In line with measures taken across Europe to restrict the spread of Coronavirus, REVO has implemented a work from home policy. We are committed to our customers and wish to reassure you that REVO will continue to deliver the service and support that you need.
Our staff will still be on hand to speak to you via telephone on the usual numbers, which will be redirected as necessary. We will also be able to support you via email and online.
We send our best wishes to all our customers and hope that they and their families remain safe and well during this period.
Why is User Identity Management important for ITSM
User Identity Management is not necessarily the most pressing priority for businesses when it comes to their IT Service Management. But there are three very good reasons for moving it up the list.
User Identity Management is:
Good for the user
Good for the IT team or department
Good for the company
The User
Most employees need access to numerous apps just to do their everyday work. Once they have logged on to their computer/laptop/tablet or even smart phone, they will often need to spend time logging into these individual apps when they are needed. This will require different passwords and perhaps usernames for each.
Maybe your employee’s role changes, they get a promotion or start working in a new team with new requirements. They will need to ask and wait for new apps to be downloaded into their system and new access rights to be approved. All this takes time out of the employee’s day.
Installing a good user identity management tool, such as OneLogin, is a small step that can make a big difference. Each employee will have a single login point for all their apps. This means they have access to all the apps they need as soon as they log on to their desktop. If their role changes, the new apps can be added instantly at a touch of a button, including access rights, and will appear when the employee logs on next.
The IT Team
Security is a big hurdle for IT. Helping employees to stay connected to what they need, without have to spend time installing and changing access and passwords for multiple apps on a range of devices is time-consuming. Passwords being shared to enable faster access to apps is a real security concern. And if employees bring in their own laptops, how can the IT team ensure that the apps they are given access to are secure outside of the office? If an employee leaves the company suddenly, IT needs to remove access immediately.
Again, this is where User Identity Management can help. It can streamline the installation for new starters and add and remove apps from individual users at the touch of a button, whichever device the user works on. IT will not have to waste time providing new logins for new apps or recreating new passwords to replace those forgotten or shared.
The Company
For all these reasons, User Identity Management is good for the business as a whole. It makes the company more secure, more efficient and more effective.
Please let us know if you would like to learn more.
Can your ITSM tool properly serve individuals and learn from each interaction?
Let’s take a minute to look at OneLogin and how it can unlock greater ITSM performance.
Personalised service is becoming the norm, whether you are an employee of a mid-to-large organisation or a customer seeking help with a product or service. At its best, most people won’t notice that their enquiry is being handled in a step-by-step process. They will simply feel well taken care of and, hopefully, receive the information or resolution they require.
The limitations of knowledge in ITSM
ITSM tools are only as good as the processes configured to take care of such customer enquiries. Typically, tools are limited to the knowledge of the person or people setting up the processes within the system. Service can quickly come apart when customer demand shifts or a new issue arises.
ITSM tools have long utilised knowledge bases to automate and adapt service. The team operating them typically uses knowledge data to help with new and existing customer issues. But the right knowledge can be hard to access and difficult to automate, preventing fast and efficient service from call handlers.
Delivering personalised, targeted knowledge with OneLogin
This is where an identity management solution – combining your service management tool with OneLogin, revolutionises the collection and delivery of accurate knowledge and improved service. But this is not just the management of user logins, it is the ability to match and assign Active Directory users to services and to then enable the creation of a more agile service structure where knowledge can be properly stored and accessed. Services are more personalised, knowledge is more targeted and the system is able to grow and adapt. This means the need to rethink tool processes and engage in time-consuming and expensive maintenance is removed. In addition, this has the benefit of increasing user adoption. Agents find the system easier to use and customers receive a better, more automated experience.
How can Revo help deliver this?
Revo helps organisations to deliver a more joined-up, collaborative and personalised service management capability. 4me – takes care of the service management; OneLogin – deals with user identity management; and Revo connects and integrates other applications for improved service performance. We call this joined-up approach Business Service Management, and we would love to demonstrate its capabilities. Please let us know if you would like to learn more.
