I am a typical enterprise knowledge worker. I extensively use Microsoft Office. I switched from a Windows PC to a MacBook a few years ago. But during these past couple of years, either I, my department or my enterprise has adopted a TON of SaaS apps that now fit into my daily workflow.
As I stop and evaluate the consequences of this phenomenon, I am stunned at how screwed up and brittle my daily workflow has become.
But before I go into what some of these issues are, let me paint a picture of my typical SaaS app usage:
- For file sharing and syncing, I use both Box and Dropbox
- For CRM and customer support, I use Salesforce, but I also use Dunn and Bradstreet, RainKing, Data.com and others
- For email, we recently moved to Office 365
- For collaboration and online meetings, I use Lync, Webex, GoToMeeting, On24, Zoom
- For note taking, I use Evernote
- For professional networking and recruiting, I use LinkedIn
- For expense management and travel, I use Concur and Tripit, but I also log into dozens of travel, hotel, airline and frequent flier sites
- For payroll, I log into ADP
- For HR and benefits, I log into MyBenefits, Anthem/Bluecross, and every year we seem to change health insurance providers
- For accounting and finance, I use Intuit but will likely move to something like NetSuite
- For social media, I log into my Twitter account but also the corporate ones. Same for Facebook.
- For spam filtering, we still use Postini, although we will be moving to a different service soon
- For marketing automation, I log into Marketo
- For engineering and product management, I regularly log PivotalTracker
- For personal goal and task management, I use Trello
- For IT support, I log into Zendesk
- For fantasy football, I use Yahoo! Sports (Disclaimer: I rarely use this from the office…)
I also have to manage and share access to many, many dozens of partner sites.
I love my apps, I use them every day. I use them when I wake up and use them in the car. I use them at work and when I am waiting for my lunch to be served. I use them at my in-laws, but let’s be real – any distraction is sufficient there…
Now granted, I am an ISV product manager and am rather promiscuous when it comes to adopting new applications. But a simple survey of any enterprise department is going to uncover an extensive list of 100s of web applications that require a separate username and password for each one.
Now most of us cannot possibly remember secure, complex and unique passwords for every app we use. So there are really only a few logical behaviors:
- Use the same username and password in as many places as possible. We are all guilty of this. I won’t even ask for a show of hands … 😉
- We try to make at least some (like our financial accounts) more secure by using unique or more complex passwords. But this doesn’t scale, so we start to store them in a spreadsheet or in the browser or even on Post-it Notes.
- Use a personal password wallet where all of your passwords are stored in a single file or cloud service.
No matter which way you go, passwords do not scale, are not secure and must not be trusted — if at all possible.
Enterprises have tried to get rid of the use of passwords on premise through the use of single sign-on technologies like Kerberos or in the cloud like Federation (SAML, WS-Trust, OpenID, etc.). But many projects have either failed or missed expectations. Nor have they delivered. In my extensive conversations with these enterprises, the primary reason is that they are not experts in authentication and federation, don’t want to manage a complex federation infrastructure (like Ping or ADFS) and want support for all of their applications — even those that don’t yet support federation.
If only there were a simple, turnkey solution provided as a service that supported all of my apps and delivered secure SSO, password walleting and was securely delivered across all of my devices (laptops, smartphones, tablets).
Of course there is! Check out Centrify, the only combined solution for Mobile Management and Federation SSO as a Service.