A Fine Balance: Leveraging the Power of SaaS in a Secure Cloud Environment

Legacy Customer Communication Management (CCM) software revolutionized customer correspondence during the print-centric decades of the 1980s and 1990s. By the new millennium, these installations were showing their age as correspondence moved from print-based to omni-channel delivery. With the emergence of SaaS, businesses now have a CCM solution that meets the demands of today’s multimedia marketplace.

For highly regulated industries in particular, SaaS offers an antidote to long-standing pain points driven by regulations governing the formatting and content of customer correspondence and non-negotiable deadlines for generating these documents.  The centralized content, reusable templates, and reduced time to market afforded by SaaS Customer Communication Management (CCM) platforms make this solution an obvious choice for businesses looking to produce compliant customer correspondence within tight revision cycles.

While the advantages of SaaS CCM solutions are many, the C-suite remains leery of moving sensitive data to the cloud. In a 2014 KPMG survey, 53% of executives cited data security as a top concern when considering cloud adoption. Several high profile data breaches have only fueled anxieties about data privacy. However, the assumption that the cloud is inherently less secure than on premise installations has more to do with perception than reality. By selecting the right CCM vendor, executives can craft a SaaS CCM solution tailored to their business needs while securing their data in a cloud environment.

When looking for a secure SaaS CCM option, businesses should look for a solution that offers the following features:

Role-based access controls – User permissions are essential to creating a secure environment that supports collaborative workflows throughout the content life cycle. Look for a SaaS solution that offers role-based user privileges. In terms of efficiency and ease of use, a portal framework is ideal as it allows business users to access only the tools and content they need to complete assigned tasks, while eliminating the time-consuming job of administering permissions and security in-house.

Multiple deployment options – When it comes to the deployment of SaaS CCM solutions, businesses have multiple options from private clouds to multitenancy architecture within a public cloud environment. Whether you’re concerned about compliance with external regulations or internal policies, you want to select a deployment option that allows you to secure your data while retaining the advantages of the cloud. At Elixir, we have deployed Tango+ on premise, in private clouds, and in public clouds such as AWS. We also help customers set up hybrid solutions. Organizations retain custody of their sensitive data while Tango+ assembles documents from the cloud using test data.

Audit Controls – Regardless of your deployment model, being able to track user activity is critical to safeguarding sensitive information. Your SaaS solution should enable you to identify who is accessing the application at any given day or time and what kinds of activities they are performing. Look for a SaaS CCM solution that includes audit controls as part of its platform.

Highly qualified solutions architects – Having a qualified team of solutions architects is critical to creating a repeatable, automated solution for variable business correspondence. In the era of big data, qualified solutions architects must be able to consolidate information from multiple sources and normalize it to create a single source of truth. Solutions architects should also have experience setting up master templates that comply with regulatory requirements specific to your industry. For example, healthcare payers who offer Medicare Advantage Plans should look for a SaaS CCM vendor with experience setting up master templates that comply with CMS guidelines for marketing materials.

Strategic partnership with secure cloud service provider – Perhaps the most important consideration when selecting a SaaS CCM solution is the relationship between your CCM vendor and their cloud service provider. The last thing you want is to be another ticket in the system when it comes to securing your data, so make sure your SaaS CCM vendor receives personalized support from their cloud service provider. You also want to make sure that the cloud service provider is knowledgeable when it comes to compliance requirements for your industry. To ensure high quality service in secure environment, Elixir partners with Armor, a leading cloud service provider when it comes to security. The benefits of such a strategic partnership include:

  • Highly qualified personnel that include specialists in data security
  • Geographically remote, fully redundant data centers that meet or exceed US military standards
  • Comprehensive security controls including virtual machines, IP reputation filtering, DDoS mitigation, sophisticated intrusion detection systems, and top-of-the-line security software
  • Validation of the cloud environment through industry recognized security frameworks such as HiTrust, SSAE 16, ISO 27001, and PCI DSS


The flexibility of SaaS is one of the greatest assets this technology offers businesses that produce regulated customer correspondence. Flexibility is also the cornerstone to building a secure cloud environment. By doing careful due diligence, you can leverage all the benefits of your SaaS CCM solution while safeguarding sensitive data in a way that meets your unique business requirements.

Interested in learning more about secure SaaS CCM solutions? Check out IHC and Banking.com for articles by Elixir’s Chief Information Security Officer, Waqar Ahmad.

Ready to experience the power of Tango+? Request a demo.


Written By:

Heather Havens

Elixir Blogs | view all

Subscribe Here!