This EMC Perspective elaborates on how service providers can capitalize on the fast-growing cloud services market by being responsive to customers' goals, concerns, and performance and support requirements.
EMC Perspective: What Customers Seek from Cloud Services Providers
WHAT CUSTOMERS SEEK FROMCLOUD SERVICES PROVIDERSService providers have enormous opportunity to capitalize on the fast-growingcloud services market—if they are attuned and responsive to customers goals,concerns, and performance and support requirements. New research from EMCshows how.EMC PERSPECTIVE
Businesses need agile IT services to enable growth and keep pace with marketplaceand regulatory change. They also need to capitalize on the explosive growth ofavailable data without driving up costs and overwhelming their IT infrastructure.Cloud services can help meet both objectives. Migrating workloads to the cloud,including high-volume services, can reduce cost, improve performance, ensurescalability, and provide access to new and innovative technologies.That spells opportunity for cloud service providers. EMC®commissioned independentmarket research with Technology Business Research (TBR) to clarify how and whybusiness and government organizations purchase cloud-based services from cloudservice providers (CSPs). We found that to expand their cloud services business, CSPsmust connect with their customers in specific ways, including clearly indicating costbenefits, and offering flexible pricing options and support channels. They must alsoaddress the two biggest barriers to cloud services adoption: customers’ concernsabout data protection and security, and their migration challenges, starting withovercoming lock-in to embedded business processes.This Perspective is addressed primarily to CSPs to help them better understand theircustomers, position their cloud offerings, and capture and retain business. Eachsection of the document ends with sets of recommended go-to-market actions forCSPs. We hope that this discussion also proves valuable to end-user organizations asthey consider cloud services, hone their evaluation criteria, and select and work withtheir providers.We welcome the opportunity to discuss these opportunities and challenges with youand help you thrive in and capitalize on the fast-growing cloud services market.ABOUT THE RESEARCHThe multi-faceted research conducted for EMC by TBR included a survey of 253organizations, in-depth interviews with 20 executives, and secondary research andindustry analysis.We surveyed organizations ranging from $250M to $100B in annual revenue orbudget and focused on four bellwether industries: financial services, healthcare,government, and media & entertainment.Among individual respondents, 86% are from IT organizations; 37% are IT Directors,36% are IT VPs, and 27% are CEOs, COOs, CFOs, CIOs or CTOs. Nearly two-thirdsidentified themselves as the sole or final decision maker when purchasing IaaS(Infrastructure as a Service) and PaaS (Platform as a Service) from CSPs. Fiftysurveys were from Canadian organizations, the rest from the U.S.
3TRUST IN THE CLOUDIt’s no surprise that trust is the #1 concern of customers and a barrier to adoption ofcloud services. That includes the security of data, software, and other assets, andespecially the protection of private or otherwise sensitive data. Recent research by TBRfound data privacy and security among the most frequently perceived risks by cloudservices adopters and non-adopters alike, especially when considering deployment tothe public cloud (source: TBR, Winter 2011 Cloud Computing Adoption Study). Securitywas also a recurring theme in our executive interviews.A Director of Technology and Applications in financial services put security concerns ina nutshell: “Being a financial institution, protection of our customer data is an absolutepriority, and the service provider should be knowledgeable about compliance issues.”However, the cloud security scene is complex. At the same time that customers arereluctant to deploy mission-critical applications and sensitive data to the cloud, theyare increasingly adopting cloud-based security services. These are services thataugment an organization’s existing network security, remote access, intrusionprevention, and data loss protection capabilities. As cloud services, they can reducecosts and improve visibility, manageability, and auditability—while increasing security.Our survey shows that not everyone turns to CSPs for these services, but those who doare highly satisfied with them.A VP of IT in financial services articulated the value proposition of security services:“We would move security and compliance services and network security applications toa cloud. We have strong internal security policies, and that leads to investment insoftware and other related management costs. Moving to cloud would mean fewerconcerns and lower costs.”To lower the barrier of concern over security, CSPs need a three-prong approach:• Address security concerns head-on and up-front. Demonstrate and documentcapabilities, including emphasizing the reliable performance of security services.Customers who have clear security service level agreements from the start havethe highest satisfaction with their cloud services.• Build security into cloud services, which should reduce the cost and managementburden for customers. Provide customers with plenty of visibility into security,accessibility, and performance—the elements especially important for mission-critical applications.• Offer flexible deployment options, especially hybrid cloud, where customers cancontrol their sensitive assets on-premise, yet capitalize on the scalability andfunctional resources of off-premise cloud services.An IT Director in media & entertainment favors hybrid deployment: “A hybrid on-premise deployment with off-premise bursting capability offers us more data scalabilityand gives us more control of the data.”
