KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Join identity experts at KuppingerCole Analysts and SailPoint as they discuss the challenges of on-prem identity security solutions, the benefits of moving to software-as-a-service solutions, how to determine if that’s the right option, key questions to ask, how to quantify the financial impact, and how to choose the right solution.
Nitish Deshpande, Research Analyst at KuppingerCole Analysts, will look at the how legacy IGA systems can be modernized as part of digital transformation strategies. He will also share some tips and explain what needs to be taken into consideration when moving to the cloud to achieve future-proof identity security.
Chris Gossett Senior Vice President of Technology Services at SailPoint will explain the core benefits of upgrading to cloud-based identity security, the financial and business implications, and how to get started. He will also provide an overview of SailPoint’s approach to cloud-based identity security and SailPoint’s Identity Security Cloud Upgrade Program and Assessment for existing customers.
Join identity experts at KuppingerCole Analysts and SailPoint as they discuss the challenges of on-prem identity security solutions, the benefits of moving to software-as-a-service solutions, how to determine if that’s the right option, key questions to ask, how to quantify the financial impact, and how to choose the right solution.
Nitish Deshpande, Research Analyst at KuppingerCole Analysts, will look at the how legacy IGA systems can be modernized as part of digital transformation strategies. He will also share some tips and explain what needs to be taken into consideration when moving to the cloud to achieve future-proof identity security.
Chris Gossett Senior Vice President of Technology Services at SailPoint will explain the core benefits of upgrading to cloud-based identity security, the financial and business implications, and how to get started. He will also provide an overview of SailPoint’s approach to cloud-based identity security and SailPoint’s Identity Security Cloud Upgrade Program and Assessment for existing customers.
Hello everyone and welcome to today's webinar, business Value of Cloud-Based Identity Security. I am research Analyst and KuppingerCole, and today I'm joined by Chris. Chris is Senior Vice President of Technology Services at SalePoint. Before we begin, there are some housekeeping points. So you all are centrally muted. We are all controlling this centrally so you don't need to mute or unmute yourself during the entire webinar. We'll run a few polls during this webinar and you will see the results during the q a session, which will take place in the last 20 minutes of the webinar.
So I encourage everyone to take part in this poll and cast your votes. The q a session towards the end will take place and you can enter your questions during the webinar at any time by going to the go to webinar control panel. And finally, this re the webinar is being recorded and we will share this recording and the presentation slide like with you in the coming days.
In today's webinar, we'll begin with identifying what are the challenges of legacy systems, the best practices for migrating to cloud-based identity security solutions, as well as what are the key drivers that are forcing organizations to move to cloud-based solutions. Next we have Chris Gosset who will then explain the business value of cloud-based identity security as well as SalePoint overview of identity security cloud upgrade program. And finally we'll have the discussion and the Q session. So before we begin, we have a poll for you, so we'll run two polls.
This is the first one and it is how is identity security deployed in your organization? Is it a cloud B on premises, C, hybrid or D? None. I think now we can give you, you have under 30 seconds to cast your words, so please go ahead.
Okay, thank you for your words. We will, I'm looking forward to see the results during the q a session and we can now begin towards the actual webinar. Before we go into detail about the cloud-based identity security solutions, it's important to know what are the challenge of the current current legacy systems and also how can the cloud-based solutions provide advantages. All legacy systems as currently modern world, more and more identities are created. The organizations have to take care of millions of identities. So this has moved human capacity. You need AI tools for automation.
So legacy systems are currently being challenged in this section. Also, legacy systems are difficult to maintain. You need a dedicated team to maintain these solutions and they're also hostly. Let's take a look at the challenges in more detail. So one of the challenges about legacy systems is digital transformation in, as I explained, current world, we need, organizations are moving more towards the digital world, so organizations need to be equipped and educated about how they can achieve this. Legacy systems are currently not equipped to tackle this solution.
Next day is upgrade, upgrade fatigue due to the need for new features or security updates. The, it's quite a lengthy process and software solutions to patch and new features and security features.
Also, you have staffing issues around legacy systems. You need a dedicated team to run and maintain the software. Then you have the limited scalability of software solutions. They're not flexible enough so they're not ideal for future organization growth. And then you have higher management costs. So when you need a dedicated team, you have higher end management costs associated with that when compared to cloud solutions. And finally it's the corporate initiative.
So when you want to move towards the cloud solution, it's quite important to first align with the key stakeholders within the organization and this can co, and this is one of the challenges. So who takes the initiative? Who most of the organizations don't know where to even begin. So that is one of the challenge. Next we can see how a cloud-based solution provides advantages over these. In a cloud-based solution, you have continuous delivery of updates and the rapid next you there's the cloud best solution is outsourced. You don't need a expert team within organization.
