This is the second edition of our new interview feature on the SourceForge Blog, Take Five. Today’s guest is Peter Coffee, VP and Head of Platform Research, salesforce.com. Peter and I discussed a number of leading trends shaping today’s enterprise IT stack, including application development in a hosted and virtualized world, cloud computing, and the evolution of CRM.
Stephen Wellman (SW): Welcome to Take Five, Peter. How are cloud services, like salesforce.com and Chatter, changing the way enterprises work with software developers? Do hosted solutions present unique challenges for developers?
Peter Coffee (PC): Stephen, I remember salesforce.com CEO Marc Benioff asking me in 2004 if enterprise and independent developers would readily adopt an on-demand application platform. He recognized the need to provide the incentives and familiarities that attract and empower developers — and I wrote an eWEEK column, after that conversation, saying that this represented “an open-ended opportunity to develop custom applications while letting someone else worry about commodity issues like storage management and user authentication.” Today, that need is greater than ever before, and enterprises are supporting and demanding the leverage of the cloud in addressing new development priorities.
The enterprise today is asking developers to deliver on diverse devices; to re-think the application experience for mobile users; and to offer strong security in an evolving threat environment, while also moving vigorously into emerging markets in Asia and eastern Europe. Enterprises need developers who can use the cloud strategically to meet these needs, and they’re rewarding both their internal teams and their external partners for bringing them compelling innovations that draw strength from the cloud’s connections.
The high-level aids of a Platform as a Service empower a developer to do better work, in less time, and deliver superior function at more predictable cost. Even so, there are challenges in bringing this proposition to developers. The question of skill sets needs to be addressed up front. Cloud platforms, including Force.com, have been studied and found to be rapidly mastered by any developer who’s currently proficient in the languages and frameworks of .Net or Java — or in the modern languages of leading Web apps, such as Ruby. Openness is a strategic priority at salesforce.com, with a growing range of facilities for using an expanding list of industry-standard technologies within the scope of multi-tenant efficiencies.
All of this results in a growing ecosystem of enterprise teams, independent developers, implementation partners, and domain-specific consultants who don’t hesitate to use the cloud to give them an edge in innovation. I can’t imagine any developer today ignoring that opportunity and that mandate.
SW: How do you think the cloud will change the role of open source? Do cloud services automatically mean the end of open source or can the open source community and cloud service providers work together?
PC: The cloud facilitates collaboration, which is great for open-source efforts; it also facilitates the protection of intellectual property, which is great for people who wonder how anyone can make money in a world of pervasive open-source practices. Let me explain that in more detail.
If I have to put my task-specific, domain-specific code in your physical possession to give you the benefit of what it does, then all of my efforts are subject to reverse engineering; in a world of cloud delivery, I can choose to deliver only the specific service of interacting with that code, which protects me in parts of the world where intellectual-property protections are relatively weak.
In more general domains, however, cloud service providers can participate with vigor in open-source efforts, using and improving code and giving back to the community — because, and I really want to emphasize this, the value that a cloud provider can deliver is much more a function of its proficiency in service delivery, rather than its unique technology.
There’s an apt quotation here from “The Art of War”: “Everyone sees how I succeed, but no one sees how I assure that success.” Show me five different companies delivering services that are powered by the same open-source foundation code, and I’ll show you five different levels of customer satisfaction. Everyone can see the service being delivered, but no one can copy the culture you build that leads to superior innovation and superior attention to customers. That’s why it’s absolutely in the cloud service providers’ interest to see open-source thrive: it weakens the grip of proprietary legacy software providers on enterprise IT stacks, and shifts the focus of competition to superior service delivery and value.
Overall, Stephen, I’m convinced that open-sourceonomics leads to a market with fewer artificial scarcities or monopoly rents — combined with much lower barriers to the entry of talent and energy into that marketplace. Those are the reasons why the cloud model is winning, and there’s no contradiction between the values of the cloud and the values of open source.
SW: We have heard a lot about security and cloud services in recent months. How do you react to critics who claim cloud services are not yet secure?
PC: Four years ago, CIOs would ask me if the cloud is secure. Today, they ask me how I can help them communicate the security of the cloud to their C-suite, their regulators, and their customers. It’s a completely different conversation, and this year has seen some notable tipping points.
