Talkin' SaaS
Talkin' SaaS brings you in-depth interviews with proven regulatory leaders, from state government staff to private sector authorities. Take away practical solutions for your current regulatory challenges.
Talkin' SaaS
5 Key Infrastructure Moves for State Tech with GL Solutions CTO Ryan Pedersen
Ryan Pedersen, Chief Technology Officer for GL Solutions, explores essential strategies for future-proofing state technology systems amid challenges, like aging systems and limited budgets. He shares the five key infrastructure moves—from GovRAMP authorization to configurable web—that CIOs must make.
Download our white paper, Key Components of a Professional Licensing System, to learn more about modernizing your licensing system.
GL Solutions helps governments run, grow and adapt. For more information about GL Solutions and our modernization service for regulatory agencies, visit us on the web at www.glsolutions.com. Or connect with us via Facebook, X or LinkedIn. Reach our host, Sam Hardin, at hardin@glsolutions.com or on LinkedIn. We look forward to hearing from you.
Welcome to Talkin' SaaS brought to you by GL solutions Talkin' SaaS is your source for the inside scoop on software as a service featuring interviews with proven regulatory leaders from state government staff to private sector authorities and commentary and conversations that deliver practical solutions for your current regulatory challenges. Thanks for listening, and don't forget to rate, review, Subscribe and follow wherever you listen to podcasts or at GL Solutions, and be sure to send us feedback by clicking on the send us a text link just above the episode description in your favorite podcast app. And now here's your host of Talkin' SaaS, Sam Hardin,
Sam Hardin:all right, Ryan, thanks for joining the podcast. Here. It's, you know, it's not all the time that I get to speak to one of our own on the podcast. So I'm super excited to speak to you today. We are talking about future proofing state tech. So specifically, we're drilling into five infrastructure moves CIOs must take. So in this podcast, we're keeping it a little bit more high level, more at the state level, and keeping it more like database, structure, security, things that that's in your wheelhouse. So thank you so much for joining. So why don't you just kick it off, give your name what you do for here at GL Solutions and little bit of your background.
Ryan Pedersen:Yeah, sure. Thanks, Sam. I'm happy to have this discussion, too. I think it's an interesting topic, and one that's really important to you know, to state leadership. Yeah, my name is Ryan Pedersen. I'm the Chief Technology Officer for GL solutions. I've been working at GL for 15 years, going on 15 years now, and before that, I worked at Hewlett Packard integrating DMV systems for different states as well. So pretty much all I've been doing is, you know, state regulatory systems in one way or another since college. And so, yeah, we're talking about future proofing, right? And like, government agencies, they're under a lot of pressure, really, like never before. There's kind of this paradigm shift that I think covid kind of kicked into place, and you can really see, like the before and after, but, you know, a lot of the ones that come to us, Sam, they've got, like, these aging systems, rising citizen expectations, right? And then a tight budget, so, like, this stuff, kind of, in my viewpoint, isn't really a luxury anymore, like it used to be. It's kind of a necessity.
Sam Hardin:Well, totally, I think, I think that's a good point. And, you know, I don't want to put anybody on blast or anything, but there's been some recent examples of just how important this is. You know, if people are watching the news, I think there's a state that kind of came under a pretty sophisticated ransomware cyber attack that shut down, you know, some major departments, DMVs, law enforcement agencies, emergency services like that. I think they were shut down for multiple days. And some, some, you know, personal protected information was, was they're still looking into it. I know, I know that by FBI is looking into it, still kind of under investigation, that that could be kind of nasty stuff. And so as you spoke about with with kind of covid times, I think we recognize there needs to be some some future proofing, and also just bolstering and ramping up of the of the security standards and stuff like that. And we want to try to try to protect our citizens of all this type of stuff. And so we get a lot of this because we work with different state agencies and what they got going on and integrating with their systems how to do it securely, safely. But then, like you said, that there's multiple different factors and stressors, I would even call them in this industry where it's like, we need a system. We need to be able to support the licensee population the best as possible, but we also have to do it in a secure and and and smart way. And so there's kind of, you know, two ends of the spectrum, kind of pulling together here. And so it's definitely a challenge, yeah, to
Ryan Pedersen:You're expected to deliver a consumer grade experience with government grades, security and then a lot of times on a shoestring budget, right? So, yeah, it can be definitely hard to do. And I do remember, you know, in the, in the before covid times, you know, you could be an agency, and you could, you could kind of just, you know, go by, there's some really great ones. And you could also just kind of go by and and deliver the normal, expected stuff. But now, now all of them are really being pushed a lot by consumer demand to deliver a totally online experience, to not have any data leaks or anything like that. And it's just a new world now with a lot of dangers and threats, and so you've got to be prepared on this stuff. So yeah, that's why we've got this future proof and these five different topics.
