emc perspective: what customers seek from cloud services providers
TRANSCRIPT
WHAT CUSTOMERS SEEK FROM CLOUD SERVICES PROVIDERS
Service providers have enormous opportunity to capitalize on the fast-growing cloud services market—if they are attuned and responsive to customers' goals, concerns, and performance and support requirements. New research from EMC shows how.
EMC PERSPECTIVE
Businesses need agile IT services to enable growth and keep pace with marketplace and regulatory change. They also need to capitalize on the explosive growth of available data without driving up costs and overwhelming their IT infrastructure. Cloud services can help meet both objectives. Migrating workloads to the cloud, including high-volume services, can reduce cost, improve performance, ensure scalability, and provide access to new and innovative technologies.
That spells opportunity for cloud service providers. EMC® commissioned independent market research with Technology Business Research (TBR) to clarify how and why business and government organizations purchase cloud-based services from cloud service providers (CSPs). We found that to expand their cloud services business, CSPs must connect with their customers in specific ways, including clearly indicating cost benefits, and offering flexible pricing options and support channels. They must also address the two biggest barriers to cloud services adoption: customers’ concerns about data protection and security, and their migration challenges, starting with overcoming lock-in to embedded business processes.
This Perspective is addressed primarily to CSPs to help them better understand their customers, position their cloud offerings, and capture and retain business. Each section of the document ends with sets of recommended go-to-market actions for CSPs. We hope that this discussion also proves valuable to end-user organizations as they consider cloud services, hone their evaluation criteria, and select and work with their providers.
We welcome the opportunity to discuss these opportunities and challenges with you and help you thrive in and capitalize on the fast-growing cloud services market.
ABOUT THE RESEARCH The multi-faceted research conducted for EMC by TBR included a survey of 253 organizations, in-depth interviews with 20 executives, and secondary research and industry analysis.
We surveyed organizations ranging from $250M to $100B in annual revenue or budget and focused on four bellwether industries: financial services, healthcare, government, and media & entertainment.
Among individual respondents, 86% are from IT organizations; 37% are IT Directors, 36% are IT VPs, and 27% are CEOs, COOs, CFOs, CIOs or CTOs. Nearly two-thirds identified themselves as the sole or final decision maker when purchasing IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) from CSPs. Fifty surveys were from Canadian organizations, the rest from the U.S.
3
TRUST IN THE CLOUD It’s no surprise that trust is the #1 concern of customers and a barrier to adoption of cloud services. That includes the security of data, software, and other assets, and especially the protection of private or otherwise sensitive data. Recent research by TBR found data privacy and security among the most frequently perceived risks by cloud services adopters and non-adopters alike, especially when considering deployment to the public cloud (source: TBR, Winter 2011 Cloud Computing Adoption Study). Security was also a recurring theme in our executive interviews.
A Director of Technology and Applications in financial services put security concerns in a nutshell: “Being a financial institution, protection of our customer data is an absolute priority, and the service provider should be knowledgeable about compliance issues.”
However, the cloud security scene is complex. At the same time that customers are reluctant to deploy mission-critical applications and sensitive data to the cloud, they are increasingly adopting cloud-based security services. These are services that augment an organization’s existing network security, remote access, intrusion prevention, and data loss protection capabilities. As cloud services, they can reduce costs and improve visibility, manageability, and auditability—while increasing security. Our survey shows that not everyone turns to CSPs for these services, but those who do are highly satisfied with them.
A VP of IT in financial services articulated the value proposition of security services: “We would move security and compliance services and network security applications to a cloud. We have strong internal security policies, and that leads to investment in software and other related management costs. Moving to cloud would mean fewer concerns and lower costs.”
To lower the barrier of concern over security, CSPs need a three-prong approach:
• Address security concerns head-on and up-front. Demonstrate and document capabilities, including emphasizing the reliable performance of security services. Customers who have clear security service level agreements from the start have the highest satisfaction with their cloud services.
• Build security into cloud services, which should reduce the cost and management burden for customers. Provide customers with plenty of visibility into security, accessibility, and performance—the elements especially important for mission-critical applications.
• Offer flexible deployment options, especially hybrid cloud, where customers can control their sensitive assets on-premise, yet capitalize on the scalability and functional resources of off-premise cloud services.
An IT Director in media & entertainment favors hybrid deployment: “A hybrid on-premise deployment with off-premise bursting capability offers us more data scalability and gives us more control of the data.”
