Codeasaurus Rex

Given the massive popularity of web hosting, I think it’s appropriate to enquire about the security of your data in a hosted environment. This is a hot topic with me because I resell web hosting of a popular CRM (Customer Relationship Management) software suite.

First of all, let’s dispense with the easy targets like “free” Google email which is really paid for with your privacy and “unstated or indefinite length of time for data retention, without clear limitation on use or disclosure”.

For details see

http://www.techcrunch.com/2007/06/10/google-rated-bottom-for-privacy/

http://www.law.duke.edu/journals/dltr/articles/2005dltr0014.html

http://news.zdnet.co.uk/internet/0,1000000097,39150936,00.htm

I’m more concerned here with the ramifications of running important parts of your business like CRM (Customer Relationship Management) and accounting on the web.

First of all, why would you do it in the first place?

The advantages are tremendous: multiuser access to your company’s operational data from any computer with a browser and internet connection, 24 hours/day, 7 days/week. Customer management software capabilities formerly reserved for large companies are now available at costs ranging from low to free. You can move a sale towards completion or solve a customer problem any time and virtually anywhere with the complete customer relationship history and contacts at your fingertips. By moving customer data out of Rolodexes and onto the web, more people in your company can instantly assess the state of your relationship with a customer and take appropriate action than when the information is held apart. Also, having all or at least most of the relationship data on the web minimizes the damage when a salesperson or customer service agent leaves: critical account knowledge remains with the employer as long as the web application has been kept up-to-date.

But what are the risks?

Do you trust your web hosting service? Let’s say the hosting service seems on the up-and-up, and has formally promised to keep your data private. If the web hosting service is a serious business service that you pay for and not merely a data-mining front like Google and Yahoo, that’s another point in its favor. Businesses that turn a profit have an important incentive to stay in business; courting disaster by selling customer data and risking employee blackmail or exposure is simply not sustainable. Although it’s not unknown for businesses to behave irrationally, one can have a reasonable expectation that the data privacy promises of paid web-hosting services will be matters of both policy and self-interest.

So much for integrity at the business level. But there is also the employee level: some employees are simply dishonest. Others aren’t normally dishonest, but may nurse a grudge against the employer and rationalize their destructive behavior, especially if there is a dispute about compensation and money is to be easily had for turning over customer data to an interested third party. As a matter of fact, this is the kind of fraud that makes the news nowadays: your data is most exposed when it’s in a honeypot like an account database containing thousands of other accounts with sensitive data like ID coupled with debit or credit card numbers . A laptop goes missing, or an insider simply copies and spirits away an entire database or a damaging portion thereof.

There is no completely effective defense against this kind of fraud. Time-of-sale fraud detection systems will aid prevention, and detection and punishment may deter but when unsuccessful the damage to a company’s good name can range from serious to irreparable. Notice, however, that the honey in our example is sensitive billing data, valuable enough to be stolen whether it is exposed on the Internet or protected behind a corporate firewall on the company’s intranet. This invites us to differentiate between what data is in danger by its very nature, and what data is vitally important to your company but only of marginal interest to criminals.

My claim is that there is a class of data that can be reasonably entrusted to a web hosting company, and customer relationship (as opposed to customer billing) data is often in this class. If you’re a small- to medium-size business, the details of your non-billing interactions with your customers are probably uninteresting to people looking to score data that will facilitate identity theft and credit/debit card fraud.

As a matter of fact, this is the line of reasoning that led me to put my personal CRM on the web. I liked the product so much that I am reselling a hosting service based on it with an emphasis on business continuity and training convenience as my differentiators.

This is important, because just as my customers will entrust me with the safekeeping of their CRM data, I have already entrusted my web host with the safekeeping of my CRM data. My web host claims over 100,000 domains hosted, so the goodwill it stands to lose if fraud should occur is a powerful incentive to police everyone there. I’d very much like to automate the billing, though in keeping with my own advice I’m hesitant to expose sensitive customer ID and billing data on hosting machines in unknown locations managed by unknown admins employed by a company I only know through the Web.

(Don’t get me wrong: so far I’m very impressed with the hosting service and with the promptness and quality of the support from the admins and have no reason to doubt the integrity of the hosting service and its employees, but one bad apple can spoil the whole bunch so I keep my sensitive data encrypted on a USB key!)

I’m currently looking for a billing service that will be big and established enough to have

1. a reputation to protect fiercely,
2. its own servers, professionally secured, and
3. no need for me to store sensitive customer billing data on machines that I don’t directly control, or, even better, no need for me to store sensitive customer ID and financial account numbers at all!

There is always, of course, the option of hosting your own CRM. If your perceived level of risk is so high that you need to take hosting in-house, however, you’ll also want to engage competent IT consultants or staff to lock down the installation with technologies like Virtual Private Networking. I doubt that most small businesses will want to deal with the hassle, though, in which case keeping billing data strictly in-house while reaping the advantages of web-enabled Customer Relationship Management will be accepted as reasonable tradeoffs of convenience versus security.

Even better, keep ID theft-prone data out of your systems altogether by exiling it to a popular payments service that enjoys the general trust of your customers. If you’re a small- to medium-size business, your data becomes much less interesting to criminals, and shifting the burden of trust to a well-known financial intermediary removes an important customer barrier to trying out a new vendor: you.