BUILDING AN IMPENETRABLE CLOUD [Customer Relationship Management]
(Customer Relationship Management Via Acquire Media NewsEdge) COMPANIES CONCERNED ABOUT DATA SECURITY HAVE MORE HYBRID (PUBLIC AND PRIVATE) CLOUD COMPUTING OPTIONS
CRM applications have been available in the doud under the software-as-a-service (SaaS) model - where applications are hosted by a vendor or service provider and made available to customers via the Internet - since the late 1990s. By now, the benefits of these types of deployments are widely recognized: Lower upfront costs, faster time to deployment, simpler administration, automatic updates, system compatibility, easier collaboration, and global accessibility are all hallmarks of SaaS deployments.
And while such deployments have really picked up in the past year or two, many firms are reluctant to even consider the cloud for fear of data being lost or misappropriated.
THE PERCEIVED THREAT
Security of corporate data is the number one concern related to cloud migration, cited by 74 percent of respondents to the latest "State of the Network" global study by Network Instruments, a provider of network and application performance monitoring. That's nearly twice as high as was reported last year.
In the healthcare field, the data issue looms even larger in any discussion of the cloud because patient confidentiality is of paramount concern.
This issue was strongly considered by contact center leadership at Sharp ReesStealy Medical Center, a healthcare provider operating 20 clinics in the San Diego area, before they brought in a cloud-based application to handle patient appointment reminders.
The company, which employs 420 physicians who handle more than 1 million patient visits per year, is using the cloudbased Patient Interact solution from Varolii for outbound patient appointment reminders. The system sends out 5,000 to 7,000 reminders per day to patients via an automated phone call or text message.
Sharp Rees-Stealy uploads the information, including patient names, appointment dates and times, facilities, and doctors' names, to Varolii's servers, and Varolii handles the rest.
"This data isn't anything that's too critical, but we wanted to make sure the information would be secure before turning it over," says Katrina Bidwell, manager of Sharp Rees-Steah/s patient contact center. "There was a lot of trepidation, even about turning over this information."
The data security issue is a legitimate concern, according to many experts, but one that is diminishing quickly.
"The cloud is maturing, and the leading players are proving that they can provide secure services that meet the regulatory needs of specific industries, like insurance, healthcare, and financial services," says Jeff Kaplan, managing director of THINKstrategies, a CRM consulting firm. "If you look at the evolution of SaaS offerings, the prominent players that deal with highly regulated industries have met the security requirements of those industries."
Five9, a cloud-based contact center software provider that facilitates more than 3 billion calls per year, counts among its clients a number of leading financial services firms and several insurance and healthcare providers. "It's a validation of the cloud that financial and healthcare firms are in there," says Mike Burkland, its president and CEO.
Geoff Merrick, chief technology officer of the Salesforce.com business unit at Cloud Sherpas, a cloud consulting and systems integration firm, says most cloud systems have matured to the point where companies needn't worry. "The data security question... and compliance issues have been addressed," he states.
Universal Health Care, with 189,000 members in 19 states, turned over its contact center operations, which handle about 80,000 calls a month, to Five9 two years ago. Lisa De La Parte, the senior manager of its contact centers, has no concerns about security. In all the time with Five9, there has never been a data breach, she says.
Universal Health Care's contact centers blend inbound and outbound services for member services, sales, pharmacy, claims, enrollments, and case management. Five9 also provides screen pops, click-to -call, and a number of other technologies, as well as integrations with Universale Salesforce.com and Fortuna CRM systems and its NICE Systems IEX workforce management solution.
"Five9 allows me to run my contact center from anywhere," De La Parte says.
Burkland says many cloud service providers today don't even store data locally. "We are just routing the interactions," he says.
Five9 offers cloud-based applications for inbound and outbound calls, predictive dialing, IVR with speech recognition, workforce management, quality monitoring, call recording, agent scripting, and automatic call distribution.
These kinds of applications can be very data-heavy and demanding, adds Raj Sharma, president and CEO of 3CLogic, a provider of call center software hosted on the Amazon Web Services cloud. "Centralized server architectures are just not robust enough to handle the kind of load that contact centers generate," he said in a statement.
