Photo by Micky Aldridge
I had the good fortune to go to breakfast with a group including Saleforce.com Chief Trust Officer Patrick Heim. Besides a great free meal at Old Ebbits, there was a lot of great conversation around the way Salesforce.com and Force.com are being leveraged by the public and private organizations and some of the problems it is helping solve. For those that don’t know Salesforce does a lot more than Salesforce Automation with thousands of solutions implemented by various organizations including everything from survey management to security assessment tools like our PSAFE application. Of course given the presence of Saleforce.com’s Chief Trust Officer a lot of the conversation was security related. I’d like to share a few of my takeaways from what I thought was a very valuable meeting.
- Infrastructure as a Service, Platform as a Service and Software as a Service: Patrick Heim had an interesting take on these three models and noted that while platform as a service and software as a service can be transformational for organizations he did now feel as strongly about the infrastructure as a service model. His reasoning was that Infrastructure as a Service might lead to some efficiencies from a cost standpoint, but that it could also perpetuate and even accelerate some organizational problems by making it easier/cheaper to rapidly stand up new server instances, etc. This in turn simply adds to the complexity of what must be managed by the business, security staff, etc. With platform and software as a service there is a much more of a focused value proposition for the business and hopefully a better technology to business mapping.
- Federal Implications for the Democracy in the Cloud: This is old hand for a lot of people that have been following Salesforce.com for a long time, but the implications of it are interesting particularly when looking at useful cases like public sector vs. private sector security requirements. Salesforce.com has consistently maintained a stance that as it evolves its business to meet evolving requirements in areas like security for example that the bar will be raised across all of its customers. US laws around federal usage mean that things like citizenship; monitoring and other issues may force Saleforce.com to evolve its democracy in the cloud stance to meet the demands of the world’s largest democracy. This may include having federal specific pods to handle federal transactions in order to maintain compliance while bringing their capabilities to the federal government.
- Dealing with security questions: One of the big things customers get concerned about with the cloud is the multi-tenancy aspect of it. Essentially your stuff is right next to someone else’s stuff, so how secure can it be? Heim had an excellent way of presenting it, which is essentially that Saleforce.com manages a fairly homogenous technical environment. Basically, Saleforce.com benefits financially by developing economies of scale around hardware, software and even things like skills/HR but that all of this lends itself to enhanced security because it reduces complexity and streamlines things like patching, etc. My first thought when he mentioned this was the 500+ systems that many cabinet level agencies in the federal government of the thousands of applications many Fortune 500 companies have within their organization. Most of these are built to purpose with limited standardization of hardware and software and diverse skill requirements. The level of complexity inherent in securing this is obvious when you look at it from this standpoint even before you think about the additional cost and inefficiency driven by this sort of environment.
At the end of the breakfast several of us stayed after to finish coffee and talk about how we are leveraging Salesforce.com within our organizations and the one thing that kept coming up is time to value. For us this is critical because there is so much focus by both our both public and private sector clients to get to value quicker. Saleforce.com and Force.com have enabled us to bring our customers secure solutions, quicker while reducing costs and alleviating them of the pain inherent in managing complex IT environments. I talked about this a bit in my post “SAAS and a tropical vacation- Their surprising similarities”, but this breakfast was real world validation of the change Cloud, Software as a Service and companies like Salesforce.com are bringing to the marketplace and how it is transforming the way organizations work. Has your organization looked at SAAS solutions? Are you using Salesfore.com or Force.com anywhere?