Sam Hardin:Absolutely. So I'm going to, I'm going to go through the five different topics. Okay, then we'll just, we'll just jump into the first one. So of the five topics we're discussing today, it's cloud hosting with Gov ramp. I'm. Gov ramp ready platform specifically. So that's segment number one. Segment Number two is configurable web for agility. Segment Number three is integrated systems and data interoperability. That's an important one. Segment Number four is cybersecurity and access control. Segment Number five is scalable licensing and workflow automation. So let's just jump into the first segment, cloud hosting with Gov ramp ready platforms. You know, we are, we're gov ramp ready status, we've done a lot of work, specifically, your team has done a lot of work, and other people in our building to get us in this gov ramp ready status. It was no small undertaking for the right reasons, right so it was it's all under safer, more secure systems, having what I would call more transparency around our security protocols and things like that. So that way, states that are looking to procure our software looking to procure any software, really is what we're talking about, that they can feel secure and, and then also it has kind of a centralized platform to say, Okay, this meets, this is it meets and, or is above any state requirement to that way, they don't have to take it by a, you know, a vendor by vendor basis, or a state by state basis. They can kind of just say these are the strict, strictest standards, and we're going to adhere to them, and we're going to feel pretty confident about what we you know that the people that we're working with, in the in the vendors that they're working about, so let's, let's talk about, kind of the first item under Cloud Hosting is, why? Why is Cloud Hosting no longer optional. Yeah.
Ryan Pedersen:Like, what you said is, right? Like, so cloud adoption, and it's not really a question of if anymore. It's like, how fast, right? Agencies need this elasticity. They need uptime. The kind of stuff that this and disaster recover, really, these things that on prem just can't match unless you just have a tremendous amount of money, right? And so if you can't match those on an on prem, then then the best solution is, well, go with one of these giant cloud companies that does have the money to make those things become a reality. If that's what your constituents are demanding, then that's how you get there. Is you partner with a big old cloud company like Microsoft, AWS, Google has a Google has a cloud system too, or any of those that could really, they can offer that and then, and then, on top of that, you need, you need some sort of system to host all your data. That is gov ramp ready, right? And so the other nice benefit of these cloud systems that we integrate with is is, is, yeah, they are ready to be gov ramp certified, and they can be so it's, again, it's an easier path to reach those end goals and trying to do it all on prem,
Sam Hardin:So talk a little bit, and maybe even some specifics about the benefit of that, that gov ramp certification and those environments. I know, yeah, a little bit, but yeah,
Ryan Pedersen:the GovRAMP stuff is kind of funny because, you know, you think about it, and you're like, Oh yeah, they're going to make sure their their systems are really secure, and a hacker can't get in there. But it's extremely hard to get, like, I was so surprised how, how many things you had to go through to be govern certified. And they cover not just like, like, you know, can someone get into your servers, right? They cover. Do you have locks on all your doors, so you have that employees have to have a key card to access. Do you have cameras around your building? And do you monitor the recordings of those cameras every 30 days to see if you know something sketchy going on? They're they're like, covering all the different ways that someone can get data, because a lot of times it's not just some, you know, super awesome hacker that you see from a movie got into your system. Most of times, when you hear about this, it's someone left their admin password as password, right, right. I mean, that's I got, I got my social security number stolen, and I and that was exactly what it was, a big insurance company and somebody left their password, as password. It's kind of that social engineering stuff. A lot of times it gets people in the door to get all this stuff, leaving a file unencrypted on somebody's desktop or something. And so like, people come around every two weeks and, like, look at our desks, right and make sure that we don't have any PII just sitting out in a printed form. Like, it goes, it goes that deep. It's kind of funny. All the different things they cover.
Sam Hardin:All everybody right now that has their their password taped under their keyboard. We're speaking to you. Yeah? Now, yeah, stop doing that. Don't do that. So yes, you're totally right. They go above and beyond. I mean, it's, you know, it's, it's, it's, it's really the full protection, everything from hardware to software to even just your operations in in the company, and how you guys, yeah, monitoring everything like that.
Ryan Pedersen:So, policies, procedures, all that sort of stuff,
Sam Hardin:totally, you know. So let's talk about we've had, we've actually had some, some real world examples with some of our clients that. Have made the move to, with us, to cloud hosting. You don't have to talk about specific clients, but, you know, just maybe just touch on some of the, some of the things that they've done, and how the transition has been for the for them, and yeah, and what they have done.
Ryan Pedersen:Yeah. So as a company, we've moved our whole operation from on prem to cloud hosting because of these benefits that you get right, the uptime, the elasticity, we don't have to have someone going down to the Co Location facility once a week to check for bad discs have a red light on them, right? All that sort of stuff is taken care of for you. So you don't have to worry about that. If you have a failover that you know in one region, it's automatically going to bail over all your stuff to your backup region on the East Coast or whatever, so they kind of take care of all that stuff for you, which, which is fantastic, but yeah, we've had also all of the you know, agencies that GL solutions work with now are hosted in the cloud. And there's also some other nice side benefits, depending on what the agency wants, like gaining real time access to their data, kind of some seamless updates, automatic backups, all kind of in this compliant framework, right? So we have some agencies who do like to query their data and get information, and they can get right in there and do that, and it's a lot easier through these cloud platforms.
