently making it publicly accessible, or setting up corporate email to forward to a personal Gmail account are common examples of negligent but well-meaning end-users. Alerts and remediation paths against insider threats such as these, and file security policies that allow for the collaboration capabilities employees need to do their jobs remotely while still giving IT and Security the confidence data loss is not occurring is a critical balance to get right.
While trying to predict what comes next (especially in a year as unpredictable as 2020!) would be a shot in the dark, we are confident in one thing: that this is the Golden Age of IT. The rise of SaaS and SaaSOps has catapulted IT to the forefront of business decisions and innovation, and given technology leaders a seat at the table that has, for many companies, been a long time coming.