You have choices in certificate and PKI management – Why CSS?

You have choices in certificate and PKI management – Why CSS?

Posted by Tom Klein on Aug 10, 2017 3:41:43 PM
Tom Klein

The quandary in buying a solution to any business problem is am I making the best choice and will our company derive value from that selection?

In representing a variety of solutions to customers over more than 35 years, I have found a few consistent characteristics of customers that have been happy with their decision.

The problem, not the shiny object

The reason that companies search for software/services is to address a problem that caused corporate pain.  In the case of certificate and PKI management, there might have been a certificate related outage that interrupted commerce.  Perhaps a focus on breach prevention.  A need to enable new technology in the organization through certificates.  The “PKI person” left the business.  There is an initiative to move all services to the cloud.  In our experience, it is not one of the above, it is all of the above.

When vendors get engaged it becomes demo time and of course, just like when shopping for a car, everyone wants to show the coolest feature that is present in their offering.  That is the shiny object (which just happens to come at a premium price).  It is important that during demonstrations and proofs of concept that it is not a bake off of features but an examination of how the proposed offering completely resolves the holistic problems mentioned above.  It is about a comprehensive solution, not a partial fix to a segment of the technology ecosystem.  Treat the patient, not the symptom.  After first resolving the business problem, it must then align to the unique operations, security, people, and processes of the client.

The economic path 

The solution in certificate management and PKI operations is not magical and it certainly does not need to be prohibitively expensive.  It should be justifiable.  Today, clients are often driven into pricing and consumption models based on the financial desires of venture capital firms rather than on a documented Return on Investment (ROI).  There is more than just a purchase price:

  • Is there an option for both perpetual or subscription licensing?
  • What is the length of time from start to completed implementation?
  • Do I need to purchase custom services?
  • Do I need to add specialized talent to keep the system operational?
  • Can I integrate the solution into my enterprise or is the vendor required for all modifications?

All of these questions determine the long term financial impact to the acquisition of a technology platform.  Look at the cost in 1, 3, and 5 year models.  What options are available to maximize time to solution and ROI?  Always ask the question, what if my firm chooses to go in another direction, am I trapped and penalized by the terms of acquisition?  In the end, does the cost justify the comprehensive nature of the solution?

That was easy

Nothing is more frustrating than wanting to transact business and either the process, the terms, or the bureaucracy get in the way.  Business on both sides need to be conducted professionally and within corporate guidelines.  Clarity and brevity about product capability, pricing, implementation, impact to existing systems, approval processes, and procurement enable predictable and cohesive next steps.  An acquisition decision touches technologist, operations, management, finance, and executives.  It is beholden upon vendors to engage each aspect of the organization with the concise information those unique constituents require to come to responsible conclusion.

I like my partner 

People do business with people they like. No need to become golfing buddies and exchange holiday presents, but there is something to be said for the culture of an organization where their word is their bond.  That when problems occur, the company not only owns the issue but they are one step ahead in escalating.  Communications are prompt and bad news travels as fast as good.  This is more than “ I like my rep.”  I like the individual who chose to make a career choice with a company that has similar values as their own.  It becomes pervasive and shows through in quality, customer service, and long term satisfaction.  There will always be issues and challenges.  Having emotional capital with your business partner allows everyone to work through the difficult times and enjoy the good ones.

Each and every day, I and the company I represent needs to “earn the right to ask for your business.”  Not just at purchase, but over the course of a business relationship.  The acquisition of technology by an organization is a reflection on the people that make that decision.  The job of CSS or any vendor is to engage in solving a business problem in a manner that is consistent with the principles noted above.  Always the best compliment to be paid is having a customer say, “if I could do it again, I would make the same decision.” 

 

Learn More About CSS

 

Topics: PKI, Public Key Infrastructure (PKI)

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?