Is In-House CRM More Secure and More Stable?

By Geoffrey James

The information collected in a CRM system is typically one of the most valuable intellectual assets a company has. It’s understandable that sales management wants to be sure that such hard-won data doesn’t fall into the hands of competitors. Similarly, a CRM system isn’t useful unless the sales force can access it, so sales management naturally wants a system that’s available 24/7. While on-demand CRM typically has much smaller upfront costs, some managers believe that the best way to have a secure and stable CRM system is to own the hardware and software.

That might make sense if purchasing new hardware, installing CRM software on it and hiring high-priced programmers actually resulted in a more reliable system. Unfortunately, the opposite is often the case. Unless your company is in the business of building stable and secure computing environments, bringing a new application in-house almost always creates, rather than solves, stability and security problems, says Steve Stein, CEO at the CRM vendor “This is one area where you really don’t want a ‘do-it-yourself’ mentality,” he explains, “You’re better off leaving stability and security to people who have extensive experience making systems run smoothly and safely.”

Take security, for example. Numerous studies have shown that up to 90 percent of the security violations (e.g. unauthorized sharing of corporate data, data sabotage, computer viruses, etc.) come from activities that take place inside the organization, rather than from the actions of outside intruders. While some of these violations (like the unauthorized sharing of passwords) take place on both types of systems, having the CRM system off site makes it far less likely, for example, that a disgruntled employee will delete your entire database.

Furthermore, hackers are less likely to penetrate a hosted CRM system because the entire viability of the CRM vendor depends upon keeping their customers’ data safe. The system security staff at the CRM vendor is far more likely to stay abreast of the latest security warnings and patches than your in-house IT staff, especially in small companies where the IT staff is relatively junior.

Stability is the same way. It’s a truism in computer programming that stability and complexity are mutually exclusive; the more complex a computing environment becomes, the more likely it is to encounter problems. In-house computer systems may be running a dozen or more applications, creating a complicated set of interdependencies that can make system stability difficult or even impossible to achieve. By contrast, the systems running on-demand CRM generally run only that CRM application, resulting in a computing environment that’s far less likely to crash or experience slowdowns and outages.

This is not to say that there might not be good reasons to own your own CRM hardware and software. Massive back-end integration with other in-house databases is easier if the CRM system is also located in-house. And if you’re planning to keep the same CRM system for five years, buying may be more economical than renting in the long run. However, if the impetus behind the “do-it-yourself” strategy is security and stability, you’ll probably be disappointed with the results.