As Businesses Continue to Adapt to the Global Pandemic, Cloud CRM Security More Important Than Ever
By: Juhi Fadia
Originally published on Customer Magazine
Last month, Pega released results of a survey that revealed most businesses overestimated their digital readiness to adapt to the COVID-19 health and financial crisis.
Pega, which is at the center of enterprise digital transformation, and serves many of the world’s largest and most sophisticated organizations, commissioned research firm Savanta to survey more than 1,200 business decision makers around the world for their perspectives on how their organization were impacted by the COVID-19 crisis. The results of the May study include responses from the United States, United Kingdom, France, Germany, Japan, and Australia, and found that four out of five leaders thought they were fairly deep into their DX initiatives – with 35% assessing themselves in “advanced stages.”
Instead, as a group, nearly three quarters (74%) of these leaders said they were more vulnerable to gaps in business operations and systems than they originally expected. 54% admitted they should have done more to help their customers, and 71% are accelerating their DX plans as a result.
Two of the top DX projects include moving to cloud-based systems and upgrading Customer Relationship Management software.
The good news is that most of the group polled found their newly home-based employees more productive than ever (52% reported employees are more productive now than before the pandemic, while 17% saw a slight dip in productivity and only 3% reported a significant drop).
It is now a given that Cloud CRM is the way of the future, but with cloud comes different approaches to cybersecurity as more and more private, confidential and proprietary data and information is being transported over the Internet, or private networks, between cloud applications and exponentially more end-points, including for example contact center agents CRM supports.
Security should be and is a primary concern for companies who are willing to transfer their CRM from on-site to a cloud-based system.
This month, two companies launched a partnership that addresses the growing need for Cloud CRM security – Ironsphere, a secure access management software, and services company serving large enterprises and telecom service providers, announced Pegasystems Inc., the software company empowering digital transformation at the world’s leading enterprises, has selected Ironsphere’s Privileged Access Management (PAM) software to further secure its Amazon Web Services (AWS)-hosted CRM as-a-service offerings.
Pega is the leader in cloud software for customer engagement and operational excellence. Its AI-powered software helps the world’s leading organizations optimize customer interactions on any channel while ensuring their brand promises are kept. Pega’s low-code application development platform allows enterprises to quickly build and evolve apps to meet their customer and employee needs and drive digital transformation on a global scale.
With many of its cloud-based solutions running on AWS, Pega needed a secure PAM solution that worked in its deployment model of Pega Cloud. “After a rigorous evaluation process, Pega ultimately selected Ironsphere,” the announcement issued by Ironsphere said.
The solution is coming at an important time. According to nearly every industry analyst firm, securing Cloud CRM is a high priority for enterprises and organizations.
For example, Forrester’s Cloud Security Solutions Forecast 2018 to 2023 report estimates that by 2023 the global market for cloud security technologies will reach $12.7 billion, up from $5.6 billion in 2018, with that figure representing multiple technologies as organizations increasingly rely on specialized options for cloud security.
Pega has been named a Leader in The Forrester Wave™: Real-Time Interaction Management (RTIM) report, Q1 2019, and a Leader in The Forrester Wave™: Healthcare CRM Providers, Q1 2020, and given the impact of COVID-19 on healthcare and telemedicine approaches, Cloud CRM in that industry vertical continues to take on new meaning.
“At Pega, we work with many of the world’s largest and most complex organizations, and it is our priority to continue delivering secure solutions for our clients,” said Frank Guerrera, Chief Technical Systems Officer, Pegasystems. “Ironsphere’s architecture and scalability delivers a high-security standard while enabling continuous, fast, and lower-cost operations, so our clients can continue to feel confident in the security of their cloud services.”
A conventional customer relationship management system, or CRM system, used to require a hefty and pricey software that depended on an entire IT team for the purpose of installation and maintenance of the system. Those now archaic systems, with inflexible hardware, software licenses, are being crushed by cloud-based options. So even while the buyers of these modern cloud-based systems will spend more on security, they are spending less on traditional solutions, which used to include on-prem gear, software, and maintenance associated with legacy systems.
“As the digital transformation of enterprise systems accelerates, with more and more applications, services and data moving to the cloud, PAM is more important than ever,” said Michael Fritzlo, Executive Chairman of Ironsphere. “Increasingly secure clouds of any type – public, private, hybrid, or a combination – are extremely valuable to enterprises whose success is based on trust, integrity and the protection of each customers’ digital assets under management.”
Due to the nature of cloud solutions, instances (virtual servers) are created or deleted within minutes based on demand, which means that technology infrastructure is much more dynamic than on-prem infrastructure, and requires an agile approach to managing and restricting privileged users, including admins, DevOps, and IT support.
Ironsphere’s Cloud-PAM supports integration with AWS Inventory (Device and Tag Management APIs) so that created/deleted instances are auto-discovered, and privileges are auto-assigned or removed. Admins are presented a unified inventory list based on their roles and are always able to connect to instances smoothly (without knowing the instance credentials) while all sessions are silently recorded for security and regulatory compliance.
“We are extremely proud to support Pega in their continued growth in the enterprise cloud services market,” said Michael Fritzlo, Executive Chairman, Ironsphere. “As a leader in cloud-based PAM, made possible by our advanced software-defined platform and solutions, Ironsphere has invested in cloud-native solutions, unlike competitors who are struggling to retrofit expensive, legacy technologies into a cloud-first world. We recognized this opportunity early and acted upon it by investing in greenfield PAM. Our architectural and investment decisions supported Pega’s adoption for AWS-hosted services, and by the choice of Ironsphere by some of the largest communications service providers, banks, and other industries who rely on secure, real-time applications.”
“Ours is a security solution which enables our customers to maintain continuous operations without sacrificing security practices,” Fritzlo continued. “And ours is a solution that can be implemented in days or weeks, not months or even years, which is light years ahead of the first generations of PAM.”
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.