Conformity Helps Manage SaaS and Cloud Apps

We assigned a special guest blogger, Scott Francis, to cover Conformity’s recent launch and webinar event. Scott is Co-founder and CTO of BP3, an Austin-based business process improvement consultancy.   With 15 years of experience in Enterprise Software, Scott previously worked in early stages at two home grown Austin startups:  Trilogy and Lombardi Software.

At the recent Capital Factory Demo Day ’09, Mike Maples, Jr. gave a keynote speech in which he discussed an emerging “theme” that he sees within the Austin startup community. That theme is the convergence of Enterprise Software with the Community and SaaS/Cloud techniques of the Consumer space – essentially applying consumer Web 2.0 techniques to enterprise software.

In a twist on this convergence theme, Conformity is bringing enterprise software sensibilities to the Web 2.0 world of SaaS and Cloud computing. Conformity is focused on providing enterprise-class management to SaaS and Cloud offerings, including:

  • Data Security
  • Compliance Risk Management
  • Optimizing License allocation and expenses
  • Administration
  • Expanding SaaS / Clous usage to the appropriate audiences within the enterprise

Much of this is accomplished through better provisioning of users across all of the SaaS/Cloud offerings an enterprise employs. Conformity already has an impressive list of partners, including Google,, NetSuite, OpenAir, SuccessFactors, Xactly, QuickArrow, and Amazon webservices.

I sat down for a chat with Scott Bils, Founder and CMO, to talk about Conformity and the market for SaaS and Cloud applications. When I asked Scott how Conformity sells partners on the idea of participating with Conformity, he said that the idea sells itself – the Cloud and SaaS vendors recognize the problem as they get to scale, but they need a Switzerland-like solution to the problem so that all the other Cloud/SaaS vendors will play ball, rather than having SalesForce roll out one solution, and then each other SaaS vendor rolling out their own, and having a balkanization of user provisioning that is just as bad as the current situation.

There’s a pipeline of future partners already, and each partnership is a matter of sorting out the public and private APIs, or more primitive methods if necessary, of integrating. The point is to get the “dirty work” done behind the scenes so that the user experience of provisioning cloud and SaaS applications is seamless.

Inside-the-firewall applications can also leverage Conformity’s service – already Conformity leverages SAML, SSO, and AD/LDAP, but as well, automated provisioning or deprovisioning can be done for internal applications.

I also asked about the genesis of the SaaS working group, which just had its inaugural webinar yesterday. Scott’s response was that SaaS has had a lot of success in the mid-market, but that to really penetrate the Fortune 500 they have to make SaaS more accessible to those organizations existing policies and procedures. The SaaS working group is designed to explore those issues and propose solutions to them, or direction for vendors to address these barriers to adoption. The idea of the working group is more thought leadership than standards – they won’t be releasing an XML spec or API, but they will be exploring these key issues around the use and governance of SaaS and Cloud solutions.

The value proposition for customers of course is straightforward:

  • Centralized management of myriad SaaS applications, allowing companies to leverage the benefits of SaaS without losing control.
  • Better governance
  • Reduced risk
  • Reducing the cost of “empty seats” (seats that weren’t reassigned or decommissioned as turnover occurs).

The Enterprise SaaS Working Group webinar last week was a good inaugural event. Each of the board members was introduced and provided their own take on some of the chief challenges for SaaS adoption. Attendees included Michael Amend, Director of Enterprise Architecture at Dell; Scott Carruth, VP of Information Systems at Initiate Systems; Doug Harr, CIO of Ingres Corporation; Tom Fisher, VP of Cloud Computing at SuccessFactors; Steve Coplan, Sr Analyst, Enterprise Security at 451 Group; Peter Coffee, Director of Platform Research at; and Ryan Nichols, VP of Cloudsourcing and Cloud Strategy at Appirio.

Peter Coffee of Salesforce kicked off the session with two barriers in two words: “can’t” and “or”. The point being, that when a someone says that something can’t be done in Cloud or SaaS solutions, his take is that you can define requirements, costs, and a path for getting there. When someone says that something can be on-premise “or” cloud app it misses the point from his point of view. Tom Fisher points out that making the applications as accessible as consumer applications (from a usability, look-and-feel point of view) is key to increasing adoption. Steve Copland points to security as the chief barrier to adoption in his opinion- not that these issues are unique to SaaS, but that the SaaS solutions highlight this gap in most organizations’ policies, procedures, and governance.

Looking forward, Ryan Nichols of Appirio believes that the next 5 years most infrastructure will be moving to the cloud, or “cloudsourced”. Doug Harr takes this a step further – that while the second half of the first decade of the new Millenium has been a maturing process for the Cloud, going forward funding is only going to the Cloud – new enterprise applications are simply not being built to run on-premise, they’re being built to run in the Cloud.

There was general agreement that one can use several layers of abstraction in the Cloud – from building SaaS infrastructure from scratch, to building LAMP solutions and deploying into the Cloud, to leveraging one of the many layers of frameworks available to Cloud application developers. In some cases it makes sense to build these solutions directly onto, for example.

There was general discomfort with the term “private cloud” as it is often used. One usage proposed was that a private cloud was shorthand for a more efficient atomization and utilization of resources within a corporation – denoting the style of managing these assets. Another usage was the idea of a cloud behind a virtual private network – “behind the firewall” so to speak. Peter Coffee chimed in that if you have a bursty workload, you want to be in the cloud so that you’re not paying for peak load during non-peak times, but that if private cloud techniques help IT shops think in more modular, flexible terms, then that’s a good thing.

Most of the group sees consolidation as inevitable – that very few cloud frameworks will survive is already apparent. There is a proliferation of applications leveraging these frameworks being rolled out. Doug Harr in particular finds the consolidation disappointing because he’d like to be able to pick and choose best-of-breed in the future, but he also sees consolidation as an inevitable part of the market maturation.

Overall, this was a great webinar to expose newcomers to Enterprise Cloud/SaaS challenges. It also gives a sense for why Conformity may be in the right place at the right time with tools for governance and provisioning as the market evolves.

About Bryan Menell

Bryan is the Managing Editor for AustinStartup and the CEO of Mahana. He is a co-founder of Capital Factory, an investor and advisor, and runs the popular Austin Tech Happy Hour with his wife.


  1. As a quick followup, I wanted to include the link to a recording of the Enterprise SaaS Working Group. Courtesy of Scott Bils of Conformity, here it is:


  2. scottbils says:


    Great overview of our solution and the Enterprise SaaS Working Group webinar last week. I just wanted to add that anyone interested can view a recording of the webinar at Also, those interested in joining our mailing list to be notified of future Enterprise SaaS Working Group webinars and events should feel free to email us at

    Scott Bils


  1. […] by Scott Francis I recently wrote a guest article for Austin Startup that just went live today here, about Conformity, a startup in Austin attempting to solve a core process problem for enterprises […]