This also saves cost, the total cost of ownership then you have or cloud-based solutions are also flexible. They are multi-tenant and can provide scalability options.
Again, cloud-based solution means no in-house infrastructure. So this reduces total cost of ownership.
Again, what are the key drivers for moving to the cloud? The current trend that we are observing is the, these four trends are responsible drivers are responsible for moving to the cloud. So you have digital transformation, as I mentioned earlier than lower cost. Legacy systems are very costly to maintain that improved security cloud-based solutions provide improved security. You can provision depro provision access immediately. And finally, AI driven automation.
When moving to cloud-based solutions, there are a few best practice practices which you can follow and they are, first you need to define a target operating model. You need to identify the gaps, the requirements within organization, and also you need to consider the total cost of ownership for migration. Once you have identified the gaps and the requirements, you have to evaluate the potential candidates based upon your requirements and select a provider.
Also, it's important to consider tech technical and financial factors. When selecting a provider. We know one size fits all solution is not possible, so you need to under prioritize what you need first. Then it's about planning the migration. Identify all the entities and resources that will be affected in this migration pilot migration program and in the beginning, just improving round to create trust.
Once you, you have established this and then you can move towards the actual migration. Once you are in this process, you can decommission the legacy systems, so sunset legacy systems. And in this process also check for orphan accounts to eliminate further data breach risks during this entire process unit to ensure data protection. So evaluate potential data loss and data points and also ensure data protection when you're migrating from legacy to cloud. So you can provide different options based on such as archiving or backup.
Once you have the solution in place, it's important to have a team that is trained enough to tackle the new features of this solution. So operating in a, operating in an observation monitoring mode is crucial. And then evaluating and measuring the results of the migration. Now we come to the second poll. What would be the driving factor for your organization to move to cloud-based identity security? Is it A digital transformation?
B, improved security, C, lower cost, or D, all of above. I think you can now cast your vote. The poll is open again, another 20, 30 seconds.
Okay, I think that's it. So thank you everyone again for your votes. We will discuss the results in the final q and a session. Now moving on, I would like to invite Chris, so Chris, Hello everyone. As Naish said, thank you very much for joining us. I really am looking forward to the rest of the webinar and especially the q and a session later on. As just said, I'm Chris Gossett, I'm the senior vice president of technology services here at SalePoint Technologies.
I've spent the last 23 years of my career in the identity space and one of the most exciting things I got to do was help SalePoint develop our SaaS service identity. Now, when we launched it probably about nine years ago, and one of the things I'm doing today, which I'm very excited about, is leading a team that helps our on-premise customers navigate their solutions to the cloud. So today I thought I'd share a little bit of that journey, a little bit of what we've learned as a company and a little bit of trends in the market that we're seeing from customers as they're moving to SaaS.
So I've got some slides, we'll just walk through this again, I think there's a q and A here at the end. So if you have some questions on the way, please make sure you write those down. We're happy to answer them as we go along. So really there are these four pillars that are important as you, as we've seen customers migrate to cloud, right? Architecture, security costs, deployment and release schedules and really dive into these in detail on the next few slides. But as we're going through this, those are the things I think to keep in mind if you're considering this move.
So we look into architecture, one of the first questions we get a lot is, you know, can I just move my on-premise system to be cloud hosted? Many customers we engage with, as you saw earlier, have digital transformation efforts. They're hearing from their broader business. We want everything out of the data center. And it's tempting sometimes to think, you know, maybe the right answer is just lift and shift, if you will to the cloud. That is can be a viable option for some customers.
You know, it does move things out of the data center. It may make things more congruent with the rest of the organization as far as where, you know, systems are being hosted and and things are being managed. Unfortunately it is, while it is a step towards kind of cloud transformation or dig digital transformation, it's often an insufficient one. A lot of the challenges that you heard earlier around legacy software still remain.
It can be more expensive than running these in your own data center and it still requires that deep expertise both now on the software that you may be running and then also on the cloud technology that it's hosted in. The next click that we often hear from customers is a switch to hybrid. And this really can be that kind of incremental step. Maybe I'll run my legacy system on premise and I'll get a cloud system or maybe a cloud hosted system as a step towards the cloud.
This can work well and we do see some customers having success with this, specifically customers that ha, that have a very complex identity security environment or customers that have been in using identity security for a long time, right? If you think you've been doing this for 15 years, you have thousands of systems under management, you may need multiple steps to get to the cloud and this can work really nice. The downside to this of course is that you now are maintaining two different systems and you know, sometimes we would say paying two mortgages where you're as you're moving houses.
And so we work with customers often to try to limit this step as as kind of an interim solution that may be viable for a year or 18 months, but probably isn't the long term answer for most of the customers. We're working with the final step and you know, we obviously think is the best and we'll spend some time diving into why is really a multi-tenant SA solution, right? And one of the things as you're looking for this, you know it, it's there, there are multiple approaches to this.
