Continuing our two-part discussion about the retail trends that business owners should be paying attention to in 2015, with Verizon Enterprise Solution's Michele Duprè, vice president of Retail & Hospitality and Janet Schijns, vice president of global, vertical and channel marketing. This week, we discuss cloud technology, security trends and what part data analytics plays in today's retail market. Click here to read the first part of this discussion.
What effect will cloud implementation have on the retail space going forward?
Duprè: What you will see over time is retailers leaning towards adopting cloud infrastructure not just for peak season and traffic, but also for specific workloads. They'll figure out how to leverage cloud infrastructure for a more cost-flexible environment to account for peak traffic and promotional activity. And I think you'll see them leverage the infrastructure for workloads for specific applications, but I don't think we'll ever get to a point where a major retailer is cloud-only. That doesn't mean that when you look down-market you won't see more dependency on the cloud for mid-size and smaller retailers, because cloud is not as capital intensive. Depending on where you are in the food chain, you will see varying degrees of adoption and it will be very specific to applications and niche activity.
Schijns: It may not be transparent to everyone, but many of the workloads that our retail customers are using, are in the cloud — whether it's our enterprise cloud or their enterprise cloud. Most retailers have deployed cloud for back office applications, such as mail, productivity, storage, and now we are beginning to see secure enterprise grade cloud as an operations platform and more retail software, such as POS, loyalty programs and cataloging being moved to the cloud.
Consolidated order management is an example of the kind of business function we will see moving to the secure enterprise cloud, because it cannot be accomplished any other way. For example, you must have a cloud platform for a consumer to start a transaction in a store and finish it online. Businesses also must examine which localized business functions can be moved to the cloud and consider the impact of the transition and its effect on the customer and brand experience, the need to mitigate risk, grow the business, and be centralized and consolidated. Finally, time reporting, tasks, workforce management, clienteling, order management — these are all examples of applications that make sense to move to a cloud environment, but I think it's worth watching the niche innovators in this area as well.
Retailers obviously can’t use cloud technology without a strong IP network. Do you see a lot of retailers moving forward with network upgrades and what advice do you have for businesses that are on the fence about a network overhaul?
Duprè: It goes without saying, that if retailers are going to have complete engagement with their customers, they must have a strong wireless network. The struggle is the cost of deployment, cost of management and the cost of securing that environment. Another consideration is what to do with existing infrastructure, where they already have deployed network solutions — it gets expensive to rip and replace old technology. Some retailers that were early adopters of network technology are struggling with upgrades. And you also have businesses that are still trying to figure out how to deploy IP technology and make it robust enough for customers to use and have a positive experience. The solutions retailers deploy are a reflection of their brand. If they are going to add new technology, they are going to have to do it right.
Schijns: When our professional services teams go into a business and do a full assessment for a retailer, we often find that retailers need to be cautious in thinking that bandwidth is the only technology they need to invest in. That’s just not the case. At Verizon, we come into a business and look at the situation holistically. We look at what they are doing in the cloud, what they are doing on their wireless and wireline networks, what they are doing to optimize their investment, how are they are using their unified communications systems to create more seamless interactivity and therefore, what kind of bandwidth they really need.
Look, bandwidth is a big part of the equation, especially if a retailer is going to roll out cloud, but it's not just bandwidth, they need a secure connection, and latency also plays a large part in the business applications. Many retailers are using business applications that have been running on “cheap and cheerful” public Internet, and now, due to performance issues, are being tasked with having to upgrade the network. The problem is then compounded because they've layered more latency-sensitive applications such as order management and payment systems on that network and they haven't taken into consideration the overhead, security and interconnect technology needed to implement some of those applications. A business-grade network is a requirement for mission critical applications.
Finally, with data breaches continuing to make news, what can retailers do to help mitigate risk and protect customer data?
Duprè: This is the piece that scares me. After the huge breaches that made headlines in 2014, I had this expectation that retailers would be able to articulate what they've done in the past 12 months to secure their systems and I did not get that feeling. There are two issues here, when a breach happens, they must make sure they understand what they need to do to be prepared. It's about having a plan in place; it's about having the right level of executive involvement, engagement and agreement that if and when a breach happens that they have a rock solid plan that they can immediately execute on.
The piece that is in this grey area is how do you prevent a breach from happening in the first place and I think in general there's this camp of how do you mitigate ‘the when’ by having the right quality control in place so that you are managing the infrastructure properly and you are regulating and managing the amount of data that you have and who has access to it. Simple things that I think the retail industry is not consistently on par with.
Schijns: We know that retailers rarely detect the breaches themselves; they are normally notified by an external fraud detection mechanism, law enforcement or the customers themselves. We know from Verizon’s Data Breach Investigations Report that 65 percent of compromises took just minutes to perpetrate, 90 percent of the attacks took weeks or more to discover and 70 percent took weeks or more to contain.
Retailers must take an intelligent approach to security. First, don't stop innovating, but instead prepare. Second, stop those attacks in advance by limiting your appeal to attackers. Third, decide what data you really need, only keep that data and protect that data. Businesses also have to break the attack chain using malware defenses, monitoring actionable intelligence and advanced threat detection. They have to be ready to respond and be ready to mitigate the impact quickly and effectively.
Duprè: Retailers are going to continue to get more insight and have more access to end-user information, but the Sony breach made it obvious that safeguarding corporate information is just as important as customer information. If retailers don't realize what information they need to be securing, 2015 will be no different than 2014 — it might even be worse. There is no silver bullet for security. Security is a strategy — just like improving the customer experience or boosting omnichannel sales. If retailers can't articulate what their security strategy is at the board level, then they don't have one.