Once upon a time deciding whether to let employees access business services remotely was something that actually merited some thought. Today any service delivered via ‘the cloud’ is by definition accessed remotely, so the question isn’t “should you”, but “how will you”? Every business uses multiple applications. When they’re all installed on your own kit it’s easy to provide a seamless login experience, but when they’re all hosted by different providers it suddenly becomes a lot more difficult. Is a frustrating login experience the price you pay for using the cloud?
As a new venture with serious backing and even bigger aspirations, Calbee UK chose to leverage Office 365 to provide core productivity applications at a low initial cost that scaled in line with business growth. Office 365 is great for collaboration and communication, but it doesn’t solve the problem of managing stock, orders, etc. in a manufacturing environment. For that you need an ERP system.
ERP systems are big and complex, and due to the bespoke customisations involved in most deployments they don’t generally lend themselves to the ‘one-size-fits-all’ public cloud model. To achieve the joint benefits of an ERP system that fitted their business needs, and a flexible cloud-based model of supplying the service, Calbee UK chose Waterstons to help implement an Epicor Tropos ERP system in Waterstons’ partner cloud.
Whilst it fits Calbee’s needs pretty well, Tropos is not a cloud-enabled application, and the only supplied way of accessing it remotely is via a remote desktop infrastructure, which could prove both cumbersome and expensive for a start-up business. That would also mean multiple logins for Calbee’s remote workers, limited flexibility to use different devices, and no integration with their Office 365 productivity suite.
As with a number of cloud systems, Office 365 supports identity federation, which allows businesses to leverage their own infrastructure to control access to cloud services. This not only improves security, but due to the tight integration with existing systems it means that office-based staff can be automatically logged in to cloud services without even typing a password. One of the improvements Microsoft have made with their latest server operating system is the ability to marry this identity federation with remote access to traditional on-premises web applications. In effect, this provides single-sign-on across internal applications, and cloud services. For remote workers, this means a single login page which grants you access to everything – no matter who hosts it. For office staff it’s even better – once they’ve logged onto their computer they’re automatically signed into everything else.
Waterstons implemented Microsoft Active Directory Federation Services to provide Calbee with a seamless login experience. With the addition of Microsoft Web Application Proxy this seamless experience was extended to include the Tropos application and remote workers.
The additional layer of security provided by the Web Application Proxy solution allows Tropos to be accessed remotely as if users were in the office, and as soon as they sign in to Tropos, they’re automatically signed in to Office 365. This allowed Waterstons to take a traditional on-premises application which doesn’t natively support remote access, and transform it into a cloud-ready solution that can be easily accessed from any location.
- Improved security and control of user identities in cloud services
- Automatic login to cloud services for office staff
- Simplified login experience and single-sign-on across multiple systems hosted by different providers
- Delivered a traditional on-premises application as a location-independent cloud solution
- Low-cost and secure remote working without the need for an expensive remote desktop infrastructure