practice for business since we started Salesforce 10 years ago.

"The issue with safety and security -- there you do need to go in and check your suppliers and make sure on a routine basis they're maintaining security. When you think about security, there are a few things: phishing issues, which is really an end-user problem, not a SaaS provider problem necessarily; there is denial of service, but most of the bigger [SaaS] players and the outsourced data centers are getting sophisticated at mitigating denial-of-service issues. And then there's just getting access to the data, which in my experience doesn't happen very often. It happens less, like I said, than anybody leaving their laptop around.

"One of the things we're finding on the business side, and I'm sure it'll be true of government, is that as you move more stuff to your service provider in the cloud, there becomes less and less need -- as well as fewer opportunities -- to go download and store stuff on your PC hard drive. So the security is actually enhanced."

If I'm in Google Apps -- and I have Gmail and shared documents and Internet sites -- there's nothing I can download. Yes, I can make a PDF file and an Excel worksheet. There's really no reason to even save a [shared doc] on your PC. You can, but system administrators can block that. I'd argue that will enhance security as we all start to move to iPhones -- and more importantly, netbooks, which don't have hard drives. If you're the city of L.A. or a federal agency, you can focus your agency on the Google Apps provider and make sure their security is adequate and they're spending money on security."

"I'd be a little bit more sensitive if I was in government and [a security breach] happens, because what's going to go away is me. Because you only get to screw up once. But as more people become comfortable, and they understand the nuances of the security, it's not a problem. ... I know it can pass a security muster. It's just the training, education and awareness that are going to take some time."

If the security is as good as advertised, why do government officials seem to be reluctant to embrace cloud computing?

There are two things going on in the cloud: One is it's in its very, very early days. Governments and municipalities typically aren't early adopters. The economics of this, however, could force them to accelerate adoption, which is what the industry needs. And as you get more-informed CIOs into places that are important to government, you'll start to see this [move to the cloud]. It's more an awareness issue than anything else. But the economics will drive CIOs there. It's just too cheap. The commoditization of software is what's going on.


In September, Google announced it would launch a self-contained "government cloud" for government agencies that want the company to store their data. Do you think this partitioning of public sector and commercial sector is a workable strategy?

Technology-wise, it absolutely is. It's all about volume and leverage. You get a million, 5 million, 10 million subscribers - [SaaS providers] will get the economies of scale that they want. The government, in and of itself -- if you were to look at federal and state, and leave out municipalities -- creates a marketplace that's large enough. And it's a good sales pitch to conservative and concerned government officials about privacy and security, by saying, "Look, we're only running this for federal, state and local municipalities. We'll cater to your solution." Google has the capacity and capabilities to more than adequately do that and make it cost-effective.

Nobody claims to know with authority where the cloud computing movement is going. What are your thoughts on the future?

Obviously I'm passionate about the cloud [because of] the economics and the ease-of use, and the fact that wireless broadband -- in your airplane and on the iPhone -- gets more pervasive and more capable. Easily over the next 10 to 15 years, we won't think anything of it: "In the cloud" will be it.

It will take time because we're in the early adopter phase. And it will take time because there are huge investments -- whether you're a government agency or a private business. Hundreds of millions of dollars have been spent on today's software. That will all take 10 to 15 years to go away. But if you look out 15 to 20 years, the kids coming out of college won't even know that there was on-premise software.

Matt Williams  |  Associate Editor