An Approach to Securing Data in Hosted CRM Applications
Organizations which look forward to expand its customer base focus heavily on customer relations. To retain customers, it is important to ‘know the customers’ and this paves the way for Customer Relationship Management (CRM). All such organization needs the privacy of customer information that is being handled by various stakeholders. There are numerous statutory and regulatory requirements that mandate the CRM vendors, who provide hosted CRM applications, to ensure data security and data privacy.
Despite all these numerous regulations by various enforcement bodies, an assuring solution addressing the concern of various organizations to adapt the hosted CRM solution prevails. Few of the concerns are:
a. Organizations outsource security management to a third party that hosts their IT assets (loss of control).
b. With multi tenancy as one of the major characteristics of cloud model, the organizations are unsure of the strength of security controls exercised. 
c. The lack of documented security assurance processes and procedures by the cloud providers. 
d. Hosting of relatively valuable assets on publicly available infrastructure increases the probability of attacks. 
For business organizations to move their data on the cloud, it is critical for the end users to have a reassurance on the security of the data. An effective means to achieve this is to encrypt or mask the data even before it is streamed to the cloud.
This implies that the vendors offering the hosted CRM system could also provide the technology to encrypt or mask the critical fields as an Out-Of-The-Box (OOTB) feature. While the Cloud Service Providers assure that the data in their databases comply with various statutory regulations to protect the raw data, this feature further offers to the end users the necessary empowerment to protect the data that is critical for them.
KeywordsCloud Computing Customer Relationship Management Cloud Provider Data Privacy Cloud Service Provider
Unable to display preview. Download preview PDF.
- 1.Kandukuri, B.R., Ramakrishna Paturi, V., Rakshit, A.: Advanced Software Technologies. Cloud Security Issues (2009) IEEE ©, doi:10.1109/SCC.2009.84Google Scholar
- 2.Morsy, M.A., Grundy, J., Müller, I.: An Analysis of The Cloud Computing Security Problem. In: Proceedings of APSEC 2010 Cloud Workshop, Sydney, Australia, November 30 (2010)Google Scholar
- 3.Chowhan, S.S., Saxena, R.: Customer Relationship Management from the Business Strategy Perspective with the Application of Cloud Computing. The Proceedings of DYNAA 2(1) (2011)Google Scholar
- 4.Nourian, A., Maheswaran, M.: Privacy and Security Requirements of Data Intensive Computing in Clouds. In: Furht, B., Escalante, A. (eds.) Handbook of Data Intensive Computing, ch. 19, ©Springer Science+Business Media, LLC (2011), doi:10.1007/978-1-4614-1415-5_19Google Scholar
- 5.Carlin, S., Adams, M., Curran, K.: Security issues in cloud computing (2011), http://www.elixirjournal.org/user_articles/1314858615_38%20%204069-4072.pdf (accessed on March 9, 2012)
- 6.ENISA, Cloud computing: benefits, risks and recommendations for information security (2009), http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computingrisk-assessment (accessed March 9, 2012)
- 7.Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, Corrected Proof (in press)Google Scholar