4me launches Auto Translation to remove language barriers that impede collaboration
4me has just announced that its Auto Translation feature has been released. This feature is intended to remove language barriers that may hinder collaboration. Not having to hire support specialists who speak multiple languages can significantly drive down the support costs for service providers. It also eliminates a problem for organizations that operate in countries such as Canada and Belgium where they are legally required to give their employees the ability to work in the official languages of those countries.
4me’s Auto Translation feature can significantly improve efficiency by allowing enterprise employees and the experts who support them to work in their preferred language. This feature works in 4me for all requests, problems, releases, changes, change tasks, projects and project tasks. When someone opens one of these records, the Auto Translation feature starts by detecting the language in which each note is written. Any notes that are written in a language other than the user’s language are then translated for the user.
Cor Winkler Prins, CEO at 4me explains:
“Users already had their language registered in 4me. This ensured that 4me’s user interface is presented in the user’s preferred language. Now 4me automatically translates any note that is written in a language other than the user’s preferred language. We have also made sure that multilingual users can turn off Auto Translation for any additional languages they are comfortable with. When releasing an exciting feature such as this, we endeavor to make it as easy as possible to use. That is why Auto Translation also works in the 4me App and 4me Self Service. That allows end users and support specialists to all work in their preferred language.”
4me’s Auto Translation feature already supports 20 of the world’s most spoken languages. It is free of charge and already available for all 4me customers.
While attending SITS19, Martijn and Simon took time out to discuss the Service Management industry and how 4me and Revo are helping customers to transform their businesses and the services that they offer to their customers.
Martijn Adams on the market today:
“These days, you see that the services that companies provide to their employees are no longer just delivered by the company itself, they have many different service providers. Research shows that the average company has 13.5 service providers helping them to deliver services. The problem that we see is that you need to be able to collaborate, to monitor their performance and to track their SLAs. “
Simon Martin on how technology can help:
“On our journey we have been looking at different products and we selected 4me due to an alignment with both the market need and our own vision – to make delivering service better for our customers.
“You need to be sure that your vendors are giving you the support that you are paying for at the same time that your customers are getting the support they are paying for. 4me allows you to take that chain from end to end, measuring it and producing real-time reporting to help you to manage and know the support that you are being given and that you are giving.”
A brief look at OneLogin and what user identity management means for users
Managing your day-to-day apps
When rolling out any new technology across a business, it is vital to think about how the user of your chosen technology will interact with it and what it will mean for their daily working lives. We thought it would be helpful to write a series of articles on how the user interacts with some of the technology that we sell and support.
OneLogin is, in essence, a powerful tool for single sign-in user authentication, app management and account security. So, other than the clear benefits that this offers to the IT team, what can users expect when they are working for an organisation that deploys OneLogin?
The key thing that users will notice is that they will log in just once – to the OneLogin portal instance of the company that they work for. Once logged in, they will then be able to see a dashboard of icons for all the apps that they are allowed to access for their day-to-day work. The beauty here is that they then only need to click on the app icon to gain immediate access – no more entering different usernames and passwords. Needless to say, this is a great boost for the user as they can get on with their day rather than having to worry about passwords and login info for every app. What is more, you can receive access to a new app from the moment that IT adds it to your OneLogin dashboard.
Simpler and more secure
OneLogin is particularly useful when you require access to many different applications from different suppliers or if your supplier requires you to log in to different tools individually. Security is also improved, given that there is only one account to maintain or reset if needs be. From a user perspective, you still only have to worry about one username and password, which is a great thing for the user and a great thing for IT as well!
Refocusing Service Management for the whole business
Delivering service management is no longer just the responsibility of IT
As the needs of the business, its staff, customers, partners and suppliers grows, so too do the demands on service provision. In a stripped back and simplified way, IT has been able to deliver quality service management to company staff and even customers. The problem is that as the number of groups requiring service has grown, the complexity of the requirements themselves has increased. Repackaging the service desk as a one-size-fits-all strategy will not lead to satisfied customers and will undoubtedly lead to a perception of inefficiency.