Sam Hardin:Yeah, I think accessibility is a big one, like, you know, just personally, probably both of us, Ryan, you and I both, like, there's a lot of stuff that goes on in the background, right? That maybe you know your business level employees or staff don't really know that that a vendor like us and what we're doing in the background, like, accessibility is such a one that comes to mind for me. It's like, oh, you now have real time access to your data, which, you know, before we had ways to get your data and get your backups and all that type of stuff and but just some of that stuff that from a business standpoint, you don't really think about all the time, and especially with like, your licensee population, you might not be thinking about like, oh, do I do I have all of This at my fingertips. Do I have access? Do Can I go in and get these updates, all this type of stuff that cloud hosting has really kind of opened that up and made it available, which some people, some states, some agencies, departments might not even know how important that is. I definitely know. We have worked with agencies that definitely know about that. But I think it's important thing to think about, when you're looking at a vendor, you know, thinking about, you know, making the move, if you're if you do have an on prem solution or or, you know, maybe you haven't made the jump yet, just to think about, like, oh, there's accessibility there that doesn't exist. Or maybe it does exist. It's just much more painful and manual.
Ryan Pedersen:That's really good point. It's accessibility. And wrapped into that is the security around it. So, you know it, are you going to be getting your backups placed on an FTP site where you have to go download them, you know, there's some security holes in there, or are you going to be able to go get your backups easily through one of these cloud platforms, and it's all totally secure and locked down and GovRAMP compliant, right?
Sam Hardin:Okay, well, let's Okay, that's great. That was an awesome segment one. Let's, let's jump into segment two, which is our configurable web for agility. So the first topic I want to talk about is that the power of low code. Or some people like to call it no code, low code. You know, I know that's a kind of a common term in this industry, but just the overall configurability, let's, let's start it off there. Like, like, what? What's the benefits there? What should CIO states be looking at and top of mind for in that area of configurability?
Ryan Pedersen:So there's a couple things here, like these, these, and you see them all over now, kind of, they call them these, no code, like you said, no code or low code solutions. But they, they really, they really empower agencies to make changes without waiting for developers, right? So there's kind of some real agility and inaction there. And it's kind of about putting control back into the hands of the agency so that they can respond to these legislative changes or emergencies really quickly. There. We've definitely seen some agencies roll out new workflows, like with some of the stuff in kind of in days, really, or weeks, not months, and so that can really help with public service delivery. The other nice thing that I think is really nice about these no code and low code tools is that it's always been hard to find programmers, developers. Yes, it's just always been a profession that has been in demand. And so no matter whether you work for state or private, it's there are always hard jobs to fill, right? So this kind of it reduces lock in, right? You have these tools that somebody doesn't need to go custom build, and even if, even if there is a little configuration in there, someone else can come in and doesn't have to have all of this prior experience to be able to pick it up, right? So when, when we're going a lot of times, we'll see these agencies come to us and you know this. Sam, where they'll say, yeah, the reason we need a new solution is because seven years ago we, you know, somebody's uncle, Bob, programmed this whole solution for us, and he was the only person who could support it for the last seven years, and now he's retiring and doesn't want to do it anymore, and we have no one else who knows his code at all. Right? Like, that's a pretty common I hear about that a lot, yeah, yeah. So, so you move to these solutions where, yeah, they call them low code, there's a little bit in there, but it's definitely much easier for someone else to come in, pick up and kind of carry the torch forward, and then you just have a lot more adaptability, flexibility. You can roll them out quicker. So when you get those legislative changes or emergencies or whatever, you can respond much, much quicker and, and I do really like the ability to say, Yeah, agencies, you know, you've got an IT staff, and they can help support on this stuff, if they want to. They can learn this technology and and be able to build some of this stuff too. And we some see some of that with the agencies we work with, where they really work hand in hand with us, right? They've got their own staff who are learning these things and and being able to support and roll out their own changes too, which is just, it's kind of really cool to work that way with some
Sam Hardin:Yeah, yeah, a couple things on that, you know, I how many times I've just, first off, how many times I've heard of, you know, that story of saying, you know, so and so built our system 20 years ago, and they're retiring, and you're just like, Yeah, this is, we need to do something now, because this is rough. But the other one I hear a lot about, too, is, is, you know, I think legislation is, it comes up every year. Some things are passed, or maybe it's a special request from the governor's cabinet, or whatever it may be, or, you know, and they don't really, and it's not their job too, so not casting any stones, but they sometimes don't understand, like, Okay, I'm requesting this change, whether it be legislatively driven or it's it's a special initiative within the state or something, and they don't Always understand, like, what's required to support that change totally, to get that data. And so sometimes, you know, I'll get clients that are really kind of in a pinch or a bind, and they'll come to us and say, gosh, you know, this just got put on my desk. And I kind of feel for him, because I'm like, yeah, if only somebody kind of knew, like, what we're talking about here and and what we're trying to accomplish. It's like, totally on board with the goal. But, you know, sometimes having those, like, realistic ideas of, like, what are we talking about here, what actually needs to change? How is the system set up right now? What needs to change? What needs to be different. And so I think some of that, that configurability and putting the the ability for the agencies and departments to have some control and make some changes. Really helps with that too. I know of couple of clients that we work with that, you know, have have received training from us and can go in to make these updates. And, you know, I just there's a sense of just relief, or a sense of, like, pride almost in knowing like, hey, if those things come over, like we'll be able to handle it. And maybe a couple of years ago, we were not able to handle stuff like this would kind of put us in a panic state, which nobody likes to be in. And, you know, just kind of makes it a little a little intense for everybody involved. And nobody likes that.