Some multi-tenant SaaS solutions are in the identity space, are very limited and that may be fine for very limited customers, but what we see is that most customers outgrow those solutions fairly quickly. You want to find one that can model complex business processes that can really focus on flexibility that's designed to scale with your business, not just from the number of identities and systems under management, but also can changes your business changes. One of the key lessons I think we've learned at SalePoint over the years is that business is never static.
There's m and a divestitures reorganization changes and if you have a very limited and brittle identity solution, that's going to be painful as the business moves on. So looking for a, a solution that can really be flexible in scale is very, very important.
And there's some really nice benefits to this and again, we'll go through this in the next few slides, but moving to multi-tenant sass really frees up your team to work on the actual identity program as opposed to having to be experts in databases or cloud technologies or application servers or complex configurations or Java or Pearl or whatnot. So that's really one of the big drivers we see from customers and one of the big benefits that they're getting is they move to sense. And then lastly, it's just a modern approach.
You know, this really is setting customers that are choosing this route, you know, on a, on a very modern platforms that allow them to be able to, you know, have that technology in place for many, many years to come. I, I really like this graph and this is showing really two things. If you look here on the bottom, it's time and on the, on the Y axis we're looking at features and this really kind of highlights some of the challenges with that cloud hosted approach or maybe the hybrid approach.
If you're in this kind of upgrade cycle and you're spending more and more time configuring the solution and maintaining the database and maintaining some of the things that I would call not an identity program configuration, but kind of just the, I'm working to keep my system up to date really on that blue line, right?
And that while you can add more features, you can increase your identity program, get more systems under management and make progress in those solutions, it is at a reduced rate because there is a tax, if you will, around having to maintain these systems around having to do these upgrades, having to monitor them, having to do security patches, et cetera, et cetera. I'm sure many of you on the call are, are understand exactly what I mean by all of that.
If you compare that to a multi-tenant SA solution, which is that purple line, freeing the team up not to have to deal with that effectively moving that to the vendor's responsibility allows the customer teams to really focus on what they should be doing in the first place, which is building out a more rich and a more robust identity security program. This means adding more features, adding more systems under management, doing more certifications, building a better role model, getting to what we all try to do is getting to that least privileged state.
And that's really the benefit of of choosing the right multi-tenant SaaS vendor and really making this change. And that's really what our customers that are on this journey that have moved from our on-premise solution to our SaaS solution are really starting to see. And it's exciting.
You know, we've done a lot of case studies and we have some of these on our website if you're curious and certainly at some of our conferences we've had customers speak about just the rapid success they've had with SaaS and about the continuous success they've had in their program. I think for too long in the identity market we've seen customers that make a little bit of progress in phase one or phase two and then stall out because the burden of that blue line suddenly becomes too much and they just, their teams can't do anymore.
And that's honestly the most exciting thing about the, the SaaS coming into the identity market and and being able to take advantage of that is that we see customers being able to make continuous progress and really getting to that ultimate vision of identity security, which is, hey, across the enterprise we should have every system under management. We should be able to say what employees have access to what, what non-employees have access to what and be able to apply roles, policy and security on top of those identities to really get to that least privileged model.
The other thing that multi-tenant SA solutions provide is enhanced security. What does this mean? This means that again, we free up customer teams not to have to really worry about changes in the security market.
I'm sure, again, everyone on this call is probably well aware that there seems like every day there are new exploits and security issues coming out and along with that new patches from various vendors and the time to value to remediate that can be large, right? The vast example of this is one that happened not too long ago, I'm sure most of you're familiar with this, that log for j, exploit for Apache, log for J it was a very, very common library that was used across many, many different applications.
SalePoint by the way, was not was a customer that used that both in our on-premise model and our on-premise system and our SaaS products, our on-premise customers, we were a good vendor. We released a patch the same day this came out, we posted it to our website, our customer success team told all of our customers about that and then it was their responsibility to go and deploy that, which is fine and they did that successfully with thankfully a fairly easy security issue to remediate.
But that obviously takes time and effort and sometimes, you know, customers can have long change control cycles or you have to divert resources from other projects to go and work on that. And some of our customers took some, you know, weeks to get that fixed. If you compare and contrast that to our SaaS platform, that got fixed on the back end, it came out immediately after the vulnerability was announced. We announced to our customers that said, Hey, this is remediated. Just so you know, you don't have to do anything.
And so being able to rely on a central security team that is constantly monitoring the system that is focused on no downtime, that's focused on on keeping our customers safe and secure is a really, really big benefit for a multi-tenant task solution.
