Monday, September 2, 2013

BYOD vs Standardization - SaaS makes it easy

I started this BYOD series to show that the root of this conversation isn't about devices, specifically, but instead business goals. This post, the 3rd installment of the BYOD vs Standardization series, will touch on a few security misconceptions and strategies for becoming device agnostic. If you're not familiar with device standardization head back to the first post of this series, BYOD vs Standardization - Understanding Your Mobile Strategy Pt1. (Understanding the various device policy models can give insight into how to implement what this post will discuss, so check out part 2, BYOD to COPE: The Mobility Spectrum.

What is driving the mobile device discussion?

Without going into specifics of device policies and standardization, the reason for this discussion is productivity & mobility. Businesses want their employees to be productive and employees want to be mobile - use new technology that affords them new freedoms, like the ability to work where and when they can be most productive. A $2 cup of coffee is now a passport to internet connection, productivity, and better business - not to mention work-life balance.

Mobile Security Misconceptions

We've talked about business data security before. Stories about malware and hackers, like the Syrian Electronic Army hacking the NYTimes and Twitter websites, are everywhere and concentrate on the hackers. This sensationalism minimizes the root cause of the hack - HUMAN ERROR. The reason hackers in Syria were able to access these prominent websites was due to a lack of security protocols addressing human action in providing security credentials.

According to Financial Review, "The incursion was traced to India-based perpetrators who fooled staff at a US-based reseller of Melbourne IT ­services into handing over personal details and, as a result, the login and passwords which allowed someone to access and change key details for the websites."

Firewalls, anti-malware, double authentication, etc, would not have helped the NYTimes or Twitter avoid this intrusion, as the hackers had legitimate login credentials. One might want to move data to self-managed servers, implement extreme security measures that require access to particular network to gain access, etc. Is this really the answer?

Concentrating on network best practices and on policies that promote responsible actions by your employees are the better and so is allowing Software as a Service (SaaS) providers do what they do best.

SaaS vs Self-Managed

SaaS providers are specialists, not only in their software, but in storing the data they work with. The data passed through their systems are their "bread-and-butter" and securing it is in their best interest. So much so that many SaaS providers have their data stored in SSAE16 data centers (audited by 3rd parties), have implemented biometric safe-gaurds, 24/7 staffed security and foot patrols, environmental controls, advanced firewalls, backups & redundancies.

I know what you're thinking - "I can do that." True, but are you going to be as good at it while still being great at running your business?

Benefits of SaaS

Now that we've established it’s better to let a service provider be the expert of a solution, letting you be the expert of running your business, what are the benefits you can realize by going SaaS?
  • Low cost for multiple device support
    SaaS platforms are looking to gain a broad user base and therefore build their platforms to run on most, if not all, popular platforms, browsers, operating systems, etc.
  • No Cost Updates
    SaaS providers strive to stay relevant as new devices and platforms are released and will continue to update their platform so that your employees can access business data, with no update costs to your company.
  • Zero Tech Debt
    Your company doesn't have to worry about maintaining a server, upgrading it, being relegated to outdated software
  • True mobility
    The fact that (good) SaaS platforms are accessible by any device and any platform means that your employees have access anywhere, anytime - staying productive! Check out What's going on at Greenleaf Hospitality since they migrated over to Google Apps.

Downsides to SaaS

Let's keep this objective and be sure to touch on some downsides to SaaS:
  • Lack of update control
    While the exact roadmap of platform updates is out of your control, most SaaS providers have a community where their user base can influence or suggest new features and development. Let's face it, letting them deal with staffing a large developer team is saving you hundreds of thousands a year. Not to mention they'll roll out with updates faster.
  • Requires reliable web connection
    Putting your data in the "cloud", as it were, means that for your employees to be productive you'll need consistent reliable internet uptime and access. As most business is conducted online anyway, I'm pretty sure this one is covered. If your employees want to be mobile and work off-site, they probably already know how to find reliable connections.

Where to Start!?

Rolling out SaaS to every aspect of the company isn't realistic. Look to smaller sections or units of your business or department where data is database driven, requires network connections, and can be easily searched/filtered/queried. Look at some of these SaaS platforms to improve your operations:
  • Project/process management - Podio, Trello, Basecamp
  • Email - Gmail/Google Apps
  • Document Collaboration - Drive/Google Apps
  • Accounting - Freshbooks
  • Marketing/Sales - Mailchimp, Marketo, CRM software, Streak, etc.
Many of these solutions have free versions or trial periods to help you evaluate usefulness, efficiency and implementation strategies.

Capitalize on efficiencies of scale, by moving to a SaaS provider and give your employees the freedom of mobility and increase productivity.

Don't know where to start?! Feeling intimidated?!

Newmind Group will help identify key areas of improvement and manage the project from start-to-finish eliminating your headaches!

Daniel Proczko has been working with organizations and individuals to build & grow the entrepreneur community of Kalamazoo, MI. From organizing TEDx events, hack-a-thons, and documentary screenings to engaging with business leaders, Dan strives to inspire individuals with new ideas and better thinking.

Having always been interested in tech and understanding the value of innovation through IT, communicating the importance of strategic IT thinking is one of Dan's primary goals within Newmind Group.