Ryan Pedersen:So I know we had one agency last year, and I specifically remember they had a legislative change, and I think they just had two weeks to get a new license, you know, and we were able to do it. And a lot of it is because of this kind of low code, no code, type of configuration where you can go in and just say, yeah, we can put this together for you a lot quicker, and we can change it a lot quicker, but let's get something out there in this two week time frame. We've gotten it and help support, you, help meet those legislative demands, because you're right. They put them on there, and the implementation, how they do it is, you know, the people passing the laws, they don't really care about that part. No, that's on. No, it's on the leadership, right? Leadership, yeah.
Sam Hardin:Well, and I always tell people, there's, there's kind of two drivers of change right in this industry, when we're talking about, you know, state government, one of them is, you know, the internal stuff, like, like, we already talked about the legislative changes, the updates, you know, special requests. But then there's also just the external environment of new product offerings, you know, obviously the most common one always right now is AI and being able to implement that and augment it, and, you know, utilize it in a way that fits licensing agencies, regulatory bodies. And it's like, for me, some of that agility, too is pretty important to say, like, oh, there's new product offering. Maybe, we're not the first to jump on the bandwagon, but once legislation gets passed or or once, you know, we're able to use things like AI, it's a pretty big time saver, and it can be a super important tool for staff to be able to use. And so being able to kind of plug and play that, you know, it's not, it's not a module that you just plug and play, but it's definitely, you know, like we're speaking about earlier, the ability to kind of rapidly introduce that into the system and get it up and running and utilizing it and supporting the staff, I think is a really important aspect here. Is like, you know, I don't really see any workloads like lessening for for these staff members, like, if anything, it's like, they're up to their eyeballs and work, and it's like, you know, you know, harder to find people. And so let's utilize these tools that are available to us and and be able to introduce them and implement them in a pretty quick basis. Because, yeah, it's so that's just another one that comes to my mind with the agility is being able to kind of get that stuff implemented when there's, there's new product offerings out there on the market. Yeah,
Ryan Pedersen:you're totally right on that. Like the technology is evolving so fast, you see it, especially with the AI stuff, you know, as soon as one product is out, two weeks later, there's another one. We see this. We see this on that, on our application development team, we'll start programming with one AI tool that's the latest and greatest, and then two weeks later, there's another one that's, you know, even better. And then you switch to that, and you move everything over. And then two weeks later, there's a better one, right? But so, yeah, the being able to adapt to those changes quickly is really important. And you see this in the industry, that this different companies are trying to enable those switches as easily as possible with some of this, like low code, no code stuff. You see it in a lot of the product offerings from like Microsoft, for example, for integrating their AI you know, there's one where you're going to build in an AI tool, and it's literally an AI bot asking you, How can I help you build this AI tool? And you tell it, and then it goes and builds AI tool for you, right? So you're just kind of seeing it everywhere, and it's helping to adapt. It's helping you as a leader, adapt really quickly to the different environments and conditions that are being placed upon you.
Announcement:Technology evolves at warp speed. If you're not using tools that keep you ahead of it, you'll be stuck in a cycle of chasing progress and constantly falling behind. GL solutions helps government agencies run, grow and adapt, keeping them ahead of the curve. GL solutions Customize Software Solutions for government agencies will help you modernize, digitize and automate your regulatory software systems and increase your agency's capacity to serve the public. Since its founding in 1999 GL Solutions has been innovating and evolving its regulatory agency software and related services today. GL suite is driving agency transformation by digitizing operations for scores of local and state government agencies and departments nationwide, including human services departments, medical, dentistry, chiropractic and pharmacy boards, gaming and gambling control boards, firearms licensing agencies and more. Don't let evolving technology leave your agency behind. Let GL Solutions empower you to run, grow and adapt to the future, to begin transforming your agency and to learn more. Visit glsolutions.com Today,
Sam Hardin:let's jump into segment three, which is the integrated systems and data interoperability. You know, I think the first point here that, again, is very common, especially in these larger departments, but also in your agencies and boards, they need to be able to speak to one another, or data needs to be transferred, whether it be in different divisions, whether it be in different departments within a department. You know, there's all this information that needs to kind of pass back and forth. You know, a great example always to me, that sticks in the mind is this background check information. And you know, it's usually generated from one place, but it needs to be sent to another place. I know that's, you know, such an important aspect of it. But, yeah, let's talk about, you know, kind of breaking down the silos across departments and systems. I think it's the first topic here that it's really important.