And if you think earlier kind of back to the, you know, maybe cloud hosted or hybrid or maybe a single tenant cloud hosted offering, you know, all of those, all of those solutions have that problem I just described and all that scenario, you're in that kind of upgrade world and when things like this come out, important changes need to be pushed quickly. Being able to go through that upgrade cycle can be cumbersome and difficult. And so really when you get to the kind of multi-tenant SaaS solutions is when you get out of the business of having to worry about that.
The other thing I'll mention mention here is just the benefit of multi-tenancy and having a SaaS vendor that can really, that is really focused on this. One of the great things to look for as you're considering a solution is, you know, is there, are you, is every customer on one version? And why does that matter? That matters because when things like this come up or changes need to be made, having a central team that updates one version of a software allows that team to be very nimble.
It allows them to find problems quickly if there are security issues, they can identify those and track those down, compare and contrast that to customers that are vendors that may have thousands of different versions or thousands of hosted platforms. Trying to find security in that is almost like a needle in a haystack. Trying to remediate those security issues is non-trivial and can take massive amounts of time.
So choosing a partner that can, that puts security first and foremost and that can respond quickly to security incidents is just a really important aspect as, as you're thinking about which way to go with your identity program. The other thing I'll mention is deployment time. If you think about the legacy of identity, and I mentioned earlier, despite my youth will looks, I've been doing this for 23 years. We used to think in the identity market and the solutions that were in the market were, you know, very, very much kind of toolkits, right?
A platform to build upon and that worked well when identity was something that was more worried about efficiency. We would spend a lot of time writing Java or writing pearl scripts or writing seek code to basically create customizations to on-premise toolkits and that would work for a while and then key people would leave the organization or the upgrade would come and the upgrade would be difficult or take lots of money in time and we just learn that there has to be a better way.
We can't rely on computer scientists or maybe masters of computer science to be sitting on the keyboard writing custom code, configuring really difficult solutions. And we thought there has to be a better way to do this. And so this is kind of the trend for multi-tenant SaaS solutions and the identity market And certainly something we've embraced at SalePoint is this idea of let's make things really easy to configure. Let's be able to model complex business processes without the need to write custom code, without the need to write really difficult workflows.
And, and it's systems like that or that allows you to basically take advantage of out-of-the-box configurations. This means those deployments go faster, you don't have to spend as much on professional services dollars, you don't have to spend as much maintaining it.
And again, it's one of the key reasons that that SaaS solutions and cloud solutions are really freeing up identity teams to work on the things that matter as opposed to maintaining tens of thousands of lines of custom code. I will mention one other point here, and this is a question we often get, which is, but wait, I'm really special. My business is really different than everyone else's. I need these really custom processes and that can be a real thing. There are some businesses that require really deep customization and whatnot.
And I think, you know, what we're learning is that there's a bell curve, right? And what we see is the vast majority of customers can fit inside the SaaS platform given at least at sale point. The flexibility we have along with kind of the ethos of being able to model these complex processes really is a must for any, I think, real identity security product. And so what we're seeing is that the vast majority of those really can fit inside of a SaaS deployment.
One thing to look for is you're choosing a vendor or thinking about which way you're headed is you want to think about some of those customization and see if there are, you know, can you have a custom workflow? Can you create a custom connector? Can you call out to an event trigger system if you need to pull data in at places maybe that the vendor didn't plan for?
There's a, a lot of trends in the market to be able to do kind of fast web or fast cloud web-based programming and looking for a vendor that's embraced some of that because the idea is, you know, you will have some things that that may be outside the box and you need to find a way to model those that scales and that is easy to maintain and that it's not just punt out and write a bunch of custom code and then you're kind of back where you started.
So that's a key component and something that's key to look at and I think, you know, a, a good sign of the market and where we're going, which is being able to model those complex processes again without massive amounts of, of configuration. One of the other key points I think that customers in this market are seeing and benefits of customers that have moved to SAS is basically being able to get new releases on demand.
And I think this is a really good litmus test to figure out if you've chosen the right product and if you're, if you're in the right place, the idea of upgrading to the cloud and being able to, to make those trade-offs and move things out of your data center and lose a little bit of control over that kind of falls apart if you still have to upgrade the software all the time. And especially if you're relying on your vendor to upgrade that software, you know, if they're promising to do that, you know, once a year or so or you know, how is that going to work? Is it going to be smooth?
Are you gonna have outages? It can just get really d really painful. Same thing if you decide to stay on a on-premise system. Now obviously, probably speaking breaching to the choir here a little bit, but I'm sure people on this call are familiar with that upgrade process, which can take some time and effort and cost some money to do one of the benefits of going through a true multi-tenant SaaS solution.