Still, Darryl Plummer, a managing vice president at Gartner, and David Mitchell Smith, a vice president and fellow at Gartner, recommend a tactical approach to moving applications into the cloud. Apps that can be moved into the cloud right away include CRM, email, productivity tools, Web servers, and collaboration tools. Apps that should be moved "a little later" include product design, help desk, account management, and evaluations, they suggested in a recent report.
Still, a question that comes up often in Burkland's discussions with companies considering a contact center cloud migration is the issue of multitenancy, in which information from many companies is stored in the same data centers - in some cases on the same servers - or where a single instance of a software application serves multiple customers. That concern is without merit, he says. "There is no impact from one customer's activity on the system to other customer applications and data on the same system."
Furthermore, with multitenancy, each tenant's data is isolated and remains invisible to other tenants.
Denis Pombriant, founder and managing principal at Beagle Research, likens hesitation over multitenancy to a consumer refusing to open a bank account for fear that his money will get lost in someone else's account. "What we're really talking about is raw data that is overlaid with one or more layers of metadata to link it to a specific customer," he says.
Companies also often mistakenly believe that customer information and applications are safer behind their own firewalls, something that Kaplan says often can't be further from the truth.
"You might think you're better able to safeguard against data security issues, but you have to ask yourself, how secure is your own environment " he states. "[Hosting] companies have succeeded in hosting data in their data centers without serious security infringements where data was compromised, but there are plenty of stories about that happening at companies' own facilities."
Pombriant says the greater risk is from IT departments that are stretched to the limits. For the most part, "data centers by service providers are more secure than those run by internal IT departments," he says. "The IT department has so much else going on."
DATA CENTER DEPARTURE
Because of this, many companies today are shuttering their own data centers as they move applications, platforms, and infrastructure to the cloud. In fact, analyst firm IDC predicts that 50,000 corporate data centers will disapp ear by 20 1 6. At the same time, data center space will increase significantly, from 611.4 million square feet today to 700 million square feet by 2016. Most of the extra capacity will be absorbed by cloud service providers.
"Momentum is definitely swinging toward the hosting companies," says Rick Villars, vice president of data center and cloud research at IDC. "It's tied to companies making the decision that they do not want to rebuild their data centers and they would rather go with a cloud service."
This is especially true of CRM applications, which Villars says will be built "more and more on the service provider foundation."
The SaaS model also has some predicting the end of company virtual private networks (VPNs), which use public telecommunication infrastructures, such as the Internet, to provide remote offices or individual users with secure access to their organizational networks. Typically these networks have built-in security procedures and tunneling protocols (creating a secure pipeline in an untrusted network) that carry encrypted data between the two end points.
Shahin Pirooz, chief technology and strategy officer at CenterBeam, an IT managed services provider, is among those who see the cloud replacing VPNs.
"Greater use of cloud solutions is giving more employees the opportunity to access corporate resources remotely through their iPhones, iPads, and Android-based smartphones and tablets," he stated in an email to CRM magazine. "With mobility driving worker productivity, enterprises are looking vat even more cloud services to support new and innovative use cases, which then spur even greater use of mobile technology. And that snowball will keep gaining speed until client-based VPNs become completely obsolete."
Further reducing the need for clientbased VPNs, many software vendors have recently launched private cloud offerings that, like VPNs, typically employ encryption, tunneling, and other security measures before data can be transferred between the cloud services provider and a corporate client. This essentially turns the provider's multitenant architecture into a single-tenant architecture.
A handful of vendors offer this. Oracle, at its OpenWorld Conference in early October, launched the Oracle Private Cloud, in which all the critical components are installed in the customer's own data center behind its own firewall, with Oracle owning and managing the infrastructure and storage. "We own it. We manage it. We upgrade it. You pay a monthly fee for what you use," Oracle CEO Larry Ellison explained.
Company president Mark Hurd called the private cloud "a big deal," bringing "all the benefits of the cloud without any of the privacy or security issues."
Not to be outdone, Microsoft recently acquired StorSimple, a provider of cloud-integrated storage solutions, to help customers embrace hybrid cloud computing. IBM and AT&T in early October announced a business agreement to deliver a network-enabled doud service that uses private networks rather than the public Internet. The joint IBM/ AT&T product, to be made available this year, combines AT&T's VPN architecture with IBM's SmartCloud Enterprise to create a highly secure shared cloud service. With it, a financial services firm, for example, could move and manage critical customer data between its own data center and IBM's cloud without the data ever leaving the VPN.