Ryan Pedersen:Yeah, it is. This is one of my favorite topics, breaking down these silos so that you've got, you know, licensing, finance, enforcement, all the different parts. Breaking down those walls. It kind of enables you to do a more of a holistic service delivery, and it really allows some collaboration and transparency between the different pieces of your agency and your and your state government. Though, the one story I love to share is we have one state agency that does firearm protection right, and they have a through a couple different web service API's, if a policeman pulls over a car and they type into a little laptop in their car the person's license plate number, it actually, through a couple different web service APIs, pings back to our system and tells them if the if the owner of that car owns a gun. And so, like, that's one of my favorite examples, because in a roundabout way, I'm always thinking my head like. Yeah, this, this interoperability through these different systems, can actually, it can provide information to all these different places, and like in this case, in a roundabout way, you could see it actually saving someone's life, right? This police officer is now prepared to go up to this car and has a little bit more information, right? And that's just purely made by sharing data between these different systems. I just think that's so cool.
Sam Hardin:Oh, I was just gonna say it is a challenging one. But like, if we're, if you're able to break down those silos and be able to have that kind of secure flow of information, it's so powerful. It's just, it can be, it can be kind of tough to because, you know, not everybody plays nice together. And there's all these, you know, standards, and you know who we're working with, and do they allow this? But I think once, if you have buy in, and you have people that are willing to, you know, be vetted and, you know, have it securely set, you're right, it is literally, quite literally, life saving data and information that is really important. So it's like, yeah, yeah. Talking about the tensions, it's like, you want to do it right? You want to do it securely. But then the information and the data flow is so powerful, it's like two ends of the spectrum. But you know, there's got to be a middle ground here to where the data flows, but in a secure way,
Ryan Pedersen:yeah, the nice thing about that, like talking about the secure way thing, it's a good point like this data exchange, is it's more and more important in the industry, and all of the tech industry, right? So there's, there's becoming a lot more, like open standards for this, and that's something that we kind of advocate for. So there there's a lot more open standards that really help ensure long term compatibility, and like vendor neutrality, a great example of that is open ID. So you've got tons of different authentication methods, right? You can authenticate through Google, Facebook, your Microsoft, intra Facebook, but they've all agreed to speak over a an open standard called Open ID so that you can integrate with all those different authentication methods and and allow them through a secure way that everybody's agreed to, because they've all agreed to it. Then the, you know, the Open ID community can say, oh, we need to upgrade our standards here, and then everybody's got to meet that, right? And so it helps ensure that, well, we're all talking on the same level, and we're all meeting the highest security standards, and we can all agree to those things, and allows you to do some really cool things, like we've got now, where people can come to a website and they can sign in with their Facebook or their Google or their LinkedIn account, right? Or you can have staff sign into their application with the, you know, single sign on the same credentials they use on their computer, instead of having to manage security differently because you've got these agreed upon standards to help you tackle the security concerns too.
Sam Hardin:Yeah, I that's such a great example, too, because I, I just think it's such a win win. Because, you know, from the licensee perspective, or the end user perspective, will say, I always love when I, you know, it makes it so much easier when I go to a website, especially, you know, ones we're talking about the agencies where maybe you only renew every two years. I, for one, I'm definitely not remembering my password, yeah, for sure, after like, a week, you know. And so I'm always that user that's totally forgot their password and have no idea. And so I always love when I can be like, Oh, thankfully I can just use Google to have it, you know, remember my password from there. And that's, you know, instead of remembering 17 different login credentials, I can just, you know, I know my Google one, okay, I'm saying 100% Yep. And then on the staff level, I know they love it, because it's like, yeah, I don't have to get the phone calls about, you know, I forgot my password. So I just think that's such a win, win there. And it's just kind of really highlights that that power there. Let's jump into segment four, which is the cyber security and access control. So we touched it on the beginning. You know, evolving threats, unfortunately, hackers and things like that are getting smarter and smarter, and you know that that threat is kind of ever, ever present and always there, and so you're constantly combating against it. And so there's a, there's a need for proactive security, that there's a need to stay two steps ahead of the bad guy, right? And so, yeah, talk, talk a little bit about that.
