BetterCloud Founder and CEO David Politis presented a breakout session during Oktane20 Live, Okta’s virtual identity conference. The session, “SaaSOps: A Practice to Discover, Manage & Secure Your SaaS Apps,” which was presented on April 2, focused on the evolution of SaaSOps and the main pillars of the practice, and included a customer panel. If you missed it, here’s a recap.
SaaS has changed the way we work
Even before this “new normal” of working from home during quarantine, SaaS has changed how we work.
SaaS has driven a best-of-breed world. There are now purpose-built apps for every industry, line of business, and department. All of this comprises the digital workplace, and it’s key to the success of businesses where the physical doesn’t matter.
SaaS has reduced friction and led to more real-time collaboration. There’s no longer a need to email around docs labeled “Version 3” or “Final_FINAL.” Much of the friction in the past is gone today.
IT is at the center
Challenges arise as more apps are in use. There’s so much manual work that must be done, and IT teams are not scaling in correlation. Employees now have control over app settings and entitlements, and they’re often doing risky things, such as sharing files with the whole world, even without malicious intent.
In most orgs, IT is still viewed as a cost center, rather than a unit that can empower the business. We believe this is changing, and the current WFH situation is only going to accelerate that change.
There’s no blueprint or certification for running a SaaS-forward digital workplace. The people who have been able to do it, including our customer panelists today, have been trailblazers over the last five to 10 years.
All of this is SaaSOps
AWS was launched in 2006, and the term “DevOps” was first used in 2009. What DevOps has become from a back-end technology perspective is what SaaSOps is from a front-end perspective. It’s a newer movement. We only really hit the inflection point of SaaS adoption in 2016-2017, and now this movement is really picking up steam.
Understanding SaaS adoption is important to understanding why SaaSOps is necessary.
SaaS adoption tends to start slowly and then grow exponentially as more departments discover apps. The amount of data, users, and apps all go through the roof.
In theory, the more SaaS you adopt, the better. It unlocks more productivity and collaboration.
But in reality, problems often emerge. You have to think about every user, and the data they have access to, within this sprawl of apps.
SaaSOps is the answer to move from unfortunate reality to idyllic promise
SaaSOps consists of the following four main practice areas, the first of which is foundational. IT orgs are completely different in legacy vs. SaaS environments. The roles, responsibilities, and skill sets change, which is what SaaS Transformation is about.
Next, in SaaS Discovery, you must have a view of the entire environment, including which apps are being used, whether they’re sanctioned, and how much you’re spending.
Then you must manage a subset of those apps, including controlling access and authentication, as well as automating user lifecycle management (like onboarding and offboarding). This is SaaS Management.
Then there’s SaaS Security. The CISO’s org monitors and protects from external threats, whereas IT, within the CIO’s org, has to manage and secure users and protect from insider threats. SaaS apps generally do not provide the granularity of permissioning you need, making least privilege particularly challenging.
Check out our SaaSOps mini-checklist here. You’ll learn about the core activities every IT professional should strive for to operate the modern digital workplace.
SaaSOps will evolve
Just like DevOps evolved, the practice of SaaSOps will evolve as well. BetterCloud has been the market leader in this space for over 8 years, and our product is the only all-in-one SaaSOps solution available. And since the launch of SaaSOps last year, the movement has taken off! Hundreds of IT professionals are changing their job titles and even opening up new SaaSOps roles.
Customer panel: IT’s take on SaaSOps
Later in the session, Politis was joined by panelists Travis Whiteaker, IT engineering manager, Squarespace; and Deji Fatunla, solutions architect, Sunrun, to chat about all things SaaSOps.
The biggest changes to the IT role
To kick off the panel discussion, Politis asked what changes they’ve seen to the role of IT over the last five to 10 years.
Fatunla: When I first started at Sunrun, it was all about G Suite. Then it later expanded and is continuing to expand. I take ownership of that and provide support to the business across different teams from HR to finance to security.
Whiteaker: The flow of SaaSOps has led to this ever-widening field of different tools that individual teams will use. Especially as people come and go within orgs, they get used to certain tools and workflows and expect to bring them along. The normal progression of people joining orgs comes with the addition of other cloud-based tools. The process of discovering what the best-of-breed tools are to get the job done is forever changing, and we’re trying to keep up with that.
How did you empower remote work during COVID-19?
Fatunla: Sunrun has always been a cloud-first company. We run Okta and most of our apps are run in AWS and GCP, so it wasn’t too difficult for us. We expanded on our VPN and had to convert processes for those in the call center. Our leaders saw this coming and were able to conduct dry runs and tests for remote work. Going all remote took us a couple of weeks.
Whiteaker: We do have a decent cloud presence, but also a traditional on-prem data center footprint. Our world-class networking team was able to step up to the challenge. We did have a decent remote work process set up, including VPN, although we’d never had a chance to test in production sending the entire workforce home at the same time. The high volume of users has been a bit of a stress test for those systems, but we’ve been able to navigate those challenges without too much of an issue.
Politis: We’d never really had everyone working from home. We had each office go home on subsequent days. I have some friends who work at larger, older companies and they’ve been frustrated because they’ve been unable to work and get access to the apps they need. This has been an interesting test for some orgs’ tech stack.
Any projects getting accelerated now?
Whiteaker: We don’t know the length we’ll be in this scenario, which has made us reconsider priorities, but it has given us an opportunity to experiment with new processes, such as onboarding and zero-touch provisioning.
Fatunla: Our process for onboarding to apps is seamless and fully automated. We’re fast-tracking our move to Chromebooks. For apps that won’t run on Chromebooks, we’re looking at virtualizing.
What area of the SaaSOps framework is the most challenging and critical?
Whiteaker: As I’ve moved up the managerial ranks, I have to be more cognizant of spend and spend insights. With shadow IT being a constant battle, insights help us make sure we’re maximizing our spend.
With identity and access management, it’s important to make sure users have the right level of access from day one. It’s very hard to rein in access after users have been given it.
Fatunla: User lifecycle automation is important—specifically making sure users are automatically provisioned from day one. The onboarding experience is very important for newcomers, and that’s key for us.
Looking for more SaaSOps info? Check out www.bettercloud.com/saasops for in-depth webinars, books, success stories from SaaSOps practitioners, and more.