For example, I can show you documents from the National Institute of Standards and Technology that enumerate the security advantages — not merely the acceptability of the risks, but the actual security improvements — of enterprise-grade clouds compared to almost any individual corporate or government data center. I can show you blog posts, not from cloud providers, but from industry bodies like the American Bankers Association, telling their members in no uncertain terms that they’re kidding themselves if they think that their own expensive and fragile security is in the same league as what we give them — simply as part of the service.
We’ll never stop improving our security, because the threat environment will never stop evolving. We will, however, be consistently able to identify threats more quickly, implement defenses more promptly and consistently, gather data more comprehensively, and give our customers better facilities for privilege management and audit-trail analysis of who has done what, when.
Cloud services can absolutely elevate the governance and compliance levels of companies, right now, compared to the deeply rooted systemic difficulties that are faced by legacy IT in meeting the demands of something like a HIPAA audit — and that’s a real requirement, not a Hollywood über-hacker fantasy.
SW: How is traditional CRM blending with social media? And with online marketing services? Do you see the three areas becoming integrated in the enterprise?
PC: Old CRM, which salesforce.com has had in its crosshairs all along, was salespeople on the inside talking about customers on the outside. Old CRM was isolated silos, with sales trying to interest a customer in the new stuff without knowing that service was handling that customer’s problems with the old and current stuff. Cloud-based applications have inherent advantage in creating the kind of connection that breaks down those walls. Marc Benioff saw the kind of customer community that was springing up in services like Amazon’s reader reviews of books and products, and in eBay’s reputation rankings: long before anyone talked about “social CRM,” that connectivity was being coded into the DNA of salesforce.com applications.
Social CRM is now the label du jour, and it means real changes. It means a continual conversation among both customers and suppliers, with disciplined sharing across a continuum of interests and privileges — rather than an absolute notion of ‘inside’ and ‘outside.’ It also means a flattening of the organization, giving an integrated view of the customer to all of the people in the company who deal with that customer, at every stage from interested prospect to long-term strategic partner.
Expanding social media networks compel every company to adopt a social viewpoint on CRM, because today it’s at least as easy for customers to find each other — and to share their ideas, and reinforce each other’s dissatisfactions — as it is for the company to engage those customers on its own. The conversation will take place, with or without the company’s permission, so all the company can do is try to participate in a way that’s compatible with the norms of that customer community — which vary, considerably, from one industry to another.
There’s no one right way to do this, and that’s why developers need to have their attention available to focus on what to do — not on the mechanics of how to make it happen scalably, reliably, attractively and securely. Those basic attributes of a competitive service are the things that a cloud Platform as a Service can most cost-effectively provide.
The former distinctions between CRM and marketing, and between business marketing and social interaction, are going to be weaker than ever before. There’s evidence that when this is done well, customers love it; there’s at least as much evidence that when it’s done badly, or even tastelessly, customers hate it. Proceed with care, but also with vigor: this race is not to the hasty, but neither will it be won by the timid.
SW: How can SourceForge developers work with salesforce.com? What platforms does salesforce support and are there plans to embrace more open source platforms in the future?
PC: What developers will find in any successful next-generation platform is an integrated, accessible marketplace of applications. Salesforce.com has the AppExchange, Apple has the App Store, and so on. I’ve heard the head of European practice for Accenture say that these avenues to the market are fundamentally transforming the software business: “two guys with laptops in Bangalore could be selling an app in two months that’s used by the Global 2000,” he told a meeting of CIOs at one of our events in London.
Will open-source developers have access to these markets? Yes, absolutely, in the same way that they have access to enterprise markets today. Opening the source of a Force.com app is something that a developer can absolutely choose to do — and if desired, to offer on a customer-by-customer basis in whatever business model that developer may choose.
Today, most applications offered on the Force.com platform are a combination of service configurations and a judicious seasoning with our native multi-tenant coding facility (Apex Code, sometimes called Force.com Code, and quite similar in syntax and semantics to Java or C#). Some applications combine these native facilities with external logic, for example Java code — which might be running on a developer’s own servers, or in some other cloud environment such as Amazon Web Services. The trade-off between using completely portable logic on the one hand, or taking full advantage of the leverage of Force.com services on the other, is entirely up to the developer.
We’ve also made major investments in opening up the development capabilities within Force.com, building on moves such as our acquisition of Heroku. With our global gathering, the Dreamforce conference, coming up at the end of August, I don’t want to deliver any plot spoilers: I can say that developers should expect to hear some very interesting things at that time.