At the Gartner IT Operations Strategies & Solutions Summit I heard that “83% of CEOs rate agility as the highest requirement for business. But security has been an inhibitor to agility.” At the same time, according to Ovum Research, “93% of the orgs they surveyed were looking to increase or maintain existing spending on IT security and data protection in 2015.” But increasing security solutions alone won’t aid in the battle against agility roadblocks. So what are people really doing? We asked the RES Customer Advisory Board (CAB)…
There was great dialog around their journeys towards more accurate and efficient provisioning, better and faster onboarding and offboarding, and the effort to protect their organizations with layered security approaches. We asked the CAB for insights into how they are managing this delicate balance, and quite a number of the attendees had purchased RES with budget that was allocated to security.
Better Security with More Efficiency
I would certainly agree with Gartner where “The rush to innovate, combined with major hacks making headlines around the world, mean security and risk concerns are top of mind in every industry.”
And according to Kroll’s cyber security report, the healthcare industry accounted for the largest % of those malicious attacks. This was further validated by our guest CAB speaker and healthcare CISO who says this is top of mind for him and his colleagues. Three industries accounted for nearly two-thirds of all cyberattack events: healthcare (38%), educational institutions (13%) and financial institutions (9%) where healthcare was the highest since medical records are worth about $60 on black markets, compared with the barely $1 each for credit card fetches.
We had another customer share how previous inefficiencies caused potential security issues. This customer once had 17,000 active directory accounts….but only 7,000 employees. They were a market leader in their space and were very aggressively growing their business – doubling and almost tripling in the past few years – through acquisitions and a targeted customer strategy. Accounts may have been duplicated or never removed when employees left. Unfortunately, this was not the first time I’ve heard of a company that had (not by design) more active directory accounts than employees.
Often, with fast growth, the focus on activities such as offboarding is left by the wayside. I often hear from organizations that are looking for ways to better automate their offboarding and subsequently, better protect their corporate assets when employees depart.
Although it may seem these organizations are airing their dirty laundry, they are in actuality opening communication for better ways to improve this often manual process without sacrificing time from other higher business and IT priorities. Investing the valuable time needed to evaluate possible solutions, plus the potential 9-12 months or more to roll out a new system, not to mention the additional training, is not a practical option for them. They’re all looking for something simple to deploy, easy to use – something that “just works.” It’s such a common dilemma.
Reducing Risk and Easing Compliance
Accuracy and compliance is even more important in today’s world, especially for the highly regulated industries that need to deal with PCI DSS, HIPAA, SOX, GLBA, FISMA and many other local regulations. Many companies go through an annual audit, but I heard some CAB members mention that they go through it quarterly, and one customer in a heavily regulated industry gets audited every two months. Everybody wants to reduce their risk and exposure to heavy fines and the inconvenience of having auditors sitting in their offices examining the minutiae of how their businesses are conducted. Luckily with RES there is reprieve. One customer had their auditing prep and process reduced by 50% (from four-plus weeks to just two weeks)!
What Is Your Experience with RES?
It was great to hear feedback from RES CAB members around improved agility and security. Some of the feedback we received on how we are able to help included:
- RES helps drive processes – IT is often viewed as costly to the business. It’s too slow, so no one uses them. Employees want to be supported with services that are easy to access.
- Better Engagement with key stakeholders – A leading retailer shares our philosophy that employee data should be owned by HR, and IT should be the custodian. IT should help with the workflow process and remove much of the manual intervention.
- Manual intervention equals error – A customer mentioned that the data entry involved in manual onboarding resulted in 20% to 30% inaccuracy and they needed 2 FTEs just for on and offboarding. Automation certainly has made things more accurate and efficient.
- One stop shop – A construction contractor agency recently deployed RES ONE Service Store and has more than 200 services and applications. They are now allowing customers to provide input on what else they would like to see via an Amazon-like wish-list feature.
- Fast Time to Value.
- A large energy company shared with us that they saved $1.2 million in the first year while adding additional cyber-security protection.
- A leading cloud computing customer switched from another user virtualization and workspace product that was never fully functional and was a nightmare to manage. Now they have automated their data migrations and VDI deployments with dynamically built servers. What once took 4-6 hour can now be completed in merely minutes.
The RES Winter Customer Advisory Board is Coming Soon
Thank you to the fantastic CAB members that joined us in Orlando. Your feedback and time are invaluable! Interested in nominating your company to be on the RES Customer Advisory Board or other customer programs? Please email firstname.lastname@example.org for more information. We look forward to hearing from you!