The pitfalls of delivering service to more and more people
Service management has been presented in many guises to cater for the increasing demands – Help Desk, Service Desk, ITSM and Customer Service Management to name but a few. The problem has always been that vendors have repurposed an existing approach to IT service and rolled this out to other business functions or departments. For example, if HR wanted to offer services to staff, IT would deploy a version of its existing tool with logging, self-service and so on. This would usually involve a separate instance of the tool, which may not be integrated well with the IT instance. The results are obvious – increased complexity for the management of the tools and increased costs to the business.
It is important to highlight that none of this is IT’s fault. Vendors have not made it easy for the IT team to solve complex service issues and instead have been repurposing existing approaches and technologies. What business needs is a more connected and integrated approach.
Removing the barriers to collaboration
Having a service management tool that enables internal, external and supplier collaboration is great, but different departments and individual staff will be using other tools to communicate, collaborate and share data on a daily basis. Using apps to improve collaboration and the overall service experience helps but there are often issues with security and access. Attempts to integrate these apps can be tricky and costly. This can often lead IT to limit the apps that staff can use, making the department unpopular and stifling collaboration and productivity.
Business Service Management is one approach to solving these issues. BSM is not a single product, it is a unification of the best technologies to support the whole business through service management, integrated apps and user security. For example, Revo combines its service management tool, 4me, with Cloudpipes to help to manage all the app integrations that your organization will need. These are accessed via OneLogin, to provide a high level of security. All the apps and integrations are managed and controlled centrally and accessed by users through a single login.
When delivered correctly, BSM enables internal, external and supplier collaboration rather than stifling it.
Go beyond Service Management and ITSM by offering open service delivery with BSM.
Service technology solutions can be deployed in several different ways. But which is right for you and which offers the security you require?
At a high level, there are usually three different options for service technology delivery, either locally hosted, or private or public cloud or a mix thereof. Here we explore the basic principles of each option and look at the security considerations.
On-premises
Generally speaking, on-premises solutions are physically located at an organisation’s office site or in a hosting location of their choice. The application in use and all the data associated with it is stored on a server or a private cloud in this location. This enables the organisation choosing to deploy in this way to fully control their own security and access to the data and application. This also means, however, that the company is responsible for maintaining the hardware the application is being delivered from and maintaining security and access to that server location.
Cloud SaaS
Cloud or SaaS (Software as a Service) solutions are hosted and delivered via an off-site cloud system, typically accessed via a desktop or mobile browser. All data and configuration is held in the cloud and does not reside on the client site. Updates to the application, along with all security and availability, are usually the responsibility of the vendor who is delivering the service with no upkeep of physical servers to be considered. Cloud solutions are usually also subscription-based and involve a monthly or annual fee for use. Vendors provide cloud services via backbone providers such as Amazon Web Services or Rackspace, and often offer 99 percent plus uptime guarantees and the ability to load balance in region for optimal speed and performance delivery.
Hybrid cloud
A hybrid cloud solution is one where an organisation uses a mix of on-premises private cloud and public cloud services. It can offer flexibility as it allows workloads to shift between the two when capacity and costs change. Sensitive workloads and data can be hosted in the private cloud, with less critical workloads hosted in a public cloud. If a company has regulatory requirements for data handling and storage, then this can be provided in the private cloud. Or perhaps an organisation could host its e-commerce site within a private cloud and their corporate site within the public cloud. Public cloud services such as Microsoft Azure or Amazon Web Services provide scalability, giving an organisation the ability to pay only for the resources it consumes. The important thing is to have the technology in place to allow the two clouds to connect and interact.
Which deployment option is most secure?
There really is no simple response to this question, as it greatly depends on the security of the application you are using and how access to the app is maintained and secured ̶ no matter which option you choose. It could be argued that on-premises solutions are the least secure, as they are entirely reliant on the security of your own infrastructure and your IT team’s ability to keep everything patched and up to date. Maintaining the application, and the operating system of the server it resides on, becomes the sole responsibility of your organisation. You also need to consider your network security and how users will access the server application.