And certainly the one of the benefits that we've seen at SalePoint come through in, in a big way is this idea of every customer on the same version, constantly getting new features, customers being able to take advantage of those features as soon as they're ready, never having to upgrade again, never having to deal with upgrade outages or painful upgrades, changing functionality because the new version doesn't support it. Again, choosing the right SaaS vendor who's embraces that, you know, that no, no upgrades and always staying on the right version is really important.
And again, I think the, a key cornerstone to the value proposition, the, that graph I showed earlier about being able to deploy new features and freeing up your team if you're having to upgrade multiple times a year, even if the vendor promises they'll do it for you, it's going to make that much, much harder to realize and it's gonna feel a lot more like a legacy solution than it is like a modern multi-tenant solution. The other thing is cost of ownership.
And this is one of the great things, it, it really is kind of fun and one of the things I really enjoyed getting to see the SAS transformation happen at SalePoint and for our customers is, you know, we effectively have built a better solution that's cheaper, which is just really a fun place to be. And why is that, right?
Why are, why do customers see a lower overall cost of ownership with with sas? Well one, it's probably obvious, right? You don't have to maintain hardware anymore.
You know, those servers, those databases, the firewalls, the infrastructure you had in place before to run an on-premise solution is something that SalePoint or a multi-tenant SA vendor, the cost for us to bear. And the beautiful thing about that, again, especially if you're choosing a vendor who has one version, that those costs get amortized over the entire install base. So it's just easier to operate and it's means that it's cheaper for SalePoint and cheaper for you all to, to to use. The other idea is maintenance, right?
Gone or perpetual licenses gone or those version upgrades gone or having to upgrade your, your database or your application server to te to or Java or whatever to keep track of those systems. Again, that maintenance is becomes the vendor's responsibility.
And again, if it's multi-tenant, that gets spared across the entire install base. So those cost savings get passed under to end customers. And then finally, personnel, we already talked about this a little bit, some customers when they move to sas it frees up people to either build the program better, as I mentioned, you know, get to that, find that elusive least privileged model, build out your role model, add more systems under management. Some customers also decide that they're, you know, gonna assign personnel to do other things in the business that may be more pressing at that time.
So freeing up people to work on more impactful things in the business than doing that infrastructure maintenance and the, and the hardware and software maintenance can be really impactful for businesses. And then obviously that kind of, if you think about bringing that upgrade model along, if I've got a, if I need to upgrade once a year, if I don't have to do the regression testing, well now I've just freed up more either dollars or people's time to spend on maybe more important things.
So those are kind of the benefits and I think some of the things to think about as you are thinking about, you know, is upgrading to the cloud the right thing for, for me or if you're dealing with a digital transformation mandate from the broader business. I thought I'd also spend a little time just to show you what this looks like inside of SalePoint. So I mentioned earlier I lead a team of people that help our customers navigate this transition, both kind of pre-transition and post. So we're taking really happy on-prem customers and turning them into really happy SaaS customers.
But I thought I'd show some, some learnings and just explain how this works here cuz one of the questions we get a lot is, oh, okay, this sounds great, I'd love to be in the cloud, but what is it gonna take to get from, from here to there? And how much time and effort do I need to put in? So here's how this works. At SalePoint, we do this in about four weeks for our customers. We start with kind of understanding about the business, about their business, their business and about their program.
What's important today, we call this kind of the business review step, but it's basically a way just to take a fresh look at the identity program. Many of our customers have mature programs, many of you probably do as well, but most likely, you know, the, this is a program that's grown over time and the business has changed as I mentioned earlier. And so taking a fresh look at that and understanding what's important today, what are the big drivers, why are we having this conversation? What are the goals to move to cloud? What are the changes that need to happen in the business?
Is really the cornerstone of, of what we work with the customers on. From there we wanna make sure customers understand what they're buying, right? So we do a demonstration of the product.
We, we do something really interesting here as well. Now if you were a customer off the street and came and asked for a demo of our SaaS products, we would be more than happy to do that and certainly can explain it. But for our customers that are on-prem and our customers that, that already understand the SalePoint model and already understand how things work, we do a really nice kind of compare and contrast and explain, you know, what we do when it comes to security, how the architecture works, what we do when it comes to our operations, what their responsibilities are in the future.
So really doing a nice kind of compare and contrast of the way things work today and how things can work in the future. That way customers really understand what it means to upgrade to the cloud. And a lot of what I walked with through with you in this presentation are the things we're explaining in that program to our, to our customers. From there we really dive into what they have deployed in their on-premise solution.
And again, you know, this model works for our Dimi IQ customers, but for other customers as well. We can look at what's deployed in maybe an Oracle system or a legacy I B M system or a legacy saving system or things like that. Understanding what's there is really important and it allows us to really be able to map out the next step, which is that business value assessment. Once we really understand where customers are going, we give them a good idea of, of what, what the target is.
