Why Your Company Needs a SaaS System of Record

April 17, 2019 in Compliance

Team leaders throughout the years have relied on technology systems of record to keep their data organized. A system of record is the authoritative data source for a given type of information, and the software that maintains this data becomes the organizational foundation for certain business processes. While many options exist for systems of record for single-lane disciplines like sales, HR and finance, there’s one area of business operations that many organizations have not systematized: SaaS.

Part of the challenge around adopting a SaaS system of record is that no single department “owns” SaaS anymore. This challenge is also the single biggest reason to evolve from ad-hoc processes to a system of record. In the past, a command-and-control approach to IT management meant that the IT leader owned the procurement process for all hardware and software. Rarely were employees empowered to make their own purchasing decisions.

Today, that reality is much different. Team leaders often select the tools they need for their direct reports to be productive. While this level of autonomy is great for business, it can also get messy when it comes to budgeting, security, compliance, and common business processes, such as onboarding and offboarding. Many employees today, regardless of their level of technical knowledge, spend the majority of their time at work using SaaS apps. Their reliance on these apps leaves little room for error for organizations to get SaaS management right.

Continue reading »

SOC 2 and Data Access Controls: What You Need to Know

March 29, 2018 in Compliance, SaaS Stack, Security


Guest post by Schuyler Brown, co-founder strongDM

As a part of our Blissfully SOC 2 compliance series, we invited strongDM to write a guest blog post about the challenges of data access controls, and why database management is important in the scheme of completing a SOC 2 audit. Blissfully used strongDM in our SOC 2 technology stack, mapped to the audit requirement of logical and physical access controls. Read more in our recently published SOC 2 Compliance Playbook.

Continue reading »