Cloud CRM : State-ofthe-Art and Security Challenges

Security undoubtedly play the main role of cloud CRM deployment, since the agile firms utilized cloud services in the providers infrastructures to perform acute CRM operations. In this paper researcher emphasis on the cloud CRM themes, security threads the most concern. Some aspects of security discussed concern on deployment the cloud CRM like: Access customers’ database and control; secure data transfer over the cloud; trust among the enterprise and cloud service provider; confidentiality, integrity, availability triad; and security hazard, future studies and practice are presented at the end. Keywords—Cloud computing; CRM; Security; Cloud Security


INTRODUCTION
Cloud computing begin changing IT industry and suitable technology at the current era according to its mass advantages and active usage of the resources.Cloud computing can be utilized under environments where the availability of resources is limited [1].Cloud computing has become a research hot issue among contemporary technologies and researcher jostle to purplish at this field.There are several techniques used in the cloud technology before the implementation of the cloud technology on CRM system.For storing the customer database in the traditional enterprise internally, these data stored will be confidential and even it has some security measures and it is protected from the unauthorized user.But in the cloud computing situation the storage of customer database is someplace from the client workplace and the data storage and security measures will be in the service provider of the cloud computing environment [2].
Many firms like Google, Amazon, and Microsoft embraced cloud computing extensively in different areas.For example, Google or Dropbox have become everyday tools for millions of people.More, many enterprises presently used CRM based cloud and provided Cloud CRM as services such as Salesforce, Amazon, and Microsoft Azure [3].In the technology enhanced CRM domain, the use of cloud-based system has also been identified as a crucial trend that permits accessibility to online services anyplace and undertakings scalability, enhanced availability and minimize cost to zero.
At the moment that cloud computing applied in the field of CRM; security play the main challenge deserve studying [4].This paper showed the pre-requirement of cloud computing deployment, growths and CIA security themes which rising when deploying cloud CRM.Many security challenges have been discussed in the literature review.These challenges had better be consider before the deployment of cloud computing in CRM field [5]; [6].

II.
CONCEPT OF CLOUD COMPUTING Cloud computing services defined as a utilized the Internet as diffusion media and transferring information technology resources into services for end-users.The idea overdue cloud computing is to deliver computing as a utility in the same way that other public utilities such as gas and electricity are provided [1].Cloud computing like's physical building, bringing home requirements to residents of the home [7].As demonstrated, the significance of cloud computing's primarily being in tolerating the end user accessibility to resources through the Internet, as shown in Fig. 1.Some researchers find cloud computing parallel with grid computing [1], but some also find similarities to utilities such as water and electrical power and refer to it as utility computing [8].Because the use of resources can be autonomously modified, it is also from time to time referred to as autonomic computing [9].The literature review contains many explanations of cloud computing [10].
After gathering academic definitions of cloud computing [11] suggested that cloud computing could be defined as the combination of cybernetic resources according to user requirements, adaptably resources with IT architecture and infrastructure containing software facilities, computing platform facilities, expansion platform services, and rental the required infrastructure to create cloud services.The distinct characteristics of cloud computing contain the capability of storing user information in the space and no necessity for application or software to install on the client side.By means of the user is able to link to the Internet, all of www.ijacsa.thesai.org the IT resources in the cloud can be used as client-side infrastructure.In the main, cloud computing applications are demand-driven, given various services regarding to user requirements, and service level agreement by service provider [12].[13] Evaluated the importance of survival the enterprise and how move into a global market, trustworthy and wellorganized infrastructure with cloud computing.[13] discussed the infrastructure as well as possible applications, cloud computing features can be figured-see figure 2-from the [13] comparison.
National Institute of Standards and Technology defined cloud computing as an on-demand access to a pooled of computing resources.All these computing resourceshardware, software, databases, networking, storage media, and so forth-are delivered rapidly to the clients [14].No doubt the security is first priority to achieve an optimal allocation for immediate cloud services.Likewise, cloud base on demand access should be characterized by:  Heterogeneous database system where apps.are stored in a cloud of distributed servers that can be reached through a Web browser. Robust technology infrastructures at the apps.and platform levels.
 On demand resources offered by the cloud allocated according to the need.
 Robust tolerance when one or several resources breakdown.
 Convincing business models where clients pay according to the resources used.