4
Companies increasingly prefer hybrid cloud deployment, with elements of the solution both on and off premise, for the whole range of workloads. The exception is in healthcare, where information privacy is paramount, and nearly half of our respondents prefer an on-premise private cloud solution managed by the CSP. Very few companies are interested in off-premise services accessed via the public Internet, where the monitoring and management tools for enterprise-level workloads are still lacking. In short, customers are gaining confidence in trusted “off prem” cloud over secure connection and looking to get “the best of both worlds”.
GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS • Develop a range of trusted profiles for class of application workloads or reference
model of your security and compliance capabilities. Pair it with assessment tools that enable customers to discover not only how their security requirements can be met, but also how private and hybrid cloud deployment can surpass the security provided by conventional in-house methods.
• Security is often a general concern. Make the case for cloud services more tangible and trustworthy by taking specific customer use cases and showing how their security requirements can be met between the network and infrastructure options.
• Security and compliance services are popular, but they tend to require extra skill and customization. If these are in your services set, build the skills and emphasize your ability to help customers manage and mitigate business risks.
• Offer multiple deployment options, including managing both hybrid and on-premise private clouds. If customers are still uncomfortable with off-premise cloud services, partner with them to build and extend their private cloud foundation.
• Sharpen your messaging to help customers understand the benefits of a CSP cloud as the next step beyond the virtualization they’ve already done.
• Security requirements vary across industries. Communicate your ability to meet industry compliance standards such as HIPAA, PCI/PII data loss prevention, and legal and archiving requirements for email applications. Even if your offerings are generic, articulate how they meet the specific needs of your target markets.
• Develop a “Trust Dashboard” associated with a class of applications/workload that will provide the responsible parties with audits logs, Access Authorization Authentication (AAA), reports and alerts on unauthorized access, and the ability to define and manage compliance policies.
How important is it to respondents to control where their data resides? Very. On a 7-point scale, respondents from all industries rated the importance over 6.
Why do respondents want control over data location? Legal compliance was most important to financial services. Availability and portability were most important to media & entertainment.
5
WORKLOADS INTO THE CLOUD Security is a concern, but customers are eager to move many workloads into the trusted “off prem” cloud. Two-thirds of surveyed companies have already purchased IaaS or PaaS offerings from CSPs, and virtually all of the rest have purchased other IT services. However, customers need help prioritizing workloads and migrating them smoothly to realize the anticipated financial return.
And financial return is the name of the game. Eighty percent of companies surveyed are driven by the opportunity to lower immediate costs, long-term total cost of ownership, or the burden of aging infrastructure. Our executive interviewees are well aware of the agility, scalability, and performance benefits of cloud services, and they value CSP expertise and domain knowledge. However, cost remains the primary driver of adoption.
A Chief Technology Architect in government listed key drivers of cloud adoption: “Reducing costs and operational budgets was the key driver to purchase from a service provider. Service providers had the domain knowledge and expertise that we needed. We were also looking at ease of deployment.”
What workloads are moving to the cloud? Backup and recovery are the most common as both services already purchased and services under consideration for future purchase. Other common offerings include data archiving, data protection and security services, cloud storage, email, and a variety of SaaS (Software as a Service) applications, including ERP. The next big wave of cloud services may be for analytics—both organizing Big Data and running analytical models with results fed to business applications and management reporting systems.
How quickly do respondents expect to be able to access new cloud services purchased from an SP? Forty-seven percent said they wanted it within 45 minutes and an additional 17% want it within 60 minutes.
How quickly do respondents expect to be able to change or reconfigure their services? One-third of respondents expect to be able to do so within 30 minutes. Thirty-one percent said within 60 minutes.
6
Customers are clearly interested in the whole range of cloud services—IaaS, PaaS, SaaS. However, they are moving compute- and storage- heavy applications first on the IT side such as backup/recovery, storage archival, and security. Mission-critical applications are on hold until customers are thoroughly confident about security in the cloud. Those are the trends, but CSPs must look beneath them and recognize variations in customer preference and intent by industry. For example, healthcare companies place heavy focus on storage and security services.
A healthcare IT Director explained workload priorities: “We would prefer back up, archiving, and storage on a service provider cloud. This combination will lead to low maintenance costs. We do not want to have any other applications on the service provider cloud until we are completely convinced regarding the security.”
The next graphic captures today’s situation and tomorrow’s opportunity. First-wave cloud-based applications are well established. Second-wave cloud-based applications are common, but many customers still want to keep business applications and sensitive data close to home. As CSPs build track records, especially in security, more mission-critical applications will move to the cloud.
7
GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS • Help customers make the business case for cloud services and prioritize workloads
with predictable cost models and cost savings analyses. With 68% expecting ROI in three years and 33% expecting it in 12 to18 months, deploying a “TCO calculator” to help them find all cost benefits and accelerate the timing of savings would be advantageous.
