There is currently rather a lot of media in Sweden about a computer system hosted by a larger Software Integrator outsourced by the Swedish IRS. This system was hacked and about 9000 client accounts were compromised. The discussion in the media is if this a government agency really can delegate this kind of responsibility to a third party or if there will always be some fundamental responsiblity for maintaining the security at the government agency? The security experts and even the Swedish Secretary of IT, Anna-Karin Hatt, indicated that this kind of responsibility could not be delegated.
This question is very relevant in the case of CRM systems in general and Microsoft Dynamics CRM in particular. It would then seem more or less impossible from an government agency CIO perspective to use any kind of cloud based service for line of business systems like CRM/xRM as this would imply that it is impossible to fully maintain the control required over the information in the system. This is no problem for us working with Dynamics CRM as it can be deployed on-premise, but bad news for anyone looking to work with SalesForce.com or any other pure cloud based service as they cannot be used in such conditions.
CEO, Chief Architect and co-Founder at CRM-konsulterna AB