III. CLOUD DEPLOYMENT MODELS
The cost of cloud computing closed to zero maintenance since the service provider is responsible for the availability of services and clients are free from maintenance, unlike other computing models.By applying cloud computing technology, the enterprise doesn't need to pay attention or pay money for IT solutions, development, updating, and maintenance types from corrective, adaptive, preventive, and perfective [16].Cloud service provider will change made to a system to fix or enhance its functionality [15] and [17] Suggested three commonly referenced cloud service models developed:  Software-as-a-Service (SaaS): This type can use only when hosted app.are provisioned.By using this model enterprise can reduce the cost of IT infrastructure, also pre-and/or post-operations and all types of maintenance.
 Platform-as-a-Service (PaaS): In this model, the enterprise can customize his apps.on the provider platform.By using this model you can reduce the cost and raised management issues.The enterprise managed his required app.components of the platform.The development conditions are determined by the cloud provider according to the contract between parties.The cloud client has a full control over apps.and application environment settings of the platform.
 Infrastructure-as-a-Service (IaaS): The cloud provider hosts the clients' virtual machines and provides networks and storage.By using this model enterprise doesn't need to pay for procurement and managing the IT infrastructure components, all resources virtualized through a service interface.
In Cloud computing, resources can be either owned public cloud -like Google and Microsoft-or owned private cloud.Public cloud is contract with accessibility of external users whom pay-as you-use base.Whereas, the private cloud is built for accessibility within the enterprise where the users can utilize the facility without any charge.The third model is community cloud; community cloud shares infrastructure and architecture between enterprises from a particular community with mutual concerns, whether managed internally or by a third party and hosted externally.[18] Offered fourth model called hybrid cloud which encompasses two or more clouds "public, private, community" that residues a unique entities but is assured together, presenting the advantages of compound deployment models.

IV. CLOUD BASED CRM
Due to radically growth in the volume of information which must be under controlled, also the scale and scope of enterprise become grow rabidly.Effective CRM needs huge amount of investments in technology, whether business process reengineering, and training of users.Enterprise must utilize CRM technologies to analyze and synthesis enormous customer database information due to the interaction among them more often 24/7/365 days [19].ICT allows customer database to be collected, consolidated, deployed, and analyzed on a unique scale.Web based CRM more than ICT.The customer must become the central point priorities of the enterprise, all management levels should recognize and support the shared values and vision required for successful CRM [20]; [21].
Enterprises agreement that web based CRM play a significant role of business development because the web based techniques permits exact analyzing, automated, and www.ijacsa.thesai.orgclassifying customers which is vital for focusing customercentric space [22].To compete in the digital era, focusing on the customer is becoming a key factor for enterprise.It is wellknown that it takes up to five to eight times more money to obtain a new customer than to get current customer to make a new buying.Hence, customer retention and extension are important to transform enterprise into customer-centric space which can exploit the value of each customer [23] [24].
CRM is based on the capacity to assist interaction to offer steady, high quality, and cost-effective services to each customer [25].[3] noticed CRM provides sales force more time to sell, increases customer response times and excellence of operation, and let's market share better.CRM attitude influences best option.Customer services on this field should be innovative, accessible, and confirmed by the cyber market needs.Hence, attempts to utilizing a new technology cloud platforms, precisely on CRM value strategy whether any operational; analytical; or strategy side [24].
One main benefit of CRM packaged is delivered the customer database in the cloud.A cloud-based system is designed to be flexible with scalability so a business can scale up (or down) their CRM depending on their needs.Normally, the cost of CRM is often based on the number of users and storage, also as you requirements adjustment.In most cases the contacting and determine the service level agreement among cloud CRM vendor and enterprise are critical to your Cloud CRM deployment.Cloud CRM is often an optimal solution for enterprise that had a minimize experience in in-house IT deployment.With cloud CRM the vendor is responsible for managing and upgrading the software, so long as updates across the system and considering technical and non-technical problems, debugging and other issues which may be raised; one of the advantages of CRM base on the cloud is the combination process with universally standards and regulations.Furthermore, CRM integration with communities (Collaborative CRM) becomes prominent.

