Using a software-as-a-service (SaaS) open source code scanning and policy management tools is not that different than maintaining sensitive corporate customer data in a SaaS CRM solution. Yet, the latter sees mass adoption while the former still raises security questions and concerns relevant to both.
SaaS solutions that are user-friendly, secure, portable, and highly manageable may have gotten their start with storing customer data and sales information, but the sky (literally) is the limit for cloud computing. The ultimate question I am answering in todays article is a common concern that my customers have expressed during sales calls:
“Is the cloud a safe environment for an open source policy management and scanning platform?” Yes… believe it or not it is just as safe and possibly even more secure than a traditional “installed” software solution.
In 2012 just about everybody in the IT industry knows about the value of leveraging cloud solutions and rightfully so; the numerous SaaS platforms that are being developed daily is fascinating. The value of the SaaS solutions removes all IT expense for the physical infrastructure of servers and eliminates the overhead of potentially hiring or allocating system administration employees for maintenance. This awareness is partially due to the amazing success story that is SalesForce.com. One could even make the argument that SalesForce.com single-handedly has forged the path for the future of all SaaS solutions.
SalesForce.com was founded in 1999; almost immediately its SaaS platform began to see significant customer growth and today they advertise over 100,000 different companies as customers. Take a moment to consider the size, in terms of head count, of the sales and marketing teams for all those customers. Imagine the exponential data the employees of 100,000+ companies record into a cloud every day. Take a few more moments to consider what this data represents.
It might include notes from cold calls, account managers notes from client meetings, sales strategies, proposals, contracts, purchase orders, marketing collateral, or marketing and sales automation strategies. There is probably also some very confidential and closely guarded information about a company growing their customer base and increasing the bottom line.
Depending on your target customer base and how much importance your organization gives to customer confidentiality that last sentence probably raised an eyebrow or two when decision makers were first considering a SaaS CRM like SalesForce.com.
In our comparison, the purpose now is managing access to open source software downloads, implementing and tracking an actionable open source software policy, and achieving a very diligent level of compliance for open source software licenses. Managing data about open source, some of which is also sensitive and confidential in nature and can be voluminous, is really similar to successfully on-boarding an infinite amount of new customers and their attendant data. Selecting a platform for the scalability of the cloud can be a pretty attractive solution to both of these challenges. Additionally, a secured private cloud solution eliminates the concerns that may exist around the long-term sustainability, and scalability of data, as well as the functionality of an installed application and associated platform.
So I now ask any SaaS platform users, how is storing the following:
Any different from a SaaS solution that stores data related to:
If major corporations are comfortable storing and managing confidential customer information in a CRM SaaS solution, than why should storing and managing information about open source software use and compliance be any less comfortable?
Allowed tags: <a> link, <b> bold, <i> italics
If you read a post on The Enterprise OSS Blog, please leave a comment. Let us know what you think, even if it's just a few words. Comments do not require approval, but they are moderated.OpenLogic reserves the right to remove any comments it deems inappropriate.