Archive for the ‘SME’ Category

Compliance, Identity and the SME

February 1, 2008

Matt Flynn brought this article to my attention. At the surface it covers an important topic. Typically software vendors get stars in their eyes over Fortune 1000 size clients while the vast majority of enterprises are not able to consume solutions designed for the “biggies”. So, interesting topic. But I found the premise a bit disingenuous. Particularly the line of logic expressed here by one vendor (condensed with names excised)….

“Most small to midsized enterprises have far fewer IT professionals on staff to manage the overall IT infrastructure, making the user access management issue more critical than their large counterparts,” says (XYZ), senior vice president of (Vendor).

Source: Processor Editorial Article – Automate Role Management & Identity Compliance

So far, so good. Can’t argue with that. Continue please…..

(Senor XYZ) recommends that companies seek out vendors that [also]……..have a strong consulting services capability with an implementation and management methodology that has been used successfully in the field at several different types of organizations.

Now, we’re off the reservation a bit. Having been an IT guy in a small organization (~700 users) in my very distant past I will say that if a vendor ever said, “you should buy my solution because I have good consulting services” all kinds of alarms would start going off.

My immediate response would have been, “if this solution requires vendor expertise to get it to work for me then it’s not designed for an SME like me.”

I actually think Europe is generally more forward thinking than the US enterprise in this regard. Generally, in EMEA, a key test of a product for a prospective buyer is if they can run their own Proof of Concept; No vendor Sales Engineers or consultants allowed. If the vendor insists that only one of their sale engineers or consultants can get the product working right – well, Failure Condition #1.

Admittedly most SME’s would love to get that kind of attention from any ISV. But most also know that the attention is fleeting. And when the next version of the product is released or when the use environment changes and the vendor’s solution needs to be reconfigured – good luck getting that level of attention again.

That’s not to say that an SME wouldn’t be well advised to pay a local integrator or reseller to deploy a solution for them. That’s a judicious use of resources. But any time you have to rely on the vendor to get it to work right…..that’s just an extended bout of heart-burn waiting to happen. Maybe Big Money Center Bank can invest that kind of cash resources and mindshare in a solution on an ongoing basis. But Regional Community Bank With Ten Branches probably can’t.  Or shouldn’t.