Because of ongoing security concerns, many investment banks remain committed to the idea of private clouds. Bank of America, Merrill Lynch, Deutsche Bank, Goldman Sachs, JP Morgan Chase, Credit Suisse, and Morgan Stanley all take this approach, according to published reports.
Cloud Sherpas' Merrick also sees many companies that have gone through cloud deployments keeping a backup of their data and applications behind their own firewalls. This is especially true of companies that have customer information that is very sensitive or constantly changing, but other companies with lots of records have also done the same.
Rob May, CEO of Backupify, which provides secondary data storage to companies using both Google and Salesforce.com cloud-based apps, also encourages companies to back up their data. "The service providers can do a lot to keep data safe, but they can't protect you from accidental deletion by an employee," he says.
With the cloud, that is a bigger problem than data being manipulated or stolen by an outside threat, like a hacker. "A lot of the time, with the cloud, it [is] a problem with an authorized person and data being deleted by accident," May says.
Many of these errors occur when firms cling to multiple, outdated workflows that require employees to manually cut and paste or import and export data between systems.
"You should have a second copy of your data somewhere else in case of loss - a backup that is not controlled by the SaaS provider," May suggests. "It's a good idea to have a backup to protect yourself against user error, breached accounts, or server outages."
When dealing with cloud-based CRM providers, companies can include risk transfer and indemnification provisions in their contracts for an additional layer of protection should the vendor fail to safeguard the information in its care. Some insurance companies even issue policies for data breaches, covering the costs to pursue legal action against those responsible and repair the damage.
But ultimately, no one else can tell you whether the cloud is right for your business' needs.
Sharp Rees-Stealy is so confident in its cloud deployment that it is looking to add capabilities. The Varolii system now only handles voice and text messages, but the healthcare provider is considering adding email notifications and expanding its use beyond just appointment reminders to include notifications about the availability of flu shots, cancer screenings, vaccinations, disease management program enrollments, and other patient offerings. "There are so many other things that we can do," says Kathy Hutchens, director of marketing for Sharp Rees-Stealy 's patient contact center. "We're off to a great start, but we're only scratching the surface of what's possible."
And data security will not be an issue. "We have an absolute obligation to protect patients, and a differentiating part between the cloud today and ten years ago is the level of trust. Ten years ago there wasn't the level of security [that there is now]," Hutchens concludes.
"There's some old thinking that needs to retire," Pombriant adds. "The cloud is where everything will go. There are a lot of different clouds to choose from, and they're all pretty safe."
"THE CLOUD IS MATURING, AND THE LEADING PLAYERS ARE PROVING THAT THEY CAN PROVIDE SECURE SERVICES THAT MEET THE REGULATORY NEEDS OF SPECIFIC INDUSTRIES. "
HESITATION OVER MULTITENANCY IS LIKE A CONSUMER REFUSING TO OPEN A BANK ACCOUNT FOR FEAR THAT HIS MONEY WILL GET LOST IN SOMEONE ELSE'S ACCOUNT.
CRM STORMS INTO THE CLOUD
Gartner estimates that 35 percent of all CRM-related implementations today are being carried out in the software-as-a-service (SaaS) model. That's up from 8 percent in 2005 and 20 percent in 2008. By 2020, more than half of all CRM implementations will use SaaS, Gartner predicts.
The analyst firm further expects SaaS-based CRM sales, which are currently valued at $4.5 billion, to reach $6.3 billion by 2015, representing a 15 percent compound annual growth rate.
Analyst firm TechAisle found that among small and midsized businesses, the average number of cloud-based business applications has more than Joubled in the past two years alone. Of those, CRM applications have seen le deepest penetration, at 55 percent- up from 34 percent in 2010.
'Messaging, collaboration, and CRM are all areas that are already well ito the cloud," says Mike Conn, senior vice president of marketing at ;ioud Sherpas, a provider of services to help companies adopt, manage, and enhance cloud solutions from Google, Salesforce.com, and other veniors. "Over the next few years, we'll start to see other applications, like îuman capital management and back-office systems like [enterprise îsource planning] move to the cloud."
Cohn further expects that in 10 years, everything will be in the cloud. The cloud will not be a question but the norm," he says. - L.K.
News Editor Leonard Klie can be reached at email@example.com.
(c) 2013 Information Today, Inc.
[ Back To Cloud Computing 's Homepage ]