• Demonstrate deep expertise in workload migrations, processes, and tools and automate migration to minimize disruption and risk.
• Educate customers on the opportunities to improve performance while lowering operating and management costs by pursuing an alternative path for technology refresh.
• Develop a strategic view of workload storage requirements, incorporating capacity, performance, and cost-based evaluations of on- and off-premise solutions. Workloads to focus on include digital asset management, email storage, archiving, and data protection, as well as more reliable and scalable backup and recovery. These are common and commodity workloads, but demand for them continues to grow.
• Ride the analytics adoption trend by offering analytics platforms, especially to medium-size companies, and assistance managing Big Data, especially to large companies.
• Business challenges vary across industries, so tailor both offerings and marketing approaches to your target industries. Communicate your industry expertise. Even if your offerings are generic, articulate how they meet the specific needs of your target industries.
ENGAGING WITH CUSTOMERS To engage effectively with customers and prospects, CSPs must understand the buying process and customer expectations around pricing and support, then differentiate on the basis of that understanding.
THE BUYING PROCESS Customers use a variety of methods to learn about cloud offerings and providers, including CSP websites and sales people, as well as independent websites. Customer references naturally carry great influence.
A financial services Director of Technology Application outlined the buying process: “We look at websites, customer references, and the information that we receive from the sales teams at the service providers. Customer testimonials, case studies, and demos are very useful to get a clear picture of what we see on websites.”
The decision to buy is often made by senior management, including CIOs and CFOs, often based on service level agreement (SLAs), demonstration of the relevant domain/industry expertise, management tools and on the recommendation of evaluation committees and IT staff. When it comes to the purchasing action, most customers (56%) prefer to work with a sales person, though some purchase through the CSP website (25%) or customer service organization (22%). Direct contact with a sales person makes sense, especially if the investment is significant, there is a need to negotiate, or there is a desire to build trust. Conversely, market trends amongst shadow IT buyers (e.g., marketing, business line and other non-IT buyers) show that the majority are buying online with a swipe of their credit card and secondarily through direct contact with a sales representative.
What CSP contract lengths do customers prefer? Only government respondents preferred multi-year contracts, and only media & entertainment expressed much appetite for shorter contracts.
8
PRICING Services pricing can be a sensitive issue. Pricing ranks high on the list of CSP evaluation criteria, and comes in last when respondents rate their satisfaction with elements of the purchasing and consumption experience. Although metered pricing is one of the potential advantages of cloud-based services, most customers today prefer flat-rate fees for a variety of reasons: knowing what’s being paid for, staying within limited budgets and avoiding monthly budget variations, keeping things (including payment processing) simple, keeping things predictable, and avoiding surcharges.
At the same time, roughly one-third of companies expect the option to unbundle and pay separately for storage, servers, software, and bandwidth. We found that larger, higher-usage customers including government organizations show greater preference for the predictability of flat fees, while smaller customer organizations, especially in healthcare, are more interested in usage-based fees.
Because customers resonate with both flexibility and simplicity, CSPs must offer a variety of pricing options, yet keep things as simple as possible. The overhead of complex pricing schemes can be high at both supplier and customer ends, and providers can distinguish themselves by simplifying fee structures.
SUPPORT Customers expect a variety of support mechanisms, especially the ability to call and speak to a representative. Roughly half our respondents mentioned various forms of online monitoring and support, but 78% listed the ability to speak directly to a representative as important.
A Senior Director of IT in media & entertainment explained the desired support mix: “We expect the service provider to maintain helpdesk support that allows us to speak to a representative with expertise in our industry to resolve issues instantly. Having a self-service portal is also important to be able to service ourselves instead of raising tickets for each issue.”
9
We found that customers are less satisfied with the support they receive, both online and in person, than with the services themselves. Many find online support and troubleshooting functions, in particular FAQs, to be cumbersome. However, customers expect plenty of installation and onboarding assistance, including online and helpdesk support and training. They also expect dashboards to help them measure, understand, and manage usage of cloud services, including network and security performance.
The bottom line is that CSPs have enormous opportunity to differentiate through their support channels and customer experience.
GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS • Deliver your cloud services story compellingly on your web site, including through
customer references. There is a potentially confusing array of information on cloud services on the web, so keep independent web sites up to date on your offerings and capabilities so they can represent you accurately and objectively. Poor representation on the web can disqualify a provider upon first screening.
• Your sales people must understand the customer industry and buying process. Use them to educate the customer, make the case for cloud services, and build trust in your capabilities, especially around key elements like security.
• Develop tiered, flat-rate prices for higher-usage (especially high-bandwidth) customers, and offer simpler pay-as-you-go bundles for lower and variable usage customers. Behind the scenes, make sure you have both flexible pricing systems and the cost structure to deliver controllable cost of service.