We understand what they're doing, we can really look at that total cost of ownership and understand exactly what it's, what the benefits of moving to the SaaS solutions are, what the benefits, what total cost of ownership benefits they'll see and really some other benefits as well. You know, as I mentioned earlier, being able to free up teams to work on more important things is really exciting.
And so through this step we kind of, kind of really show the art of the possible about, you know, how what, what, how customers can use the, the team they have to really achieve even more security, even more efficiency, be even more compliant in the future. This all leads into the fifth step, which is a solution review. And this is really one of the penultimate goals of the program, which is showing exactly how things work in the cloud.
Giving a high level plan, as I mentioned earlier, some customers who are very complex, who have been with us maybe for 15 years, maybe two steps or three steps to get to the cloud. Most customers though, we're seeing this can happen in kind of one upgrade motion that takes a few months. But this plan really details exactly how functionality maps in the cloud, how any customizations can either, either happen out of the box in, in the sale point solutions or any configurations that we would need to do do to address those business requirements and then really gives that high level plan.
And then finally all this gets wrapped up in a nice executive readout that is, that is designed to be presented to the, the broader business that can explain, you know, what we've learned, right? This is a good customer to migrate, it's going to take four months, we're going, it's going to look like this when it's complete. We're in two years, we'll see this great business return on this investment.
You know, this is kind of the learnings and all of this is done in kind of a customer advocacy program. You know, this is not a sales effort necessarily. This is really just trying to help our customers answer those questions that they're often getting from the broader business of, you know, is it time to think about moving to the cloud? So this is how this works at Sale point really where as we just tried to explain to our, to our on-prem customers, again, what it takes to to if they want to make that transition to the cloud. So what are we seeing some really exciting things, right?
Again, you know, on average it's, it's four months or so for customers to make this upgrade to the cloud from our on-premise solutions. And they're seeing, you know, a pretty significant reduction in total cost of ownership, that kind of 10 to 30% on average. And the great thing is they're getting to take advantage of all of the things I talked about this morning.
You know, obviously our customers are choosing to upgrade to the SalePoint identity security cloud, get the advantages of that multi-tenant solution, right? They're getting a solution that can manage all of their identities that's easy to maintain, that's has AI insights and they can help them build that least privileged model that performs that scales that we maintain. And that really most importantly is this identity platform that's API first that lives in the cloud, that's easy to integrate with the rest of their business. I thought I'd just give you one example.
So this is a US manufacturing company with about 4,000 identities that we recently just went through the program. You can kind of see, you know, what they're seeing from a tco and this is just one I pulled out recently.
You know, the, the pink line there on the bottom are their SAS cost over five years. And the blue line is the on-prem cost that are projected over the next five years. You can see at about 20 months they cross and the customer really starts saving some significant money on the SAS solution. And you can see on the right the the bar charts that, that really detail exactly how those costs break down between the different systems.
Again, this is pretty typical for customers. You know, often what we're learning as they go through the program is there's a little bit of a migration cost initially to basically move those configurations into the cloud. One of the nice things about Sale point by the way is we have some tools that make that easier because we own the on-prem side and the SaaS side. We can move things like connectors and roles and rules and identities and correlations and configurations over automatically, which helps.
But even for customers that are coming to us from other systems, it's not that hard to move those configurations over often. The hard work has already been done. And so really just reconfiguring that and, and the south side is usually fairly straightforward. And then obviously as we talked about this morning, being able to get out of the business of having to upgrade, of having to maintain the infrastructure of having to to, to basically do the wear and tear on the team allows customers to really free up those resources to go work on things that may be more impactful.
So just a couple of key key takeaways before we move into the q and a section. You know, one of the things I think that's important on multi-tenant SAS and certainly something you should be looking for, you know, moving to the cloud and to a multi-tenant SaaS solution means that getting out of that infrastructure, not having to manage security programs, operation programs, having to upgrade databases and app servers et cetera, really allows you to free up resources to work on more important things.
Hopefully those more important things are a more robust identity program, but we'll see customers use those freed up resources in all kinds of interesting ways. The second thing is, you know, solutions that in the cloud or SaaS solutions like SalePoint allow you to instantly get those newest features and functionality and to be able to put those to use. I didn't really talk a lot about that in the presentation this morning, but that's certainly key.
And one of the challenges of having to wait for an upgrade is that, you know, there may be a new F functionality that's great, but if you're 12 months away from doing that upgrade and taking advantage of it and then a couple of months after that of having to configure it with a lot of professional services dollars or cust or difficult customizations, that kind of is a functionality that you never get to use, right? That sits on the shelf.