While cloud SaaS offers a cost-effective solution to many of the on-premises software issues, it is vital to remember that not all cloud SaaS is equal. Check how the vendor application is delivered and that it supports a high level of security such as TLS encryption. It is also important to learn about how the cloud service will be delivered and by which service provider. This will affect both the security and the speed of your chosen service.
Hybrid cloud can be seen as the best of both worlds, offering both robust security and scalability. It is, however, a more complex and therefore expensive alternative to cloud SaaS. It is also, due in most part to the ability to provide cloud bursting, a solution that will appeal to a smaller group of organisations that could truly benefit from such technology.
Which deployment method is the best for you?
As has been demonstrated in this brief overview, which delivery method is best for you will depend on your use case scenario, the sensitivity of your data and the size of the budget you have at your disposal. With increasing threat levels to data security, it is vital that you fully explore what is involved in each of the delivery options offered by vendors. Look at the way in which they deliver cloud and also how secure it is, as not all services are created equal. Also remember to factor in hardware and staff costs if you are considering on-premises options. Having all the facts at your disposal will ensure that the decision you make is the right one for you and your business.
If you would like to learn more about ITSM and IT security, please download our eBook today.
If you are wrestling with the idea of moving your customer and application data to the cloud, there are several fundamental things to consider.
Who owns the data?
The premise of switching to an ITSM SaaS solution is that you take your customer data and store it in a non-physical location that you don’t own. This does not mean that you relinquish control and ownership of that data, though. Vendors have no desire to take ownership of your data and will most likely distance themselves from this in their service level agreements (SLAs) and contract agreements with customers. Most providers will also restrict their own company’s access to your data, unless you activate the ability for a support administrator to make changes on your behalf. This can be turned on and off at your discretion. It must be remembered that the vendors have a vested interest in protecting your data, its integrity and ownership at all costs. Trust and ownership are, after all, key to growing their own customer base.
Data encryption
Another area of concern for any cloud application and its security is the way in which data travels between the user browser and the application itself. Most users will be aware of SSL (Secure Sockets Layer) and the encryption it offers to online shoppers in particular, but for secure transfer of application data this has been replaced by TLS (Transport Layer Security). TLS has a greater encryption level (256-bit), which is the same level of security employed by banks. The TLS process secures the communication and transfer of data between browser and app, creating a symmetric encryption which is unique to each and every connection. Advanced ITSM cloud solutions that employ this encryption method will also use the protocol to secure email transactions between the application, end-users, managers and support specialists.
Vendors and their role in maintaining application security
Cloud ITSM vendors will employ many security and access protocols to maintain the service that they supply to you. Access and usage of the system is frequently monitored and threats or attempts to gain access or to action unauthorised operations are dealt with immediately. Because of the threat to data integrity, and of course the vendor’s bottom line, it is common for the vendor to continually test its own code and cloud environment security, so that it can patch any vulnerabilities before they occur. This is also true when considering application updates and releases – where it is not only the security that needs to be tested, but also the impact that it will have on user data access and process.
The modern security threats we now face will force organisations to scrutinise their IT network, infrastructure and software assets. ITSM already offers much of the data and analytics that will help with such scrutiny, but the way in which this application and others across the business are delivered can also increase security and reduce the burden on IT. The cost savings in assets and their maintenance creates a compelling argument for a move to the cloud. But reducing costs and increasing security is only the beginning. Organisations still need to look at how they can improve network and asset security to face down the hacking threat. Savings in ITSM deployment are a serious route to consider as it this will free up vital IT budget for other security solutions that are more far-reaching and targeted than ITSM alone.
If you would like to learn more about ITSM and IT security, please download our eBook today.
Recent events such as WannaCry and other hacking threats have caused budget holders to refocus on network and end-point IT security – but they may be missing the point.
There is little doubt that headline-grabbing events such as the WannaCry NHS attacks in the UK and beyond cause businesses, both public and private, to re-evaluate their IT security policies and the tools that they use to keep company information and networks secure.
