The industry is changing. Security Executives directly (they ask) or indirectly (they intuitively know but have not asked) will need to construct a highly leveraged strategy for managing their technology infrastructure. It takes enormous time and expertise to stay current on emerging trends. There is an enormous cost of deploying, managing and maintaining technology systems. But it is difficult to find vendors who can understand the risk picture, the business processes used to assess, manage, and measure that all-hazards risk picture, as well as the technology that supports it all. The industry will eventually produce such a category of vendor. We call that category: Security Risk Management Services. (SRMS) In this article. published in Security Magazine, Phil Aronson touches on some of the dynamics around this challenge and jump starts the conversation around the implications.
Software-as-a-Service: Expose the Business Drivers through ESRM
If you did an inventory of your organization’s IT applications, chances are you would find a hosted software or storage solution in place. This might be your desktop office applications, sales, IT security, or even enterprise platform add-ons.
The principal drivers of SaaS applications for business also apply to security applications like hosted access control and video. These drivers can be tested and exposed through a ESRM methodology deployed by a Security Risk Management Services (SRMS) provider. Here are a few of the drivers we have found:
- Time-to-Value (T2V). If you are interested in cutting the time and cost it takes to deploy a solution, consider that you would be avoiding purchasing, installing and setting up your own server as well as configuring your purchased on-premise application.