Ryan Pedersen:Yeah. Well, the one thing that I find interesting about this topic is that there's, there's an expectation on government, actually, that's much higher than there is on the private industry, right? You probably have gotten these letters, but I certainly have where you get a letter from some private company and they said, Oh, yeah, we lost your PII information, and here's 12 months subscription to LifeLock to make up for it, right? Yeah. And at this point, I've gotten so many of these that I just kind of throw in the mail, right? I go freeze my credit, my credit reports, and then I just throw in the mail or the trash. I'm like, All right, whatever. But the expectation on government, I feel, is much higher than that, right? Yeah, there's a big outrage if that happens on the government side of things. I find that very interesting, because. Much. You know, a lot of times the private industry has a bunch of my my data too. But in any event, yeah, so there's a lot of pressure on this. It can be super embarrassing, and if anything like this happens, not to mention all the legal blowback and stuff. So yeah, the cyber security, it's evolving daily, and I think the real key is to move from a reactive strategy to more of a proactive security strategy that really ties in with that government ready platform. There's, there's a lot of cool products and technologies out there that can integrate into, you know, your GovRAMP cloud system that allow you to be really proactive. One of those that we use is Microsoft Sentinel, which is, it's, it's a system that is inspecting all the traffic going in and out of your network at all times. It's, it's inspecting security changes, Active Directory changes, and it gives you alerts using algorithms and AI on all these little things that are going on your system to give you warning ahead of time if anything is happening, so that you can react way before the threat ever actually gets anywhere, right? So instead of finding out after the fact that somebody got in there and did something, you're getting warnings in real time. So that's one way. Another way is through security scores, tools that are kind of actively monitoring your network at all times, letting you know where there's holes, where you could strengthen things, where you could meet better standards. And then they're also evolving constantly, right like so there's new threats every day. There's new ways that people are going to social engineer you every day. And so having these tools that are kind of very quickly being updated to these new vulnerability strategies, and then giving you recommendations like, Hey, there's this new threat out there. It's really important that you immediately close down this hole or roll out this update, right? And so you can react really fast, much faster than ever before, to some of these new threats.
Sam Hardin:Yeah, I think that, I think the proactive versus reactive is the is the most important thing. And I think that also kind of dovetails into, you know, you're right, like the state and federal is held to a higher standard. And then a lot of private companies, you know, it's funny, I probably receive a call from my mom at least once a week about And the crazy thing now is some of them are, like, fake too, because some of them are like, nothing actually happened, but somebody's trying to get information out of you, and so somebody like my mom is like, what do I do with this? You know, give me a call, like, what should I do? So if you're proactively monitoring that stuff, you can shut it down before it ever becomes a problem. And it's not my wheelhouse, but I I certainly understand that. Like knowing about something that could happen allows so much more opportunity to make sure it never happens than waiting until it does and being like, oh, you know, here's, here's your, here's your trial for LifeLock. It's like, yeah, that's thanks for that. But now I'm like, super freaked out and have no idea, yeah,
Ryan Pedersen:I already have social security. It really is, though, like a mind shift towards a continuous security improvement. Yes, and I mean, that's what we've done internally right for the last couple years. Now we have, we have a person whose whole job is just keep us totally on top of our security game, to sit there and monitor all day long to make improvements, suggest improvements, to review every single thing that might affect our information protection and and they all have to go through a board to make sure that we're doing the right thing at the right time. It's very locked down, but it but it's super important to make sure that we don't make an easy mistake, like someone left their password, password all the way to the more the more advanced stuff, where you know your firewall is totally locked down and got the latest updates on a set schedule. Let's
Sam Hardin:Let's talk about, like, the app specific stuff, you know, for for our application. So kind of taking it a step further, let's get into, like, the role based access and the audit trails and stuff like that. You know, I, I meet a lot of these departments and agencies regulatory bodies, and that's a big one for them to be able to have accurate auditing trails of who's done what what time and what they update to, you know, who has access to see this information and who doesn't. I think that that's an important one, kind of within the agency or within the department, to be able to have those security kind of set into the app.
