This paper explores key considerations a cloud computing sales manager must address when presenting services to prospective clients. It examines the Software as a Service (SaaS) business model, the trade-offs of vendor lock-in versus flexibility, and how service level agreements (SLAs) can protect both parties. The paper also addresses privacy and data security obligations, including the protection of personally identifiable information (PII), and discusses how cloud providers use security event and incident management (SEIM) systems to demonstrate reliability. Finally, it considers the regulatory environment surrounding cloud computing and the ethical responsibilities of managers to operate transparently and in accordance with corporate governance standards.
The last several decades have seen the rise of the Software as a Service (SaaS) business model and, more specifically, the provision of cloud computing services to various clients. As one industry observer explains, "cloud computing enables a company to tap into raw computing power, storage, software applications, and data from large data centers over the Internet. Customers pay only for the computing resources they need, when they need them. Using the cloud lets businesses avoid building their own data centers and buying servers and disks" (Bulkeley, 2009). For businesses or organizations whose core competency is not information technology or related fields, availing of cloud computing services makes good business sense, because these entities can concentrate on their core operations and let technology companies handle their information technology and information systems requirements.
Cloud computing companies, like any business, exist to provide services to clients in order to derive revenue and achieve business continuity and resilience. Consequently, employees and managers working for a cloud company are expected to achieve these goals by performing their job functions with diligence and commitment. A manager performing sales functions in a cloud computing company will need to convince a client about the merits of the services the company provides. However, in presenting the case to the client, there may be issues regarding lock-in with the cloud service provider, and there are always both positive benefits and negative effects when a client is locked in.
Foremost among the concerns with vendor lock-in is that "rival companies promote their own, mutually incompatible, standards and formats, as they have done in the past. Moving data from one cloud-based storage system to another, for example, is not always easy" (The Economist Newspaper Limited, 2009). In the spirit of transparency and fair play, the cloud computing manager must thoroughly and carefully explain to the client the pros and cons of both locking in and opting out of such arrangements.
The cloud computing company may offer the client lower rates if the client agrees to a lock-in. If the client opts not to be locked in despite the higher rates, the cloud computing manager can advise the client that the company will assist in ensuring compatibility with the standards and formats used by other service providers. Although this will entail additional cost for the client, having several options will enable the client to make an informed decision as to the best option suitable for their organization. On the positive side for the cloud computing manager, laying out all options for the client ensures that the manager is not merely making a hard sell but is endeavoring to become a valued partner. Once the client has made a final decision, all agreements should be detailed and clearly written out in the service level agreement (SLA) in order to provide a legally documented record of service level expectations.
Aside from the issue of lock-in, the manager needs to clearly state the cloud computing company's position on privacy. Fortunately, privacy issues are no longer relegated solely to agreements between parties but are increasingly governed by statutes and legislation. For instance, "storing so much personal information, and using it to target advertising, has privacy implications, and data stored in the cloud may not be safe" (The Economist Newspaper Limited, 2009). Thus, the manager must provide the client with evidence of the cloud computing company's clear-cut policies on information security, specifically covering how the company protects the confidentiality, integrity, and availability of information — particularly personally identifiable information (PII).
Furthermore, there should be an assurance that information obtained through cloud services will not be used by the cloud computing company for any purpose unless there is explicit and implicit authorization from the client. Ideally, this authorization should take the form of a written document detailing precisely how the cloud computing company may use the personal and corporate information of the client. These protections align with broader data privacy principles that govern the handling of sensitive information across industries.
"Using SEIM data to demonstrate security reliability"
"How law and industry standards govern cloud providers"
"Manager's duty to ethics, transparency, and governance"
Always verify citation format against your institution’s current style guide requirements.