Be a CSP that cares about Security

With so many IT providers becoming CSPs it is obvious that more than ever the value proposition is key and extremely important.

A Value proposition has to go beyond a line of products and concentrate on your business philosophy, your culture and offer clear arguments for differentiation. You can do this as well by adding great services to the portfolio defining you as a CSP with great difference from your competitors.

One of the suggestions I can provide is the addition of Security services on the CSP portfolio.

What you are selling is not a product any more… but “trust”. Your clients need to trust you will drive them to the Cloud securely.

CSPs come from multiple backgrounds, from development to integration services and everything in between, however not many are specialized on offering Cloud Security options to the clients. And what a complementary offering security is!, as it is not an option any more but a requirement in more and more industries and job functions.

One great example is the addition of Secure Messaging, email encryption and tracking to your clients technology and productivity tools. Cirius Messaging is, in my view, the best solution you can  add to email that keeps being the most used communication form these days. It is a Cloud based solution so it moves a CSP rapidly to add security offering that aligns with any email platform provided to the client.

What you gain providing Security to your clients is not only the perception of trust you are looking for, also provides an answer to the threats all businesses are concern about with regards to their sensitive data in communications. Even more, clients have more confidence in the Cloud as you help them to adopt a user friendly and simple security enhancements.

Think about you as a CSP having the ability to extend your markets to regulated industries. This could result on new clients from new opportunities, and obviously a new revenue stream that could allow you to grow beyond the usual productivity tools sales.

Be different, be smart, care about Security and win the trust of your clients.. it is my strong recommendation.

The Benefits of Voluntary SAM & Licensing Reporting

First of all, it has been an interesting journey during my SAM career to get to write this post…because I have spent so much time helping companies and organizations “clean up the house” and get compliant, manage their applications and protecting them in the way of being always ready for software audits. But like the best things in life the journey does not have an end and is the ride that makes it great.

In the SAM World the ultimate efficiency is to manage applications from the deployment of images to usage control with compliance in between. It is precisely on this SAM ultimate efficiency that allow us to be more proactive in order to not only be ready for software audits but also to advance the reporting to a vendor before reaches to audit… I know, I know, sounds sacrilegious.

Let us put together this scenario: one organization uses a SAM governance management for all applications, policies and procedures are well-defined, smooth and there is compliance control. To “cleaning up the house” is easy and give it a year to achieve the optimal position. It is now a matter of maintaining, adapting and advising. It is then that risks are fully controlled towards software audits. And the services are rendered by a certified and recognized independent SAM consulting firm, not by a reseller. Imagine then that the organization reports voluntarily their compliance that includes deployment information.

Benefits:

  • Vendor does not have to list the organization on the black list
  • The organization tracks reports delivered to provide “good faith” to auditors and avoid their time-consuming engagements
  • The organization is motivated and keeps SAM governance live, active and constant maintaining compliance to optimal levels
  • Vendors provide funding for voluntary reporting, services by the SAM consultant may be partially covered if not paid in full.
  • SAM consultants can focus on the upcoming projects, working with IT architects and other to prepare for changes and ensure healthy delivery and compliance as per the established road map.

What we need is an alignment between the vendors, the SAM consultants and the customers. It has to be driven by the Vendors primarily, creating clear programs of audit protection by voluntarily reporting, enabling independent SAM consultants to provide a level of trust and optimal reporting acceptance. And this is out of the scope of the True Ups and Renewal typical reporting,,, Cloud subscriptions actually fit well on this model as usage can be controlled by the access to the applications from the vendor, but more than ever, the reality of Hybrid Cloud could benefit this approach tremendously, increasing the trust between all parties involved.

Just a thought…

Software Assurance with Office 365

Software Assurance and Office 365