• Consider offering incentive price levels in the short term to gain share in the cloud services market and gain longer-term contracts—which most customers still prefer.
• The customer chooses the service channel. For CSPs, the table stakes start with providing 24x7 support both by phone and online, with seamless integration across those channels. The rep must be up-to-date with online support actions, and vice versa.
• Differentiate by providing dedicated support—what appears to the customer as a dedicated team—during installation and, especially for large customers, thereafter. The customer’s goal is that the CSP act as an extension of its own IT organization.
10
SUMMARIZING THE SELECTION CRITERIA In choosing a service provider, customers want it all—reliability, performance, support, economic value, and protection of their digital assets. As you can see in the table, security ranks as the top category in our survey, but the next nine categories are all in a narrow band. That tells us that CSPs must be able to “hit on all cylinders,” documenting a track record in all of the evaluation areas.
SERVICE PROVIDER EVALUATION CRITERIA
RANK CRITERION SCORE
(7-POINT SCALE)
1 TRUST 6.43
2 NETWORK AVAILABILITY 6.13
3 PRICING 6.11
4 SUPPORT 6.10
5 COMPLIANCE 6.04
6 LOWER COST OF OPERATION 6.02
7 BANDWIDTH 5.92
8 SERVICE OFFERINGS 5.91
9 SPEED OF VIRTUAL MACHINES 5.86
10 SERVICE LEVEL AGREEMENTS 5.83
11 SOFTWARE SELECTION 5.56
12 EXISTING RELATIONSHIP 5.21
11
With the scores across the criteria closely aligned, it’s essential to note which industries place special importance on each. In financial services, security scored nearly a half point higher than the next category. Healthcare continues to place high importance on compliance. Network availability is most important to government, and pricing carries highest weight in media & entertainment.
A Chief Information Officer in government summarized evaluation criteria: “Security was our key consideration in choosing the service provider—besides support, pricing, and network availability—because we handle extremely sensitive information.”
We also found that a majority of surveyed organizations prefer to work with multiple providers for their cloud services, rather than just one. Many companies (with government organizations the exception) want to spread their cloud services business around and avoid the risks of over-reliance and lock-in by retaining the flexibility to switch if a provider doesn’t perform to expectations. CSPs must position themselves to gain as much business as possible without triggering that fear.
Is that bad news for CSPs? Not necessarily. We suspect that working with multiple vendors may be as much common expectation as real preference. Enterprises are accustomed to getting their network-related services from major telco CSPs and many applications and other IT services elsewhere. For web and cloud-based services, there are a wide variety of innovative providers, and customers tend to look for new things from new players. The market is relatively young, it’s naturally a multi-player space, and so existing relationships carry less weight.
However, our interviewees include many who prefer to work with a limited set of suppliers, but they still invite bids from others, especially in search of industry expertise. They also expressed strong preference for working with managed service providers and avoid doing a lot of services integration and management on their own. We conclude that there is still plenty of opportunity for major CSPs to offer more in the way of full service, especially to government organizations and others who prefer to consolidate their provider relationships.
At the same time, CSPs must be ready to work in multi-vendor combinations, and perhaps take the lead in building the provider-partner ecosystem on the customers’ behalf.
How important are bandwidth considerations when evaluating CSPs? Respondents rated four considerations as important.
CAPITALIZING ON THE CLOUD SERVICES MARKET Our research shows a growing market for cloud-based services, both established IaaS offerings like backup and recovery, and newer PaaS and SaaS offerings. However, many customers are still deciphering cloud-based opportunities—so advantage goes to the CSPs who help them learn and proceed with confidence. Market growth will accelerate as CSPs connect with customers in new ways, meet their evolving expectations, and facilitate their migration to the cloud.
To overcome the main barriers to cloud services adoption, CSPs must demonstrate their data protection and security capabilities, while alleviating customers’ specific security concerns. They also must provide processes and tools that make it easy for customers to migrate a variety of workloads to the cloud.
At the same time, CSPs must paint a compelling picture of the advantages of cloud services: articulate clear ROI, offer pricing and support options for the range of customer situations, and deliver on overall value propositions that resonate with industry requirements.
We hope this EMC Perspective has sharpened your market focus, and we welcome the opportunity to help you turn these insights and recommendations into actions.
CONTACT US To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at www.EMC.com.
www.EMC.com
EMC2, EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners. © Copyright 2013 EMC Corporation. All rights reserved. Published in the USA. 04/12 EMC Perspective H10874 EMC believes the information in this document is accurate as of its publication date. The information is subject to change without notice.