Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.

Xpandion and the Cloud: Compliance in Loosely-Connected Environments

Posted by in Xpandion
  • Font size: Larger Smaller
  • Hits: 6454
  • Print

I recently had a meeting with a group of CIOs about monitoring users in the cloud. Here's my take-away.

b2ap3 thumbnail iStock 000017225519XSmall

For the last couple of years, the cloud has proven to be both an obstacle and an opportunity for enterprises. Even the largest Fortune 500 Companies who like to have their data on their own servers can't ignore the cloud anymore and are forced to create a policy for using it. Even if they aren't moving over to the cloud just yet, they are aiming to do so in the future. So therefore, we vendors must support them in their current approach of working completely on premises, and in their future aspirations of working in the cloud. They need to know that if and when they want to go to the cloud, we have a solution.

A lot of software today, like for project management, CRM and HR, have stiff competition in the cloud due to the influx of VC investments for young innovative startups. However this didn't make enterprises move to the cloud until the big vendors like Adobe, Microsoft and SAP put pressure on and gave incentives to their customers to do so, representing a shift in the industry.

You will hear that cloud solutions require no hardware, can grow to infinity according to demand, and allow enterprises to "discontinue whenever they want." Although this is not the full truth, enterprises are still allocating dedicated budgets just for cloud solutions.

The Cloud and Connectivity to Internal Systems

According to a recent Gartner prediction for 2014, one of the challenges will be to connect between on premises applications and cloud applications. This isn't new news. Xpandion has been dealing with this over the past two years in at least two ways:

Monitoring users' internal and cloud activity from the same machine. Most customers install ProfileTailor Dynamics on their own servers where they need to monitor both the SAP machines, which are installed on the company's servers, and SalesForce, for example, which is in the cloud. This is critical if the organization wants to implement such processes as a "new employee" workflow that is triggered by an SAP HR event, and then open usernames in all applications, including SAP internally and SalesForce externally.

Accessing data internally from the cloud. If the customer chooses to purchase the cloud version of Xpandion's applications, the application needs access to data in the SAP systems, which are on the company's servers. For example, our cloud-version of Authorization Review needs authorization, usage and organizational data from SAP. Similarly, our cloud version of LicenseAuditor Inspection needs usage data from the SAP machines in order to find unnecessary and misclassified user accounts.

Enterprises and Cloud – Not a Love Story Yet

From our experience, enterprises, even the small and medium ones, still have a love/hate relationship with the cloud. They don't fully "get it," and considerations like final costs and data security are infecting their ability to make decisions towards putting data and using applications in the cloud.

On the other hand, business users aren't waiting, and they are actively pushing the enterprises for quick solutions. With some of our customers, we found that the business users will just sign in to accounts on Gmail, Smartsheet or DropBox using their corporate email address for their business needs. They claim that they urgently need a solution and they don't have the time to wait until the IT department makes a "corporate-wise" decision.

Add to this that some countries, like Germany, for example, have data regulations, and you understand the ambiguous feelings towards the cloud.

Our Solution to the Cloud Concerns

Since Xpandion's ProfileTailor software is produced for enterprises, we needed to embed solutions to these types of concerns in our products. We implemented two different mechanisms to answer the cloud concerns of enterprises:

A secure connection to the cloud. If the customer is already connecting internal applications with the cloud, they can also connect ProfileTailor via secure communication. Xpandion's products are equipped with secured APIs so they can work with external secured layers. Either the ProfileTailor Dynamics application connects directly from inside the company to SalesForce in the cloud, or it will connect via a message broker.

Using a software agent on the company's servers to exchange information with the cloud. Xpandion developed a special software agent that can be installed internally and exchange one-way or two-way data with Xpandion's cloud application. For example, if the organization needs to conduct an authorization review with Xpandion's cloud-based Authorization Review software, they download the client, upload only the relevant data to the cloud, and continue in the cloud. With some products, the communication can be bi-directional, like when LicenseAuditor needs to find the most suitable license type according to usage and update it for each SAP user account.

What Will Xpandion do in Q1 2014?

Just improve upon what we've been doing all along. Providing two versions of our products – cloud and on-premises. This way, we can ensure that either type of customer gets the best solution for the particular situation.

Connect with Moshe on LinkedIn or follow him on Twitter.

Moshe Panzer is the founder and CEO of Xpandion. He has over 18 years' experience as a recognized SAP expert, having worked as a senior SAP & ERP consultant, project advisor, project leader and development manager for large private corporations worldwide. You can read more about Moshe on Xpandion's Management page.


  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest 28/07/2017


in XpandionPosted by Yoav Michaeli

Do You Understand the Meaning of Behavior-Based Profiling?

Xpandion creates “behavior-based profiling” for business applications. Sounds impressive, huh? However, do you know what it means, exactly?

in XpandionPosted by Yoav Michaeli

Optimize Licensing Costs. Increase Security

These are amongst some of the most worrying words that enterprises and managers can hear.  And, yet, they are a part of day to day terminology- whether whispered behind  soundproof board room doors, discussed openly by upper management or colleagues addressing them casually over the wate...
in XpandionPosted by Dror Aviv

If It Ain’t Broke, Don’t Fix It

I, for one, feel confident when implementing new software on a client’s server or on our secured cloud; nonetheless I can’t necessarily say the same about the customer... Sometimes I feel that customers are a bit nervous when I’m around, especially when I ask questions about their SAP authoriza...
in XpandionPosted by Dror Aviv

Does Your Software Suit You?

When you go to a tailor to purchase a suit, do you prefer a suit that fits you 100%, in size and taste? Or would you rather get a semi-fitted suit, which is not quite your size (baggy…) and only close to the color you wanted? I’m pretty sure the unanimous answer is a 100% tailored suit – nothing les...
in Security & AuthorizationsPosted by Dror Aviv

CISO Advice: Shooting Might Not Be The Best Option

One of the perks of being a Senior Implementation Advisor at Xpandion is hearing our customers describe their many juicy company stories. And let me tell you, there are some doozies. This most recent one is a very interesting case.



157 Yigal Alon Street,

Tel Aviv 67443, Israel


US Office


3310 W Braker Lane Suite 300-253

Austin, TX 78758, USA


India Office


C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India