In my last post, I began a discussion on how the role of product managers is changing with the emergence of SaaS and cloud computing. One of the most significant differences product managers need to embrace surrounds the pricing model. Another significant challenge is in the area of requirements gathering. Product managers need to not only define the features and functions of cloud—based services, but also requirements for how the product will be operated and serviced throughout its lifecycle. With cloud services, product managers need to define requirements for operational aspects such as privacy, security, upgrades, interoperability and service level agreements.
Privacy and Security
One the most significant barriers to the adoption of cloud-based services is the sensitivity to hosting data outside a company’s firewall. A key issue surrounds ownership of the intellectual property and user-generated data within cloud-based service. CRM applications may contain customer databases; e-mail applications may contain sensitive internal memoranda; and financial applications contain employee payrolls. Buyers will be reluctant to embrace cloud applications if there are no limitations on how data can be used by the vendor or third parties. Recent government subpoenas for data associated with WikiLeaks has heightened concerns about the ability to control how data in the cloud is shared. Product managers should ensure data ownership is clearly explained in terms and conditions. Upon termination of a contract, cloud vendors need to provide models for the customer to extract data into their own environment. Additionally measures should be taken by the vendor to ensure that the customer data is purged from its database.
Is Life Different in the Clouds for Product Managers?
The concept of privacy depends upon strong security. Product managers need to familiarize themselves with the appropriate security policies necessary to safeguard different types of data. A high profile security breech could be catastrophic to a cloud vendor. Salesforce.com was the victim of a phishing attack in 2007 in which a customer contact list was exposed. In traditional IT models, the customer’s in-house security team would be responsible for ensuring the protection of sensitive data. However, with cloud services, product managers need to ensure appropriate cost allocation in the P&L exists for security technologies such as VPNs, firewalls, anti-virus, intrusion detection and database encryption.
The past 18 months have witnessed high profile outages at SaaS providers Workday, Intuit and Google. Unlike with traditional enterprise IT, end-users of cloud services are not bound by loyalty or restrictive corporate communications policies. In today’s web 2.0 world, news of service disruptions spreads virally across discussion forums, user groups and popular blogs. Vendors must be prepared to communicate quick and honestly to the user community during outages.
Analyst Ray Wang has called for new levels of transparency from vendors in its manifesto – the SaaS Customer’s Bill of Rights. Wang states that customers should be informed of known functional bugs, potential security risks, recurring performance issues and service availability problems. He states that customers have a right to know the highlights of financial statements, locations of data centers and compliance with government regulations. Product managers will need to consider what level of transparency is necessary to ensure that offerings are competitive in the marketplace.
In traditional enterprise IT models, the customer was responsible for operating the software and hardware in a corporate data center. Operational issues such as disaster recovery planning, system backup procedures, NOC monitoring, hardware repair were concerns of the customer. But in the cloud, these responsibilities are transferred to the service provider. Cloud product managers should play a more active role in specifying operational requirements of services related to backup, monitoring and disaster recovery. Even the most well designed products can experience outages as a result of mistakes in operations.
How easy is it for your customers to connect enterprise apps to the cloud?
Another key barrier to the adoption of cloud-based services is the ability to integrate with internal enterprise applications behind the firewall. Integration and the issue of making disparate applications communicate with one another has historically been the responsibility of the customer. However, in the cloud model integration roadblocks can hinder adoption and lower usage thereby limiting the revenue potential. Product managers must ensure that cloud-based services offer APIs, web services and pre-configured adapters to simplify third party integration. Various industry consortia such as the Open Cloud Manifesto, Open Cloud Consortium and Open Grid Consortium have formed to promote standards for cloud recently. A key tenant of each of these organizations is the inherent interoperability of cloud applications. Both Dell and IBM have made acquisitions recently in cloud integration vendors suggesting that there will be growing need for such types of services.
More thoughts on how cloud computing impacts product management in an upcoming post…