What’s the bedrock to your Social CRM Strategy?

Perhaps it is taken for granted, but Esteban Kolsky’s recent article on The SCRM Roadmap, is missing the requirement for a Social Media Participation Policy for employees. No matter where you are on his SCRM pyramid such a policy is vital. The first thing it does is give an employee permission to use their own initiative and participate in customer conversations.

There are few better experts on your products or services than your employees. Apple Inc. makes a point of highlighting these Geniuses and puts them to work in customer facing roles. With the advent of Social Networking, your experts do not need to have such a specific role, but can still be recognised for their contribution in making their company great.

Permission to talk
Your company doesn’t really have to have more of a strategy than permission to get started on becoming a social business. Moreover, a simple, publicly available guideline affords employees some protection from pressure to discuss or comment on topics that are not appropriate.

It can be made clear that while all company employees are welcome to participate in Social Media, it is expected that all who participates in online commentary understand and follow some simple but important guidelines. This really is irrespective of medium (video, blogs, twitter, etc) and could also be applied to more traditional communication mediums such as the press. However, I’ll stick to the internet based communication channels for now. These rules might sound strict and contain a bit of legal-sounding jargon. Some of the rules may be intuitive and considered basic common sense. However, please keep in mind that the overall goal is simple: to participate online in a respectful, relevant way that protects the company’s reputation.

A great list of sample policies from existing organisations, some of which are written with industry specific rules, is available at Social Media Governance. It is well worth a read. The following is a guide highlighting some of the dos and don’ts covered in most of these policies.


  • Protect confidential information.
  • Respect copyrights.
  • Be credible, transparent and identify yourself as an employee.
  • Be in a position to offer comment from a point of clear knowledge of the subject matter.
  • Avoid jargon by writing in simple terms.
  • Use caution. While not all company employees are official spokespeople, please use caution in your comments as reporters and analysts may report on anything included in your online postings. Also, once online, the comments are cached, distributed quickly and available effectively forever.
  • Secure approval. If you are an official spokesperson for the company, you must submit each posting to for review / approval before posting. If you are not a spokesperson, you will need to check with the company to determine if your blog and postings need to be approved.
  • Make it clear that your views are your own and do not necessarily reflect the views of your employer.


  • Comment on merger and acquisition activity.
  • Discuss future product offerings, including upgrades, or new releases.
  • Make growth predictions of any kind.
  • Break out revenue by specific product or country.
  • Use any inflammatory language or discredit others’ views.
  • Provide headcount numbers for any country, region, group or department.
  • Discuss customers that are not currently referenceable to the press.
  • Provide the number of customers for a specific product area.
  • Speak for the company.
  • Lie.

Even if your not sure what a Social CRM strategy is all about and your current strategy is that you have no strategy, a policy providing guidelines to employees on the use of Social Media is an excellent platform enabling employees and customers to engage in dialogue about your products and services. That’s the beginning of a beautiful relationship.

Your hosted application is a virus vector

We are all used to seeing SaaS as an acronym for Software as a Service. It also doubles as another acronym for the non-functional features of a SaaS architecture. When you’re providing a hosted service there are a number of non-functional features that need to be considered such as Scalability, Availability, Agility and Security. I’ll flesh out these concepts at a later date as they are all quite broad and encompass a lot of features. Security, for example, includes, but is not limited to ensuring the integrity of the system and the systems that connect to it.

One threat to system integrity is a computer virus. If your hosted application becomes a vector for the dissemination of viruses to your clients system it becomes a threat to your business, not just your systems. So, how do you test you hosted application to make sure infected files are handled properly?

At the beginning of this year I started working on Oracle CRM Sales Library OnDemand, which permits the uploading of documents to be shared with others in your organisation. It provides a rich set of social networking features that enables users to share, rate, review, and tag PowerPoint presentations an MS Word documents so that everyone in your organization can leverage the most effective sales materials. To share a document, or it’s contents, it must be uploaded to Sales Library and of course, the upload process involves virus scanning. In fact, virus scanning is the first step. Irrespective of the file type, before any logical validation takes place, such as supported formats, the file is interrogated by an anti-virus system. When a file fails the virus scan, the user has to be informed with meaningful message. So, while your hosted application does not have to be coded with anti-virus logic, it does need to be able to handle and report effectively, when a virus is found.

Once you have this logic in place, you have to be able to test that the behaviour of your application is correct. Now, you don’t want your development or testing environment to be using files with viruses to test with. In fact, your organisations anti-malware system would probably prevent you from storing the files anyway. Thankfully, the European Institute for Computer Antivirus Research has a solution. For testing the anti-virus error handling logic in our application we attempt to upload a file with just the EICAR test string as content.