V. CLOUD CRM SECURITY CHALLENGES
Here researcher discussed some important cloud CRM security and challenges: Access clients' database: The confidential client information transferring to provider of cloud computing database which mean a greater possibilities to be illegally accessed due to the accessibility controlling over the internet.As clients' information usually stored in the cloud for a lengthy years the threat of illegal accessibility is higher.So the cloud CRM provider should be secure database through coherent security policy and techniques [26].Customer database stored on the cloud must be saved private and the provider should not be able to conciliation the data privacy by any means.
Secure information transfer over the cloud: All data between the enterprise network and any service providers must pass Internet.Enterprise must sure that clients database is continuously moved on 'shttp' protocol and secure browser data also should be constantly encrypted and authentic [27].The data owner has full control over authorization of transferring data.This authority particular by the owner, the chosen user can at that point access the data kept on the cloud.
Nonetheless, the process should not give the cloud provider any right to access the data.
Trust: Trust between enterprise and cloud service provider services supports the continuity relationship and commitment to encompass an inter-organizational relationship.Trust occurs when the enterprise certain degree of cloud service provider readiness and ability to deliver their responsibilities [28].The importance of trust not only in the transaction stage -included detailed information about the services, ordering, purchasing, paying, and support the services), but also in the after transaction stage in the practice of warranties and money refunds.Hereafter, high levels of trust will likely result in high levels of security [28].
CIA TRIAD: Three requirements should establish to protect cloud CRM called CIA.Confidentiality, integrity, and availability, these pyramid are needed for authorized users.Confidentiality associated with privacy, that means the sender and its receiver should only share information, it is not able to secure data confidentiality while it flows in the system [29].Such enterprise systems use long sequences of characters and complex algorithms to encode and decode information that exchanged among sender and receiver [27].
Integrity associated with the verification system against any kind of data loss, modification, and/or damage which caused intentional or un-intentional reasons, such as damaging actions of hackers or unauthorized person both internally or externally enterprise.Thus, the internet security system expected to assure that data received exactly at the right manner.Irrespective of the original cause of losing data integrity, this loss will definitely be a terrible for internet security system [30].Last, authenticity is directly related to the techniques of security system which performs to establish data transfer when started and where end, thus trying to assure the data received was really originated where it says it is coming from and sent by the one mentioned on its label [31].An Enterprise operation ruled by complex protocols which may unfortunately add some problems as far as system security is concerned [28].
Security hazard: There are two types of security mechanisms for conducting coherent cloud CRM.First, deploy physical security mechanism to minimize the hazard.The second type is the intangible protection security dealing with the system defense to enhance the capability of enterprise security, allowing conducting a successful business over network [30].It's important to remember that awareness and responsibility of the underlying cloud CRM refer to the creating trust among enterprises rather the internet threats itself.
The mentioned of these security variables makes chances for effective deployment of cloud CRM.The suggested framework figure 3.
increase understanding the main challenges of cloud CRM deployment.The research model illustrated the security variables which affects on cloud CRM deployment.The research model can be analyzed from nottechnical perspective.For example, the security dimension of the below research model might be empirically tested to show the below independent variables are vital.In addition the above-mentioned, the research model reveals new academic www.ijacsa.thesai.orgbackgrounds and taking an early stage to entirely investigate cloud CRM deployment.Nowadays, security is a core problem of cloud CRM, the challenges of keeping information and applying CIA pyramid become on the top priority; the most reason behind un-secure information is the architecture, infrastructure of the cloud CRM provider [32].The cloud CRM security in Arab region needs to consider technical and strategically thinking, including but not limit to encryption scheme, resource provisioning, service level agreement, and accountability.Some organizations in Arab region don't believe utilize cloud CRM services for the reason that insecurity cloud world.This paper observed as a conceptual view paper; literature review supports our conceptual model of this study.A survey to validate and test the conceptual model needs initiative to add value of cloud CRM contexts.

Fig. 3 .
Fig. 3. Conceptual model of security dimension in cloud CRM VI.CONCLUSION AND FUTURE WORK In this paper, researcher presented a broad discussion of cloud CRM challenges from security perspective.Researcher explained the cloud CRM and security challenges and worldwide web security.Cloud CRM has a fast step of development in the agile companies whether deploy public cloud, private cloud, hybrid cloud and community cloud.The cloud CRM is related to IT architecture and infrastructure and customized CRM area.This study explored that are five security variables could be affected on cloud CRM deployment; these variables were analyzed to perceive how the security dimension is critical for cloud CRM implementation.The results showed that the figured security dimensions have capabilities to fulfill of the pre-requirements of cloud CRM deployment, furthermore; the CIA issue becomes the most noticeable variable among the figured variables.