4Companies increasingly prefer hybrid cloud deployment, with elements of the solutionboth on and off premise, for the whole range of workloads. The exception is inhealthcare, where information privacy is paramount, and nearly half of our respondentsprefer an on-premise private cloud solution managed by the CSP. Very few companiesare interested in off-premise services accessed via the public Internet, where themonitoring and management tools for enterprise-level workloads are still lacking. Inshort, customers are gaining confidence in trusted “off prem” cloud over secureconnection and looking to get “the best of both worlds”.GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS• Develop a range of trusted profiles for class of application workloads or referencemodel of your security and compliance capabilities. Pair it with assessment toolsthat enable customers to discover not only how their security requirements can bemet, but also how private and hybrid cloud deployment can surpass the securityprovided by conventional in-house methods.• Security is often a general concern. Make the case for cloud services more tangibleand trustworthy by taking specific customer use cases and showing how theirsecurity requirements can be met between the network and infrastructure options.• Security and compliance services are popular, but they tend to require extra skilland customization. If these are in your services set, build the skills and emphasizeyour ability to help customers manage and mitigate business risks.• Offer multiple deployment options, including managing both hybrid and on-premiseprivate clouds. If customers are still uncomfortable with off-premise cloud services,partner with them to build and extend their private cloud foundation.• Sharpen your messaging to help customers understand the benefits of a CSP cloudas the next step beyond the virtualization they’ve already done.• Security requirements vary across industries. Communicate your ability to meetindustry compliance standards such as HIPAA, PCI/PII data loss prevention, andlegal and archiving requirements for email applications. Even if your offerings aregeneric, articulate how they meet the specific needs of your target markets.• Develop a “Trust Dashboard” associated with a class of applications/workload thatwill provide the responsible parties with audits logs, Access AuthorizationAuthentication (AAA), reports and alerts on unauthorized access, and the ability todefine and manage compliance policies.How important is it torespondents to control wheretheir data resides? Very. On a7-point scale, respondents fromall industries rated theimportance over 6.Why do respondents wantcontrol over data location? Legalcompliance was most importantto financial services. Availabilityand portability were mostimportant to media &entertainment.
5WORKLOADS INTO THE CLOUDSecurity is a concern, but customers are eager to move many workloads into thetrusted “off prem” cloud. Two-thirds of surveyed companies have already purchasedIaaS or PaaS offerings from CSPs, and virtually all of the rest have purchased other ITservices. However, customers need help prioritizing workloads and migrating themsmoothly to realize the anticipated financial return.And financial return is the name of the game. Eighty percent of companies surveyedare driven by the opportunity to lower immediate costs, long-term total cost ofownership, or the burden of aging infrastructure. Our executive interviewees are wellaware of the agility, scalability, and performance benefits of cloud services, and theyvalue CSP expertise and domain knowledge. However, cost remains the primary driverof adoption.A Chief Technology Architect in government listed key drivers of cloud adoption:“Reducing costs and operational budgets was the key driver to purchase from a serviceprovider. Service providers had the domain knowledge and expertise that we needed.We were also looking at ease of deployment.”What workloads are moving to the cloud? Backup and recovery are the most commonas both services already purchased and services under consideration for futurepurchase. Other common offerings include data archiving, data protection and securityservices, cloud storage, email, and a variety of SaaS (Software as a Service)applications, including ERP. The next big wave of cloud services may be for analytics—both organizing Big Data and running analytical models with results fed to businessapplications and management reporting systems.How quickly do respondentsexpect to be able to access newcloud services purchased froman SP? Forty-seven percentsaid they wanted it within 45minutes and an additional 17%want it within 60 minutes.How quickly do respondentsexpect to be able to change orreconfigure their services? One-third of respondents expect tobe able to do so within 30minutes. Thirty-one percentsaid within 60 minutes.
6Customers are clearly interested in the whole range of cloud services—IaaS, PaaS,SaaS. However, they are moving compute- and storage- heavy applications first on theIT side such as backup/recovery, storage archival, and security. Mission-criticalapplications are on hold until customers are thoroughly confident about security in thecloud. Those are the trends, but CSPs must look beneath them and recognizevariations in customer preference and intent by industry. For example, healthcarecompanies place heavy focus on storage and security services.A healthcare IT Director explained workload priorities: “We would prefer back up,archiving, and storage on a service provider cloud. This combination will lead to lowmaintenance costs. We do not want to have any other applications on the serviceprovider cloud until we are completely convinced regarding the security.”The next graphic captures today’s situation and tomorrow’s opportunity. First-wavecloud-based applications are well established. Second-wave cloud-based applicationsare common, but many customers still want to keep business applications and sensitivedata close to home. As CSPs build track records, especially in security, more mission-critical applications will move to the cloud.
7GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS• Help customers make the business case for cloud services and prioritize workloadswith predictable cost models and cost savings analyses. With 68% expecting ROIin three years and 33% expecting it in 12 to18 months, deploying a “TCOcalculator” to help them find all cost benefits and accelerate the timing of savingswould be advantageous.• Demonstrate deep expertise in workload migrations, processes, and tools andautomate migration to minimize disruption and risk.• Educate customers on the opportunities to improve performance while loweringoperating and management costs by pursuing an alternative path for technologyrefresh.• Develop a strategic view of workload storage requirements, incorporating capacity,performance, and cost-based evaluations of on- and off-premise solutions.Workloads to focus on include digital asset management, email storage, archiving,and data protection, as well as more reliable and scalable backup and recovery.These are common and commodity workloads, but demand for them continues togrow.• Ride the analytics adoption trend by offering analytics platforms, especially tomedium-size companies, and assistance managing Big Data, especially to largecompanies.• Business challenges vary across industries, so tailor both offerings and marketingapproaches to your target industries. Communicate your industry expertise. Even ifyour offerings are generic, articulate how they meet the specific needs of yourtarget industries.ENGAGING WITH CUSTOMERSTo engage effectively with customers and prospects, CSPs must understand the buyingprocess and customer expectations around pricing and support, then differentiate onthe basis of that understanding.THE BUYING PROCESSCustomers use a variety of methods to learn about cloud offerings and providers,including CSP websites and sales people, as well as independent websites. Customerreferences naturally carry great influence.A financial services Director of Technology Application outlined the buying process: “Welook at websites, customer references, and the information that we receive from thesales teams at the service providers. Customer testimonials, case studies, and demosare very useful to get a clear picture of what we see on websites.”The decision to buy is often made by senior management, including CIOs and CFOs,often based on service level agreement (SLAs), demonstration of the relevantdomain/industry expertise, management tools and on the recommendation ofevaluation committees and IT staff. When it comes to the purchasing action, mostcustomers (56%) prefer to work with a sales person, though some purchase throughthe CSP website (25%) or customer service organization (22%). Direct contact with asales person makes sense, especially if the investment is significant, there is a need tonegotiate, or there is a desire to build trust. Conversely, market trends amongstshadow IT buyers (e.g., marketing, business line and other non-IT buyers) show thatthe majority are buying online with a swipe of their credit card and secondarily throughdirect contact with a sales representative.What CSP contract lengths docustomers prefer? Onlygovernment respondentspreferred multi-year contracts,and only media & entertainmentexpressed much appetite forshorter contracts.
8PRICINGServices pricing can be a sensitive issue. Pricing ranks high on the list of CSPevaluation criteria, and comes in last when respondents rate their satisfaction withelements of the purchasing and consumption experience. Although metered pricing isone of the potential advantages of cloud-based services, most customers today preferflat-rate fees for a variety of reasons: knowing what’s being paid for, staying withinlimited budgets and avoiding monthly budget variations, keeping things (includingpayment processing) simple, keeping things predictable, and avoiding surcharges.At the same time, roughly one-third of companies expect the option to unbundle andpay separately for storage, servers, software, and bandwidth. We found that larger,higher-usage customers including government organizations show greater preferencefor the predictability of flat fees, while smaller customer organizations, especially inhealthcare, are more interested in usage-based fees.Because customers resonate with both flexibility and simplicity, CSPs must offer avariety of pricing options, yet keep things as simple as possible. The overhead ofcomplex pricing schemes can be high at both supplier and customer ends, andproviders can distinguish themselves by simplifying fee structures.SUPPORTCustomers expect a variety of support mechanisms, especially the ability to call andspeak to a representative. Roughly half our respondents mentioned various forms ofonline monitoring and support, but 78% listed the ability to speak directly to arepresentative as important.A Senior Director of IT in media & entertainment explained the desired support mix:“We expect the service provider to maintain helpdesk support that allows us to speakto a representative with expertise in our industry to resolve issues instantly. Having aself-service portal is also important to be able to service ourselves instead of raisingtickets for each issue.”
