Total Cost Certainty Guide

CSS Differentiation on Value, Cost, and Trust

What is Total Cost Certainty (TCC)?

The acquisition of any product to achieve a business result is a combination of how well it serves the business problem, total cost to acquire including time to product use, and establishing a relationship with a vendor that you are depending on as a business partner.

This guide is broken down into three specific areas. Value. Cost. Trust. It also highlights how the CMS Public Key Infrastructure (PKI) Operations and Digital Certificate Lifecycle Management Platform specifically delivers on the proposition of Total Cost Certainty.

 Value

Value is defined by the client, typically with a criteria of relative worth, utility, or importance.  It is incumbent on the vendor (in this case CSS) to demonstrate to its client that separate from price, the proposed business solution provides a demonstrable path to better security and better operations.

  • Solution Fit
    • Nothing is a 100% fit. The key business drivers whether needing to deploy new technology or getting a better operational handle on infrastructure must be addressed. The CMS Platform is designed to address the key components of PKI Operations and Digital Certificate Lifecycle Management.
  • Business Impact
    • The impact may be on up-time, outages, security, or ease of use. Probably a combination of all of these and more.  No business should make an expenditure without having a solid impact.  What are your key impact areas?
  • Longevity
    • The problem today will not be the problem tomorrow. Growth and applicability to future state is important.  Does the solution scale with the business?  In the case of PKI, does the solution provide crypto-agility for the challenges that will be presented in the future?  What does quantum computing mean to you in the next seven years?
  • Comparative Options
    • Your due diligence will present you with options between vendors. The first consideration will be price and feature set.  However, what does that vendor’s stated direction in the marketplace mean to certainty in the investment you make today?

 CSS Differentiation on Value

CMS Enterprise is both a PKI Operations solution and a Certificate Lifecycle Management product for both private and publicly rooted PKIs. Gartner in research paper G00308940 calls out that CSS is unique against its competitors. CMS Enterprise manages every certificate, all the time, with the ability to receive alerts, notifications, and reports of the complete certificate eco-system. Extensive APIs also allow integration in to business systems such as Splunk, CHEF, Puppet, Active Directory, ServiceNow, and much more. Most importantly, CMS Enterprise increases the security posture of an organization with real-time information from the issuing CAs both Private and Public. Only CMS Enterprise gives you total control of issuance of your privately rooted Certificate Authority.  Other competitive platforms allow end runs to the source systems.

Security, complete real-time coverage, and extensibility separate CMS Enterprise from any product on the market.


 Cost

Cost takes into account many factors. Product price, license model, support, services, training, time to productivity, growth, future upgrades. The price is not the cost. Certainty in cost has very little to do with price.

  • Acquisition
    • Price is important. Nothing is a 100% fit. What premium is a firm willing to put on closing the gap from a great fit to a perfect fit?  2x?  3X?  Also licensing terms. What are you committed to? Are you sacrificing an entry point for a punitive growth model?
  • Adoption
    • Purchasing is a contractual price. Productive use is a combination of time, installation services, and resources. Customization and effort cannot be underestimated. What premium must you pay in order to go from having bought a “great product” to making a product proactive in a great manner?
  • Support
    • The real relationship does not start until the test of when something unexpectedly and unpleasant occurs. It will happen. Whether something breaks or thre is a simple usage question, the integrity of the relationship will come under pressure and it will occur through the support organization. Is the vendor staffed and committed to client success after the check has been cashed?
  • Growth
    • You have purchased an exceptional product. You love it. The organization wants to proliferate it in conjunction with its value of solution. Does the vendor provide you with a path to grow in a cost conscious manner? Is the cost of success and adoption higher than the cost of initial acquisition? Have you been cornered by your vendor?

 CSS Differentiation on Cost

What is the most important certificate in your organization? Answer – the one that allows a breach or an outage. How does an organization find and monitor that specific certificate if it is not managing every certificate, all the time? CMS Enterprise is licensed as a site license to our clients. That means that unlimited quantities of certificates under management, and unlimited quantities of features in the product are available to our clients. 

The product, installation, training, and support are incorporated into a single annual license fee. That fee does not change over the term of the agreement. Use more certificates, same cost. Deploy additional servers and applications, same cost. Double the size of your organization, same cost. Version upgrades, same cost. Certainty is the key work in Cost Certainty Guide. CMS Enterprise is unique in providing you true certainty over the lifetime of the product. No surprises for your budget.

One more comment on cost, time to adoption is important. It determines when an organization begins to realize the benefit of its investment. CMS Enterprise has the shortest time to productive implementation in the industry. In many cases, firms have all their certificates under management and alerting in less than three weeks.


 Trust

The adage is people do business with people they trust. Trust is earned in small increments over a long time and invalidated in the blink of an eye. 

  • Share my Beliefs
    • Does my vendor demonstrate a shared belief system with my company as to how a problem should be approached and represent a solution that is in line with how I do business? In terms of certainty and value, what does a shared vision mean to me?
  • Evidence of Intent
    • Trying to establish trust with a new organization relies on points of intersection.What do I believe? What does the industry say? Do they have independent analyst coverage?  Do the firms within our industry use the solution that is being presented?
  • Intellectually Honest
    • When something is too good to be true, is it? When emotion and bias is removed from the evaluation of a vendor, can one step back and say I intellectually believe that the approach being taken is one that has the best interest in mind of my company? Are my heart and my mind in alignment?
  • Easy to do Business
    • It is hard enough to come to an emotional and logical conclusion to acquire a product from a vendor. It know has to be procured. Is this a vendor that is willing to respect and embrace the procurement process?

 CSS Differentiation on Trust

It takes a long time to establish and the blink of an eye to destroy. CSS prides itself in our relationship with clients. We are fortunate to claim that no client has ever replaced CMS Enterprise with a competitive offering. The same cannot be said for other vendors that offer certificate lifecycle management and have already turned to CMS Enterprise. We believe there are two core reasons. 

First, we are first and foremost a cyber security company with an eye towards best practice in everything we do. Clients deploy certificates to enhance their security posture. The client’s expectation is that the product and company they align with are partners in a major line of defense against bad things happening.

Second, we listen. We listen to our clients. We listen to industry experts. We listen to our engineers.  Our product (any product) is not perfect. Whether it is an enhancement, usability, or client interaction; CSS responds quickly and with integrity. 

At CSS, we learn from our clients every day. They are the reason we enjoy what we do. Earning the right to ask for their business is the definition of earning trust.

Conclusion

There is no such thing, as a sure thing. 

Certainty is a feeling based on evidence and intuition. Evidence is comprised of features, functions, demonstrations, proofs of concept, and adaptability. Intuition is understanding if you share a belief system with another party. 

Cost is comprised of items that impact your budgets of money, time, and resources. Costs for acquisition, support, growth, and supportability.

To the extent that you are comfortable with those coming together on behalf of a need that exists in your organization, you will choose a vendor and a product that delivers on both. 

Speak with Industry Leaders and Experts on Digital Identity Solutions for the Enterprise and Internet of Things