One of the benefits of multi-tenant SaaS and customers being on the same version is you get to instantly take advantage of this features and functionality and that's certainly something that we hear from customers that they really appreciate. And then finally getting outta the upgrade game. I think overall customers are very excited about this as they move to SaaS. We often talk about through the, through the migration program that I'm leading, you know, the upgrade to SASS is really the last upgrade customers ever have to do.
You know, once they get on that multi-tenant sass program, they now suddenly are there forever, right? And they don't have to deal with upgrades again. We take advantage, we take care of that and they're freed up to work on better things.
Finally, I'll leave you with this If, if I piqued your interest, if you want to learn more, we have a microsite on salepoint.com that you can find that is our migration hub. We have a lot of case studies there, there's some really interesting information. There's a white paper that we put out that we really dove into more details on what it means to upgrade the SaaS, some of those benefits, et cetera.
There's some videos and an ebook, so lots of really good resources on the sale point page if you wanna learn more about what our customers are seeing as they upgrade to the cloud or just some best practices and tips and tricks. So I'd like you to check that out. Thank you very much. And with that I'm gonna pass the mic back and I think we're gonna start the q and a session.
Perfect, thank you so much Chris. So let's begin with the poll results that we have. I can see the first question which we ask is like, how is identity security applied in your organization? And 41% said cloud, 32% said on-premise, 23% said hybrid and 5% said none.
So what, what are your thoughts on these results? So cloud seems to be major of the solution, but on premise is also not too far behind yet.
Yeah, no it that's, I think that's interesting, right? And I think that's certainly aligned with what we're seeing, right?
You know, cloud is a very, very big trend in the market. A lot of the things we're seeing from our install base is that they do have these digital transformation efforts. There's a lot of pressure to get things migrated from the on-premise data centers out into some version of cloud. So I think that's, that's interesting.
And also, you know, it's also shows, I think another trend we see in the market is that sometimes identity solutions can be complex and have their tentacles in lots of different places. So, you know, deciding, you know, the right path to upgrade it makes sense. So that kind of large number of hybrid and non-prem customers probably isn't, isn't very surprising either. Perfect. And the next question that we had asked is what would be the driving factor for moving to cloud?
And the options we had were digital transformation, improved security, lower cost, all, all of the above and 57% have answered all of the above while lower cost being 33%. So I think everyone agrees with the points that we made today. So do you have any other things to add in this one? I love the, all of the above. I think that's really great to see.
Oh, it's interesting when we first started identity now, like I said, almost 10 years ago, one of the big reluctance is in the market was security. And I think we heard a lot of customers say, I'm not so sure about putting my identity data in the cloud.
You know, my CRM data for Salesforce or you know, my ticket information with snow may be good enough, but I'm not sure about identity. And it's nice to see that, I think mostly that reluctance is gone in the market, right? I think customers realize that, you know, that cloud can be a very secure place to store things and certainly the, you know, level of effort that that companies like SalePoint take to, to maintain identity data. That's the compliance aspects, the security teams, the focus of that feels like, you know, that's, that's largely an objection that's gone.
And the idea that it's 57% all the above doesn't surprise me at all. Right? I think we're seeing those tensions being pulled or being pushed on our, our our customers, right?
Of, hey we, we we need to lower our costs, we need to move to the cloud. Like, you know, do this now is is is a common thing we're here we hear at simple, Right? Perfect. So that thing wraps are pulled results then we can jump into the Q session. I already have the first question here. So the question is they're asking is when upgrading from on-premise to cloud, can I migrate any existing setting and policies or do I have to start from scratch? So what have you approached, observed in your upgrade assessment program? So can you maybe give us some thoughts? Absolutely.
So I'd say two things here. So I think, you know, if you look at, you know, the program that we have at SalePoint in particular and for customers that are migrating from our on-premise solutions, I mentioned in the presentation there's some tools that allow us to move things like roles and policies, connectors and applications up to the cloud. That's a nice benefit we have because the, again, we understand the on-premise side very well obviously and in our SaaS product share some of the same constructs for if we're migrating customers that are coming from maybe a legacy solution.
Obviously there the kind of one-to-one migration doesn't exist. However often the hard part of the work is done in an identity program. And the hard part usually is figuring out, you know, what, how should this work, right?
What are, what should those policies be? If you think about often when customers are starting on their separation a duty journey, they know they want to do this and a question will ask a lot is, well if you define the policies and if the answer is no, well then that's usually the first step is to go and figure out, okay, what are these toxic combinations? How do I do that? But if those are defined in an existing solution and we are already well known, it's not that hard to be able to configure those in a new solution.
So in that case there may not be an automatic one-to-one port, but being able to articulate, yep, these are our toxic combinations, let's configure those in the cloud, is relatively straightforward. And then as I mentioned, right, going with a cloud solution that doesn't require that can do configurations and not customizations with a lot of professional services means that configuring that is often just in the UI being able to define a policy or a role or a rule with the existing tools.
