Executive Insights: Steve McMahon Provokes Change at Splunk

The SailPoint Blog
| Nicole Thomas | Customer Stories

Steve McMahon is the Chief Information Officer at Splunk. The CIO plays a critical role in helping IT professionals get the resources and the budget they need to maximize company productivity and make complex tasks easily achievable. The goal? Implement technology that is going to help your organization deliver a competitive advantage.

The Path to CIO

Steve’s career path to CIO is not the traditional route we often see from information officers – which is likely what has made him so successful. He started his career in the Navy and went through Basic Underwater Demolition/SEAL training. After medical discharge he consulted at a boutique firm and founded a Six Sigma practice. This Six Sigma training early on in his career laid the foundation for how he approaches business problems for himself and his clients. He was in Sales at IBM and then spent 15 years at Cisco Services gaining experience with practically every team – Supply Chain Management, Technical Support, Acquisition Integration and Managed Services. At Splunk he’s taken a similar path spending time as a functional leader running Splunk’s Cloud business, Support and Renewals and he now serves as the CIO.

Splunk Drives Changes to Enhance Information Technology

His well-rounded experience gives him the business context to speak with specifics on the impact new security programs will have on Splunk’s internal clients. Implementing specific and targeted change management for each team helps the IT team be more effective with the programs and technology they are implementing. “At the end of the day, your business is people. The tools, programs and processes you create and are adopting are to support your employee, partners and clients,” Steve shared.

Perspective is everything and understanding the big picture and how teams and people work is crucial experience that gives Steve a leg up. 2020 was a big year for Steve and his team as they focused on improving business processes across the entire organization. Their current major initiatives include building an identity program, replacing their quoting tool, building an ERP system, revamping the experience employees have when interacting with their laptops, moving legacy email system to Gmail and a revamp of data center and cloud strategies.

Like most companies in their infancy, you develop business processes that will get you through the next year, two or maybe three. As Splunk’s success has risen and the company has grown, their highly customized application environment was hindering them from scaling at the rate they now needed. Being self-aware, they realized the software they sell is their competitive advantage, not their internal infrastructure. To enable them, their business processes needed to return to a simple, SaaS, out-of-the-box architecture strategy created and run by experts specializing in these solutions. This approach and customizing as little as possible are the key to allowing them to move at the speed and agility a modern enterprise requires.

Identity Security Takes the Front Seat

The pillars of focus for Steve and his organization follow this mandate of getting back to basics, are rooted in scalability and represent significant changes that will up level the security posture of Splunk. For these initiatives to be successful they need to be built through the lens of consistency, automation, standards, and self-service.

One of the current pillars of focus for Steve’s team is enhancing their identity security program. By bringing their access capabilities under SailPoint’s Identity Platform, they are utilizing automation to create a self-sufficient program rooted in artificial intelligence. “Creating a productive work environment that responds to employees’ needs while creating a trail for all decisions to prove compliance is the backbone of this transformation of getting back to basics to enable speed and agility”, Steve shared.

Automation is helping Splunk provide access quicker with the ability to remove that access swiftly when the time comes. Review of access is crucial for compliance, but also to drive risk down from potential bad actors accessing systems and applications due to entitlement creep. AI and machine learning capabilities are going to take this automation to the next level by helping them make smarter decisions around the appropriate level of access for users. A byproduct is IT staff are then able to focus their time on more substantial projects.

Fueling Successful Change Management

Getting the entire organization onboard during times of transformation is key to the overall success of a program. Steve has a few tricks up his sleeve for engaging your community to get them onboard for change. At Splunk, each project has a user group that participates in the early stage of the project. This hands-on approach allows them to test the waters with a smaller population to work out the kinks IT projects often initially have. This coupled with an executive-hosted meeting to articulate what the focus is, why they are doing it and how it will be done helps provide context to the organization and give them some skin in the game. When people understand their role and the meaning behind the work, they are more vested.

When they recently replaced their legacy email tool, they had a three-phase approach: IT tested the waters, followed by a user group of early adopters before it was rolled out company-wide. Slack groups were set up and staffed with support. When they asked employees what their experience was with the rollout a survey revealed that 97% were pleased with the transition and the team’s approach.

In a world where change is inevitable and frankly necessary to progress your business forward, we hope Steve’s approach to empowering the organization and balancing change management can spark some ideas for your organization as you navigate your own business transformation.