When Salesforce.com was founded in 1999, there were many skeptics who scoffed at the company's business model, which was to sell software that's managed and hosted offsite. It turned out to be the way of the future, and was a harbinger of what's today known as software as a service (SaaS).
One of the executives who helped grow Salesforce into a household name in software for customer relationship management, former president Steve Cakebread talked with Government Technology about what the future might hold for government as the world increasingly adopts SaaS and cloud computing.
Cakebread was Salesforce's president and chief financial officer until January 2009, and had worked in other capacities for the company since 2002. He currently serves on the board of directors of Ehealth.com and SolarWinds, and is a business adviser for Xactly, a maker of sales performance management software. He also consults on SaaS implementations.
This week the Los Angeles City Council approved a plan to move the city's 30,000 employees to Gmail. In your role as a consultant, what's it been like to help move an organization to Web-based mail?
It's been an interesting experience, on the one hand. One of the places, we took a survey of employees and we found 75 of the 100 employees use Gmail at home. So we thought, "Hey, not a problem, let's just go and put this in." And you think they've readily adapted, but then you run into issues of getting Google Apps to BlackBerrys and iPhones, and doing the data transitions. We're through all of that, and it works reasonably well -- except then Google has their infamous seven-hour outage, which doesn't help much. It's kind of weird: People forget their Outlook and e-mails go down on occasion too, but for some reason when it's in the cloud and it goes down, everyone kind of whines about it. My argument is that just means you're using [the cloud] more than you ever thought you did.
Beyond e-mail, how big a future do you think cloud-based software and services have in government?
The municipalities have always been a great opportunity. For example, the city of Los Angeles wants to serve their constituency by [allowing them to use the Internet] to look at property tax records or deeds of trust, and stuff like that. Clearly there are huge opportunities for things like that. I think there's a sophistication with the major SaaS players -- Salesforce, Google, and others -- whereby the security and privacy is reasonably assured, or no less assured than the infamous employee who walks out the door with everybody's Social Security numbers on their laptop, and the laptop gets stolen. The municipalities look like a great opportunity, even down to Google Apps [picked] for the city of Los Angeles. The question is, why not do it? Once you get it in and get people moved over, it's a fairly sophisticated solution. Yeah, there are nuances in Outlook that, after 20 years, people may or may not wish they had. But Google will get those over time.
It's an obvious point, but government officials are concerned about the privacy and security of public data. What's the SaaS industry doing, as a whole, to address those types of concerns?
"In most agreements that you write -- except for some stories about Facebook, where it can get a little cloudy -- it's really clear that typical contracts between a SaaS provider and a customer, like L.A. or General Motors or whoever, is that the content (the data that resides in the solutions) is owned by the customer, not the supplier. That's been pretty much the standard
practice for business since we started Salesforce 10 years ago.
"The issue with safety and security -- there you do need to go in and check your suppliers and make sure on a routine basis they're maintaining security. When you think about security, there are a few things: phishing issues, which is really an end-user problem, not a SaaS provider problem necessarily; there is denial of service, but most of the bigger [SaaS] players and the outsourced data centers are getting sophisticated at mitigating denial-of-service issues. And then there's just getting access to the data, which in my experience doesn't happen very often. It happens less, like I said, than anybody leaving their laptop around.
"One of the things we're finding on the business side, and I'm sure it'll be true of government, is that as you move more stuff to your service provider in the cloud, there becomes less and less need -- as well as fewer opportunities -- to go download and store stuff on your PC hard drive. So the security is actually enhanced."
If I'm in Google Apps -- and I have Gmail and shared documents and Internet sites -- there's nothing I can download. Yes, I can make a PDF file and an Excel worksheet. There's really no reason to even save a [shared doc] on your PC. You can, but system administrators can block that. I'd argue that will enhance security as we all start to move to iPhones -- and more importantly, netbooks, which don't have hard drives. If you're the city of L.A. or a federal agency, you can focus your agency on the Google Apps provider and make sure their security is adequate and they're spending money on security."
"I'd be a little bit more sensitive if I was in government and [a security breach] happens, because what's going to go away is me. Because you only get to screw up once. But as more people become comfortable, and they understand the nuances of the security, it's not a problem. ... I know it can pass a security muster. It's just the training, education and awareness that are going to take some time."
If the security is as good as advertised, why do government officials seem to be reluctant to embrace cloud computing?
There are two things going on in the cloud: One is it's in its very, very early days. Governments and municipalities typically aren't early adopters. The economics of this, however, could force them to accelerate adoption, which is what the industry needs. And as you get more-informed CIOs into places that are important to government, you'll start to see this [move to the cloud]. It's more an awareness issue than anything else. But the economics will drive CIOs there. It's just too cheap. The commoditization of software is what's going on.
In September, Google announced it would launch a self-contained "government cloud" for government agencies that want the company to store their data. Do you think this partitioning of public sector and commercial sector is a workable strategy?
Technology-wise, it absolutely is. It's all about volume and leverage. You get a million, 5 million, 10 million subscribers - [SaaS providers] will get the economies of scale that they want. The government, in and of itself -- if you were to look at federal and state, and leave out municipalities -- creates a marketplace that's large enough. And it's a good sales pitch to conservative and concerned government officials about privacy and security, by saying, "Look, we're only running this for federal, state and local municipalities. We'll cater to your solution." Google has the capacity and capabilities to more than adequately do that and make it cost-effective.
Nobody claims to know with authority where the cloud computing movement is going. What are your thoughts on the future?
Obviously I'm passionate about the cloud [because of] the economics and the ease-of use, and the fact that wireless broadband -- in your airplane and on the iPhone -- gets more pervasive and more capable. Easily over the next 10 to 15 years, we won't think anything of it: "In the cloud" will be it.
It will take time because we're in the early adopter phase. And it will take time because there are huge investments -- whether you're a government agency or a private business. Hundreds of millions of dollars have been spent on today's software. That will all take 10 to 15 years to go away. But if you look out 15 to 20 years, the kids coming out of college won't even know that there was on-premise software.