And so doing the work is fairly straightforward and then obviously the benefits of doing it in the UI mean that you don't necessarily have to spend a lot of time debugging and troubleshooting and testing because the system's effectively guiding you through that process. Perfect, thank you so much.
Yeah, we already have a second question. It's so they're asking, can I just have my on-prem to be cloud hosted, this way I can keep my customization and be in the cloud. That's certainly an option and I think we see some customers opting for that, especially customers that have digital transformation efforts where their CISO says, Hey we need to be out of the data center yesterday. Right?
Fortunately, lifting and shifting and existing on-premise solution into a cloud technology is often more expensive and you're still left with some of the challenges of maintaining complex customizations, having to do upgrades on a regular basis and then now you have a little bit of a burden where your team now has to be aware of the database technology that's in the cloud, you know, connectivity with the cloud and how that works. You've added a bit of a another layer of complexity on top of it. So it does solve some problems.
It may be able to check the box to your CISO that says, yep, we're out of the data center, we're good. But often that comes with some tax of being more expensive and then also, you know, maybe a little harder to maintain than it was in the past. So I think what we're, what we see at sale point is that that can be maybe a stepping stone and an interim solution as customers get ready to make, you know, a journey to to, to a multi-tenant system.
Perfect, thanks. And we have one more question. What are some of the common mistakes that you saw organizations make while migrating to cloud?
So I, I think one of the most common mistakes, and I I talked about in our assessment program, right? That kind of first step where we're taking a wider look at the business and really understanding what, what does the business look like today? One of the nice things about upgrading to to identity now at Sale point is it gives customers a chance to kind of take a fresh look at their program and not just assume that the existing solution they have is defining every requirement they have, right?
So being able to take stock of where the business is to really understand what's working well on their program, what isn't, and then being able to chart a course towards, towards a new solution is really an important step down that path. You know, often it's interesting we'll get in and we will, you know, start looking at, at at, at existing legacy systems and we'll understand, you know, why does it work this way? You know, can you explain, you know, what's happening here?
And often what we hear from customers is either they don't know or you know, while they were coding around some deficiency in some ancient identity system. And so really understanding kind of, hey, what does the business need from this? And then being able to go back to the business with a best practice answer, you know, this is the way this works.
We've done this for a long time at SalePoint and being able to say, you know, this is the way 99% of customers do an approval process or a certification process, we need to do it the same way, can really free up businesses to not kind of paint themselves into a highly custom corner and really can make the system much, much easier to maintain. We have another question here with the current I IQ on brand option to do configurations, customizations is good.
Can we address the business cases like integrating with Apache Kafka as o t when we move to cloud, how much these features such as custom connectors, quick links we get when we end up in the cloud? That's a great question. So you know specifically on identity iq, if you think about things like connectors, so one of the nice advantages of the way we did this at SalePoint is the connectivity framework is the same between the on-premise system and our cloud systems.
So things like custom connectors, even existing custom connectors can just port over from the existing identity IQ solutions, which is a really nice advantage and I, I mentioned this earlier although I didn't really go deep, that idea of, you know, just moving to the cloud, if you move to a cloud solution that is, you know, light, right? That can barely do anything, you're, you're gonna lose a lot of functionality.
And one of the benefits of at least the SalePoint approach is we really started off with the idea of hey, we knew we wanted to be multi-tenant, we knew we wanted to make something easier for customers to maintain, but we were aware that we had to be able to model complex business processes. You know, SalePoint grew up in the enterprise space, we deal with some of the largest companies on the planet when it comes to their identity needs. So having that flexibility to be able to model those processes is really key to to our identity strategy in the cloud.
So things like integration with Kafka, things like Quicklinks and being able to kick off custom processes are things that are just kind of table stakes for us. And so, you know, there, there are some bounds, you know, identity security cloud is not, you're not gonna write a lot of Java, you're not gonna be able to create your own webpages and things like that that you may be able to do on identity iq but the idea of hey, I want to gather some information and kick off workflow is absolutely something that we can support. Thanks Chris.
So I don't see any more questions coming our way, so thank you so much Chris. So for everyone attending, thank you for your attending. We do have some slides for you as well, such as this one. We are having E I C event in Berlin this year from May 9th to May 12th and key topics that will be covered range from securing identities, decentralized identity and many more. So hope to see many of you there and looking forward. Next is we also have many related research around this topic. So please head to our website, we'll find more content on this topic of cloud security and skipping our call.
We also provide multiple services, so such as advisory research and the webinar and event. So please check out our website for more content and thank you everyone. Thanks Chris, it was pleasure to host a webinar with you and hope to see you again soon.
Yeah, thank you all. I really appreciate hosting the webinar with you as well. And thanks everybody for attending. Thank you. Bye.