9We found that customers are less satisfied with the support they receive, both onlineand in person, than with the services themselves. Many find online support andtroubleshooting functions, in particular FAQs, to be cumbersome. However, customersexpect plenty of installation and onboarding assistance, including online and helpdesksupport and training. They also expect dashboards to help them measure, understand,and manage usage of cloud services, including network and security performance.The bottom line is that CSPs have enormous opportunity to differentiate through theirsupport channels and customer experience.GO-TO-MARKET ACTIONS FOR CLOUD SERVICE PROVIDERS• Deliver your cloud services story compellingly on your web site, including throughcustomer references. There is a potentially confusing array of information on cloudservices on the web, so keep independent web sites up to date on your offeringsand capabilities so they can represent you accurately and objectively. Poorrepresentation on the web can disqualify a provider upon first screening.• Your sales people must understand the customer industry and buying process. Usethem to educate the customer, make the case for cloud services, and build trust inyour capabilities, especially around key elements like security.• Develop tiered, flat-rate prices for higher-usage (especially high-bandwidth)customers, and offer simpler pay-as-you-go bundles for lower and variable usagecustomers. Behind the scenes, make sure you have both flexible pricing systemsand the cost structure to deliver controllable cost of service.• Consider offering incentive price levels in the short term to gain share in the cloudservices market and gain longer-term contracts—which most customers still prefer.• The customer chooses the service channel. For CSPs, the table stakes start withproviding 24x7 support both by phone and online, with seamless integration acrossthose channels. The rep must be up-to-date with online support actions, and viceversa.• Differentiate by providing dedicated support—what appears to the customer as adedicated team—during installation and, especially for large customers, thereafter.The customer’s goal is that the CSP act as an extension of its own IT organization.
10SUMMARIZING THE SELECTION CRITERIAIn choosing a service provider, customers want it all—reliability, performance, support,economic value, and protection of their digital assets. As you can see in the table,security ranks as the top category in our survey, but the next nine categories are all ina narrow band. That tells us that CSPs must be able to “hit on all cylinders,”documenting a track record in all of the evaluation areas.SERVICE PROVIDER EVALUATION CRITERIARANK CRITERION SCORE(7-POINT SCALE)1 TRUST 6.432 NETWORK AVAILABILITY 6.133 PRICING 6.114 SUPPORT 6.105 COMPLIANCE 6.046 LOWER COST OF OPERATION 6.027 BANDWIDTH 5.928 SERVICE OFFERINGS 5.919 SPEED OF VIRTUAL MACHINES 5.8610 SERVICE LEVEL AGREEMENTS 5.8311 SOFTWARE SELECTION 5.5612 EXISTING RELATIONSHIP 5.21
11With the scores across the criteria closely aligned, it’s essential to note which industriesplace special importance on each. In financial services, security scored nearly a halfpoint higher than the next category. Healthcare continues to place high importance oncompliance. Network availability is most important to government, and pricing carrieshighest weight in media & entertainment.A Chief Information Officer in government summarized evaluation criteria: “Securitywas our key consideration in choosing the service provider—besides support, pricing,and network availability—because we handle extremely sensitive information.”We also found that a majority of surveyed organizations prefer to work with multipleproviders for their cloud services, rather than just one. Many companies (withgovernment organizations the exception) want to spread their cloud services businessaround and avoid the risks of over-reliance and lock-in by retaining the flexibility toswitch if a provider doesn’t perform to expectations. CSPs must position themselves togain as much business as possible without triggering that fear.Is that bad news for CSPs? Not necessarily. We suspect that working with multiplevendors may be as much common expectation as real preference. Enterprises areaccustomed to getting their network-related services from major telco CSPs and manyapplications and other IT services elsewhere. For web and cloud-based services, thereare a wide variety of innovative providers, and customers tend to look for new thingsfrom new players. The market is relatively young, it’s naturally a multi-player space,and so existing relationships carry less weight.However, our interviewees include many who prefer to work with a limited set ofsuppliers, but they still invite bids from others, especially in search of industryexpertise. They also expressed strong preference for working with managed serviceproviders and avoid doing a lot of services integration and management on their own.We conclude that there is still plenty of opportunity for major CSPs to offer more in theway of full service, especially to government organizations and others who prefer toconsolidate their provider relationships.At the same time, CSPs must be ready to work in multi-vendor combinations, andperhaps take the lead in building the provider-partner ecosystem on the customers’behalf.How important are bandwidthconsiderations whenevaluating CSPs?Respondents rated fourconsiderations as important.