As a provider of managed cloud services, you’re challenged to administer and secure large numbers of customer tenants and users. Each tenant is likely to use multiple SaaS applications, so the administration job can get very complicated very fast.
As your customer base grows, the native SaaS application management tools available from ISVs simply don’t keep up. ISVs are accustomed to each organization managing its own SaaS deployment, so they developed their SaaS administration tools without cloud service providers (CSPs) and the multitenant use case in mind.
As you administer large volumes of tenants, users, licenses and user groups, you can’t afford the slowdowns that can occur as your customers’ users concurrently submit service requests across many different services. With increased complexity comes increased time and cost, so getting rid of the administrative complexity in a way that allows your SaaS managed services business to scale is essential to your profitability.
What’s the Alternative?
You can improve the scalability of your managed SaaS services business in a couple of ways. If you’re already using the administrative capability that comes with each ISV portal, you can combine these portals with some best practices for handling tasks in standard ways and curbing administrator access rights. These steps help ease the burden of administrative complexity for better business results.
For even greater improvements, you can turn to third-party solutions purpose-built to address multitenant issues that exist with every CSP. Developed with cross-service multitenant management automation at their core, third-party SaaS management tools enable your managed cloud service business to scale quickly and lower your service costs, allowing you to become more profitable.
One way or another, as a CSP, it’s imperative that you gain broad visibility into your multitenant customer environment and that you’re able to easily access and efficiently manage all of them. Let’s take a closer look at your options.
Microsoft’s Partner Center Shortcomings
One of the most widely deployed SaaS applications is Office 365. Microsoft makes its native Office 365 management portal, Microsoft Partner Center (MPC), available to CSP program participants. If you qualify for access to this program, you can use the Microsoft CSP portal to handle basic administrative tasks.
But let’s say you have a large number of tenants in different industries and of varying sizes. Each might use its own mix of Microsoft cloud apps, such as Exchange, SharePoint, OneDrive, and Skype. MPC can’t consolidate the views and access you need into a single pane of glass, and it requires manual intervention to perform many administrative tasks. On its own, then, it’s not well suited for the challenges you face as a CSP for the following reasons:
- Multiple Tools to learn- Using MPC as is, your administrators will have to learn different SaaS management systems for each application in the Microsoft suite. They’ll then have to toggle between them continuously as they juggle multiple requests for onboarding and offboarding users, managing licenses and groups, and remediating other service requests across the various applications, tenants, and user groups.
- Poor access control- On top of not having a convenient, unified view of your customer environments, you won’t be able to granularly define what each administrator can access with MPC. MPC’s shortcomings with access delegation put your customers at risk from the growing specter of insider threats, which by some estimates account for as much as 74% of today’s security breaches (see the Nuvolex white paper, “Blocking Insider Threats to your SaaS Environment”).
- Unmet multitenant SaaS requirements beyond Microsoft- If your SaaS management offering extends beyond the Microsoft cloud stack, MPC won’t support your multiservice needs. This is a big consideration given that your customers are very likely to consume SaaS applications other than Microsoft now or in the future. You’re going to need SaaS application administration that’s heavily automated across every major SaaS application your customers consume.
Multitenant Best Practices
Service remediation speed is key to making SaaS management a profitable business. So as a CSP, if you’re using the native administration functionality within each SaaS application such as the MPC management portal, it makes sense to establish some best-practice steps that will help you accelerate service remediation and prevent costly Help Desk slowdowns and escalations:
- Establish standard practices and train your staff to handle all requests the same way across all customer accounts. You will need to work with customers to establish what those standard practices and services are so they don’t continue to submit one-off requests that, when they occur in large numbers from many customers, slows remediation to a crawl.
- Organize administrators’ credential using password management programs or any number of other approaches.
- Distribute tenant access on a “need to have” basis and minimize the number of credentials each administrator is given.
- Investigate third-party tools that are automated and engineered from the ground up to solve the cross-SaaS, multitenant management scalability problem.
What You Gain with a Third Party Tool
You can use third-party, multitenant SaaS management tools to augment or replace the native ISV management portals you may be using, such as MPC. They collapse the many SaaS administration capabilities you require into a single-pane-of-glass management experience. With all SaaS applications in one place managed by standardized methods, your Help Desk personnel can easily handle their administrative loads without escalations to higher-cost IT personnel. Service remediation is accelerated and so is your capacity for turning a profit.
You’ll want a third-party platform that brings critical auditing capabilities to the table. The system should be able to track all the administrative actions taken by your Help Desk staff across all customers and the SaaS applications they consume. It should produce easily accessible logs of all access and administrative activity to help you enforce your own compliance policies and meet those of your customers.
Another benefit of third-party platforms is that your administrators access your customer environments by proxy. This is a more secure approach that keeps administrators from having direct access to all customer data (as with MPC), instilling customer confidence in your ability to enforce its internal security policies and external compliance mandates.
Usability is Key
Not all third-party SaaS management tools are created equal. Just because a solution delivers single-pane-of-glass visibility, for example, doesn’t guarantee that the SaaS management solution is easy to use. Can you administer SaaS applications and users for an SMB with 10 employees as easily as you can for an organization with many thousands of users? How intuitive is the user interface? Does it support fully customizable role-based access controls for delegating granular administrator access to help you mitigate insider security risk?
It’s tempting to compare platform feature lists across vendors, check off capability boxes, and just choose the solution with the most boxes checked. That approach can be short-sighted, however.
You might discover, for example, that the solution with the longest features list is cumbersome to use, which slows your administrators down. At the end of the day, you do need the rich multitentant functionality, but you also need a universally intuitive solution that has administrators up and running fast. Ease of use translates into higher administrator productivity, accelerated service remediation, lower costs, and greater profitability.
As you transition your managed services business to also support the administration of leading SaaS applications, keep all these issues in mind. Succeeding and profiting as a managed cloud service provider is all about having the right tool for the job.