Ryan Pedersen:Yeah, for sure. So we've got kind of two things there. Like you said, the role based security. So I mentioned it before, but through open ID, we can, you know, we'll integrate the application state into straight into people's state IT like authentication, so that security is based on the roles that your state IT gives them. You don't have to have two separate sets of security, one for your licensing application, another for your state agency. It's all one in the same and they work together. So that's really cool. And then you have the audit trails, being able to see what's changed when, why? All the way down to being able to track exactly what a user is doing, what they're clicking on in the screen, what they're changing on the records, what they're looking at, yeah, that that auditing trail is really important. We've, we've had, you know, we've heard of stories where somebody was doing something wrong at an agency, embezzling money or looking at stuff they shouldn't open. Being able to detect those, to see those as soon as they happen, is really important. And then restricting data like at one point, you always gathered social security number, and now that's calling kind of falling out of favor there. You know, find other ways to track unique information and get people records, but let's not track your social security number. So if you do have socials in your system, how do you lock them down so that only the administrators can see them and people who really need access to that. Yep, Yeah, when I started 15 years ago, you know,
Sam Hardin:that. That's right, that's one that I'm hearing too, is people are, are kind of shying away from the social security numbers. But, yeah, a couple years ago, that was kind of just, that was the unique identifier, you know, that was used all over the place. And then people are like... someone would call, you know, they would that was on the this main search someone call them up and they say, Well, what's your social and they type it in and bring up their record, right? Yeah. So it's funny to see the evolution and how a lot of these security things have changed the industry, okay? And that brings us into segment five, which is the scalable licensing and workflow automation. So this section, to me, is really about like there's essentially a bunch of work that's that's implemented into these systems. Or when I say implemented, I mean like somehow end user, licensee population is doing something which should spur somebody, staff member, licensing, specialist, manager, surveyor, whoever it is to need to do something with that information. And I, I've always kind of said, well, I think the power of these systems is being able to accurately display who's supposed to do what when, and almost in what priority level, right? And so I think that, again, talking about evolutions of the systems, it's like, okay, no longer is it just like you have a database of information that you can query and and go look up. Now it's like, no, I need Bob to know. He needs to do this on what day. And then I want to track the amount of time it takes Bob to be able to understand like, Hey, are we, you know, are we operating effectively and efficiently? And then also, it's taken down to the level of the licensee, you know, I know there's certain situations where it's, you know, it's not the best thing to happen, but sometimes licensees will be a little ornery and say, gosh, you know, I submitted this so long ago, and I haven't heard anything from you guys. It's like, well, no, actually, we sent you some information. And, you know, we actually see that you received the email and the ball is in your court, type of thing. And so I know that's super important for for for these regulatory bodies. So, yeah, just touch on the the renewals, inspections, complaints, and just the workflow of that in the application.
Ryan Pedersen:Yeah, this, this topic is really nuanced. There's, there's a lot of stuff that goes into it. The workflow is really powerful, and it's one of those things that I think isn't talked about enough, and it's kind of changing every day too, and we can get into that, but the workflow can really transform your agency, right? Like we had one agency come to us, and they were able to get their childcare licenses down from a year and a half application process to three months. And when you're thinking about getting kids placed in, placed anywhere, placed in the right place, that's huge. That sort of time reduction is just phenomenal. And that that was a lot of that was all done through workflow. So like you said, making sure that the person who needs to act on this part of the application, or this part of the process of the inspection, knows about it, that they're ready to start it, that they know what they need to do. And like I said, there's a lot of nuance in that. So one of the things we saw happen during covid was a lot of staff movement. No longer did you have these 20 year veterans of an agency who knew everything that went on and exactly had to do everything. Now you had a lot of job relocation, and so you had a lot of new employees at your agency, and they didn't know how to do the job. They didn't have it memorized then been in the seat for 20 years. So workflow is really important to that. How does Jane know when she needs to start something. How does she know exactly what she needs to do? How does she know when she's going to hand it off to Bob? If you have a bunch of new employees, well, then let's get them specialized. Instead of having one person run the entire application process and know every you know, everything soup to nuts. Let's get them specialized. Let's, you know, have Jane go do the inspections, and Bob can do the other part of the application. Let's have him. Let's have them hand off those pieces to each other to write, you know, break points in the flow, so that they can efficiently learn their new job and get through the application renewal process, or whatever it is. So we can achieve those things through workflow. Like, like you said. Being able to assign work items to people at a certain time so that they can see it in their queue. They can see when it's due. They can see when they need to turn it around by being able to have, like, a, we call them a process guide, but essentially an instruction book that says, here's how you do your steps. Here's exactly what you need to do in order, in order to get through your part of the process. Yeah. And then, like, you said, tracking metrics too. Like, that's kind of the the ultimate tip of the iceberg there is, like, oh, let's okay. Now that we're have this whole workflow system in place, let's see where we're going fast and let's see where we're struggling. We're doing really great at processing, you know, reviewing our documents, but when we get to the inspection part of the application, it's taken us three weeks to get this whole section turned around. So what can we do? How can we zoom in there and look at the information and find out? How can we speed that part up? How can we give better delivery to our constituents? Right? So kind of that whole workflow, really, you know, helps you kind of improve your responsiveness.