In the days following the attack, it was clear that the ever-increasing number of network and end-point security-led vendors were extolling the virtues of their application suites in protecting against and, in many cases dealing with, an existing threat. The picture was gloomy to say the least and you can see why organisations then flocked to Infosecurity Europe to engage with such vendors and spend more budget in these areas.
To face these modern threats, however, it is necessary to do more than just buy in increased IT security. Of course, this has a significant position in the IT arsenal, but there are many other areas where businesses can hugely increase their own data and application security, and this is where ITSM can play a significant role.
Service delivery has grown in terms of its reach and now typically manages both internal and external customers. This includes an ever-increasing amount of self-service automation, where customers can interact with the organisation in a more virtual way and have their issues or service requests resolved automatically. AI and chatbot functionality is adding to this automation and will soon be a common way to interact with first-line support.
But how does all this affect the IT security debate?
ITSM has traditionally been deployed as on-premises SaaS or a hybrid solution. Indeed, the many organisations that have been sensitive about their customer and employee data have driven the hybrid market, keeping their data in-house and maintaining their own IT infrastructure in the form of servers to hold the data. Such a set-up has one clear disadvantage though in this new era of security investment. Owning and maintaining your own server infrastructure is expensive and increasingly time-consuming. Servers need to be patched, updated, secure and guarded against the modern threats. In essence, they have become an expensive liability that the IT team is desperate to protect as a part of its responsibility.
Modern threats require modern thinking
The benefits of SaaS are easy to evangelise, but the concerns for many organisations about pushing their data to the cloud run deep. The fact is, though, that the modern security threats faced by many of these organisations can be resolved in a large part by switching their application usage to the SaaS model. Of course, not all SaaS is created equal, but there is no doubt that it removes the burden from IT in updating the applications in use and maintaining a costly infrastructure from threats. Instead, the management of such threats resides with the vendor supplying the ITSM application and, of course, the solution backbone that delivers the SaaS itself, be it AWS, Azure or similar.
Furthermore, the delivery of ITSM SaaS gives IT departments a whole raft of other benefits in security terms. Many ITSM vendors offer the ability to manage licenses, deploy patches and updates and can remotely control a user’s system in doing so. But what happens when an employee’s device becomes infected, gets stolen or hacked? One of the key benefits of switching to SaaS is that you can immediately block an account and then access and control and reinstall the account on another device. This can significantly improve the control that IT has over user access, but it also hugely reduces the complexity and time taken to rebuild a user laptop for example – something that is a common outcome of hacked or compromised devices. From an IT security point of view, I would go as far as to say that a modern disaster recovery set-up should always consider a SaaS approach as the best option, managing licenses centrally – deactivating and reallocating licenses as needed and backing up profiles and data in the cloud rather than on a local machine that could be damaged or stolen.
Embracing mobile IT increases the ability to react to threats
SaaS ITSM also gives users the ability to access their service applications securely via mobile devices such as smart phones and tablets. This not only gives greater working flexibility, but also enables users of the system to react more quickly to potential threats or incidents from any location rather than relying on an often-complex connection to an on-premises system. The key thing to remember here is that your IT practitioners need to be able to utilise modern technology and modern devices to react and cope with modern threats. ITSM can help you to not only mange these threats better, but it can also give you a greater understanding of the issues and incidents that are creating possible threats that can be resolved to increase data security. Removing more complex infrastructure and allowing your data to reside in the cloud will unburden your organisation and give you more budget to invest in other toolsets that will truly protect you from future threats.
It is therefore more important than ever to look at the ITSM solution you are using and to re-evaluate the way in which it is administered and deployed. There are myriad ITSM solutions that are rethinking the way in which service management is delivered, many of which will likely save you money rather than incur a frightening replacement cost. And this is the real beauty of switching to SaaS – it gives you an increased level of IT security and may not be as costly as you think!
If you would like to learn more about ITSM and IT security, please download our eBook today.
Skip to content
