In 2022, ensuring best-in-class Data Management is anything but straightforward for CIOs and IT leaders. The volume, variety, and velocity of data being collected have grown exponentially, as has the number of cloud solutions that require the use of this data without your direct control. To be successful, you must enable your organization to leverage this data fully, and choosing the right partner requires thoughts about security, scalability, and future-proofing. 

Cloud solutions offer a host of exciting possibilities that CIOs can use to advance the commercial goals of the business. For example, applying AI to internal and external data sets to help business leaders set smarter pricing, sales, and other commercial strategies and deploy them in real time in all channels as market conditions change. Yet, these advanced applications are increasingly hosted outside of a company’s firewall and often require access to sensitive customer, product, and transaction data. When engaging with a potential vendor, it can sometimes be difficult to peel back the marketing and sales vernacular to truly understand if the platform can grow with your company while keeping your data highly secure. 

With the workforce more distributed than ever, organizations are processing more data in more locations, which has caused an increase in vulnerability attack surface. Cloud-based platforms often have the ability to take advantage of scalability and security features like DDOS protection or autoscaling, but not all solutions take advantage of these capabilities. This may be why the State of Security 2021 report by Splunk found that “49% of organizations say keeping up with security is harder than it was two years ago – especially in a multi-cloud world,” and “78% of security and IT leaders worry that they’ll be hit by a SolarWinds-style attack.”

Clearly, it’s more important than ever to be constantly up to date on Data Management best practices. In this article, I’ll share three areas to explore that can help put IT leaders and CIOs on the path to success before signing off on new software that requires access to company data. 

Question No. 1: Can the vendor ensure that my data is secure? 

Business process data is invaluable to companies and working with a cloud-based software vendor may be the first time a company’s data would be living outside its firewall. Cloud infrastructure offers a lot of ways to protect customer data, but not all vendors approach security in the same way. Here, it’s important to probe into precisely how the vendor secures the data with some precise questioning, such as: 

• How is my data secured from internal and external actors? 
• How is my data encrypted at rest and in transit?
• What sort of access controls are in place to prevent unauthorized access? 
• Is there any comingling of my data with other customer data? 
• Are there proper security mechanisms like key management including rotation of keys in place? 
• Is my data protected and accessible in case of a data center outage? 

With these initial questions, IT leaders can begin to understand the security posture of the provider. It’s critical to understand this early on in discussions to be confident that your data is secure, and that the solution is resilient in the event of an outage. 

Question No. 2: What is the scalability of the vendor’s platform?

As companies look to scale, they need to be confident that the cloud vendor can flexibly match their desired growth rate. Over time, the amount of data will grow larger and more complex. What I’ve observed is that, as it does, the traditional approach of building enterprise applications as monoliths becomes problematic to scale to ever-growing data sets. With a rigid monolith, tasks like independent scaling of components, high availability by distribution across data centers, and horizontal scaling of infrastructure are not possible and limit the ability of the application to scale to meet the needs of the enterprise. 

Here, seek to understand if the solution can scale with the growing needs of your business. Dig into if and how the solution scales to support more and more data and users to the applications. Does it require bigger and bigger hardware, or can it scale out to distribute the workload? How does the application handle an exponentially increasing number of API calls as digital channels grow? Can the application support differentiated data sets from numerous sources in various formats in a seamless and scalable way? 

Question No. 3: How future-proof is the vendor’s platform?

With more cutting-edge technology continuing to hit the market, cloud vendors must prove capable of leveraging new tools in an easy-to-use manner. Is the solution built in a modular fashion to easily incorporate these new technologies and stay at the forefront of the advancements, for example, in AI, data processing, and analytics fields?  Does the solution integrate with commercial execution platforms such as CRM, CPQ, ERP, eCommerce, etc., in a flexible API-driven way to continue to adapt to changes? How easily does the new application, for example, in the case of Data Science and AI that generate insights with robust analytics, take advantage of existing open-source and commercial solutions for processes such as workflow and reporting, and can it adopt new solutions easily? 

Conclusion

With the incredibly fast pace of innovation, IT leaders and CIOs are increasingly asked to vet cloud-based software solutions. Knowing the right questions to ask is critical to ensuring that data is secure, the investment is sound, and that any chosen solution can evolve and scale to meet business requirements. This list isn’t exhaustive, but it should set companies on the right path to ensuring digital integrity, security, and scalability.