October 15, 2012
By Drew Barrows
Our Q&A with Craig Guarente, President of Palisade Consulting Group
What do you perceive as the top three challenges for SAM in CRM datacenters using a cloud environment?
The top three compliance issues are universal. First, many clients don’t know what they own. It comes back to basic contract management. I’ve worked with clients who are using software from contracts that are 20, 25, or 30 years old. Software vendors change product names, repackage software, consolidate, migrate, the list goes on and on. Software vendors spring up and then get bought out. Look at Siebel, at one time the #1 independent CRM vendor. They were swallowed up by Oracle years ago and the products and licensing changed from there.
Second, many customers don’t understand what they’ve deployed. The department in a company that negotiates a software agreement is very separate from the department that installs and maintains the software. These groups don’t talk to one another and it’s quite easy for someone in IT to install a product that was not licensed. Software vendors also make it so easy to access their software that compliance issues pop up all the time. Oracle CRM for example is distributed in a “media pack” that includes many products. When you download that media pack you are not only downloading the software you licensed, but you are also downloading a bunch of other software that you did not license. It’s easy for someone to install that or turn it on in a way that a vendor believes is licensable.
Third, licensing policies are so different from vendor to vendor that it is impossible for one company to have the type of vendor specific knowledge required. The key is to bridge the gap from what you own to what you are using to the vendor’s policies.
CRM has migrated itself to being a relationship management tool. It is very different to what was the traditional use of CRM with access to customer details through a customer database. In fact, Microsoft now refers to CRM as xRM – “anything relationship management” with corporate processes automated through workflow management. With the evolving role of CRM and growing use of datacenters deploying cloud technology, what are the most important factors that make up a robust software compliance strategy?
The biggest factor is ensuring that software compliance is a key function within your company. It requires executive level ownership to facilitate data capture across departments, proper analysis with the ability to deliver change to mitigate risks or avoid costs.
Another factor is understanding that SAM is not a onetime event. It is an ongoing and evolving process. You can be in compliance today and out of compliance tomorrow. Depending on when you are audited that difference could result in a million dollars out of your pocket and into your vendor’s pockets.
As more sensitive data and business-critical processes move to cloud environments, cloud compliance and security seem to becoming a higher priority in managing datacenters. How pervasive is the usage of SAM in datacenters today and do you see this as a growing market?
Customers are paying closer attention to compliance today compared to 10 years ago. That is clear. However, the biggest obstacle is often convincing clients they have a problem. They just don’t have the vendor specific expertise or the tools needed to ensure compliance. I tell clients all the time that Oracle customers are “over licensed and out of compliance.” The SAM market is only going to grow as vendors try to pull in every possible dollar of revenue.
In cloud environments, one of the most pervasive and fundamental challenges for organizations in demonstrating policy compliance is proving that the physical and virtual infrastructure of the cloud can be trusted – How should this issue be addressed? This also particularly happens when those infrastructure components are owned and managed by external service providers. How can an organization address this added complexity?
You need to address this before you implement. In a perfect world it wouldn’t be about proving compliance after the fact. It is more about ensuring compliance before you even start. You need to work with your hosting company to understand how their environment works. You also need to understand your software vendor’s policies on virtualization and how that impacts licensing. You can even work with your vendor beforehand to understand how a particular environment must be licensed. Often clients will come to Palisade and we can advise on licensing or even go back to a vendor and ask the question “anonymously.”
Craig Guarente is the President of Palisade Consulting Group. Palisade helps businesses spend less money with Oracle. Palisade has a wide variety of products and services all designed to lower your Oracle costs. Whether it’s an Oracle audit, a contract negotiation, or a support payment, Palisade can help. We are completely independent services company. We do not resell software. Our only goal is your success.