Sam Hardin:Yeah, and if you kind of zoom out, like 30,000 foot view, it's like, it's going to make your staff more effective. It's going to probably reduce the cost. Like, you don't need so many staff members, or those you know, those experts in your system knowing exactly what to do. You can specialize, and then you can also probably do a lot more with less, right? Which is, which is something that I hear a lot in these, in these, you know, the agencies and departments is like, maybe we have, you know, kind of cap numbers on staff members and so, you know, we would love to just, you know, multiply and just go process all of this work. But we don't have that luxury. Well, workflow is going to enable people to be more effective and to get more work done with less staff. And so not necessarily saying it's going to replace staff, it's just going to make them more effective. So that way you don't need as many bodies doing the work. So that's one of the major benefits that I see there. And then for me, it's just just continuously improving. You know, if you're an agency that wants to be constantly getting better, and then also, like, even expanding on that, it's like, you know, we talked about, oh, maybe, maybe this part of the process is slower for some reason. And maybe it's not even a people or a tool problem. Maybe it's like, you know, hey, if we change this legislation, you know, we've isolated the the turnaround time, whatever it may be, or the processing time, to this specific area. Gosh, maybe we need to go look at legislation to make some of that better, because we have the data to hone in directly on what is causing some of this, this hold up. I think that's important too. Is a lot of these people are, are advocates in their state and and in their different organizations, to say, you know, maybe we need to take a look at this legislation, because we're finding that, like, this is where, or even just processes, this is where things are getting held up. And so if we took this action, because we can show you the data right here. This is where it gets gummed up. I think is powerful too. Right data always drives the best kind of decision making. And so if you can point to something and say, yep, right here for for a good chunk, or a majority of our processing is just getting gummed up, it enables you to make better decisions and the right decisions, really. So, yeah, I think that's that's super important.
Ryan Pedersen:There's a there's another, yeah, I totally agree. And there's another interesting part about kind of this workflow automation with with AI now, where that's starting to become have a real impact on your workflow, too, in a way, like, if you use it right, you can really start to get your staff to focus on high value tasks instead of data entry, which is going to lead to a morale boost and a productivity gain. So like one kind of classic example in there is maybe you have an application process where people have to upload a photo of themselves. Well, if, right now, if you're having to have people review those photos manually and then reject them when they're not right, one of the classic things we hear is it's supposed to be a headshot, and for some reason, it's a selfie with them, and they're, they're kid, right, right? Well, that's, that's a great one, a I can detect that there's two people in a photo pretty easily, and just take care of that for you so that that's something that's kind of one of those monotonous type things that you no longer have to have a staff person for. Now all those ones can just be instantly sent back. And now you can keep your staff, like I said, kind of focused on those high value tasks instead of the more data entry type stuff, let them really do what's important to keep the public safe and have it help you out in your workflow. The AI,
Sam Hardin:okay, well that, that kind of wraps up our five segments. I'll just, I'll just recap the five, you know, kind of call the actions in this, in this episode. But our first one was, was that cloud hosting getting off, off on prem and with the Go ramp ready platforms with segment number one. One. Segment Number two is the configurable web for agility, that the power of kind of no code, low code, configurability, integrated systems and data interoperability. For segment three, that's that's that breaking down of silos to be able to have that real time access to information. Segment four was cyber security and access control, so being able to understand who's doing what in the system, and being really proactive about some of those threats that we're seeing and constantly proactively monitoring segment five was the scalable licensing and workflow automations, being able to drill into who should be doing what, when, and kind of isolating either those areas of improvement or or isolating those areas that are going super well and making informed decisions and data driven decisions from from that, like licensing workflow. So from here, hey, Thanks, Ryan. I just want to say thank you so much for jumping on and kind of talking through these things. So we really appreciate your knowledge. And, yeah, it's fun, you know, just yeah, good conversation, and hopefully we'll do it again sometime. But for the rest of you listening, there's a couple call to actions here. We have a white paper that will link to this, this episode that you guys can download, take a look at You can also schedule a consultation with us to any of these items that we talked about, we're happy to go look at your system and tell you where there might be areas of improvement, or tell you where you're doing awesome. You know, there should be a link to be able to get in touch with us. So I invite all of you to do that and and, yeah, stay, stay in touch. Thanks, Ryan. Appreciate your time. All right,
Announcement:Thanks for listening to this episode of Talkin' SaaS, the podcast of GL Solutions. We'd love to hear your thoughts about today's topic and about the podcast in general. Reach out to us by clicking on the send us a text link right above the episode description and your favorite podcast app via our contact page at glsolutions.com, forward slash contact, dash us, or on Facebook and X at GL Suite, and you can also connect directly with Sam Hardin and GL solutions on LinkedIn. If you'd like to stay up to date on the latest news and solutions for regulatory agencies, click the subscribe link at glsolutions.com. Appearance on The Talkin' SaaS podcast does not constitute an endorsement of goods or services. The Talkin' SaaS podcast is copyrighted by GL Solutions. All rights reserved. Any redistribution or reproduction of part or all of the content is prohibited without express written consent from GL Solutions. The Talkin' SAS Podcast is a production of GL Solutions and is produced in association with left brain right brain marketing. You can learn more about GL Solutions at glsolutions.com and left brain right brain marketing at lbrbm.com.