The above is not a virus, but is a test string for anti-malware systems. In unit tests, this can be used as the only content of an InputStream. You should provide a dummy implementation of your virus scan system when unit testing too. Remember, you’re not trying to test the anti-virus software. You want to test the behaviour of your application when the anti-virus software reports a virus is found. When testing the deployed Sales Library application, the text file can be saved with a .ppt or .doc extension and then uploaded. The only content of the file should be the test string.

I have yet to find an anti-virus system that does not comply with this EICAR anti-virus test string. A simple test in your own environment will reveal if your anti-virus software does or not. I suspect that it will, and you can proceed with confidence that your hosted application is handling contaminated files properly for the protection of yours and your customers business.

Social Networks in Business

Last week I heard on the radio that The Sunday Business Post Computers in Business magazine was doing a special ‘Social Networking in Business’ edition. Since I’m more of an online news hound, I can’t remember the last time I bought a physical newspaper, I put a reminder on my phone to pickup a copy of SBP on Sunday May 4th. Which I did. It’s a rarity these days, but Sunday was not too bad weather-wise, so I sat down in a local park to enjoy Computers in Business and the sunshine.

The three Social Networking sites focussed on where Twitter, Facebook and LinkedIn. Adrian Weckler‘s article about Twitter was a nice step by step guide to getting started, but lacked a business case for using Twitter in the first place. The other articles did at least provide some, but limited, business scenarios: Facebook for B2C advertising, LinkedIn for B2B advertising. This is perhaps an oversimplification of the articles, the online versions will not be available for a week or two. When they are I’ll link to them from this article and you can decide.

Business, and success in business, requires relationships, so Social Networking would appear to be the ideal tool. It needs to be carefully and thoughtfully applied though. When the only tool you have is a hammer, everything looks like a nail. So, with Social Networking one should be aware of how and when one is using it for lead generation, building a community of loyal fans, providing customer support, or just keeping in touch. Another important factor to consider is identity. I’m not talking about credentials, but rather who is being represented, the individual or the business? This is probably not too much of a concern for small businesses where the owner’s personality is blended with the brand. While it is taboo for a politician or celebrity to delegate their Tweeting to someone else, a large organisation is infact separate from the people who run it, so the Social Networking responsibilities often fall to the marketing department by default. However, the marketing department is not the only point of contact that customers, or potential customers, have with a business. A business using Social Networking sites should reflect that, ensuring that at least Sales and Customer Support have an involvement.

Staying on the topic of Twitter and business, Sarah Milstein recently spoke about Effective Twitter for Communication & Product Integration and touched on this matter of having individuals, recognised as real people, tasked with representing the business in social networks. Sarah often refers to two different companies with a similar approach to engage with their customers through Twitter. Wesabe, a personal finance site, and Comcast, a TV, phone and internet company, both use Twitter’s search feature to learn about what peopple are saying about them and respond accordingly. Sometimes this can be to address a complaint, or provide advice on a purchase.

If a business is made up of individuals, how does that business get meaningfully represented in a social network? One option, and I’m surprised it was not mentioned in the Computers in Business magazine is CoTweet. It is designed for businesses using Twitter to engage existing customers and attract new ones. CoTweet allows multiple people to communicate through corporate Twitter accounts and stay in sync while doing so.

Of course, microblogging is not just for external communication either. Increasingly, social networks have been appearing within the enterprise too. Yammer and Present.ly both provide private microblogging with features tailored for the workplace, like the ability to add attachments and to communicate in subgroups. Those who have found it useful report that email traffic is down, but information sharing and collaboration is up. Those who didn’t find it useful are still wondering what the fuss is about. It’s just another stream of information one has to struggle keep up with.

The use of social networks in the enterprise for internal or external communication does need to be carefully considered. In particular, one needs to be aware of what existing communication processes are being supported, and what new communication processes are required. This is where the adoption of social networks for business can struggle, not recognising the opportunity to use the technology to support new ways of doing business.

Performance testing of asynchronous processes

Generally, the most complicated part of performance testing is getting the data shape right. Populating the system with thousands of users, records and so on is made easier by data generation tools, but it still requires a lot of thought. Often the testing simply involves making a request and asserting that the response time was within acceptable limits. Systems that validate the parameters, particularly time based parameters, in these requests make it a bit more complicated to automate the performance testing. Think of session tokens, or other sets of data that are only valid for a short period of time.

When working on Social CRM we had a similar challenge. There are a number of processes that are asynchronous and to further complicate matters, involve email. The reset password process is a good example. There are 3 steps:

  1. Initiate reset password – A user specifies an email address and the system sends an email asking do they really want to reset their password. This email contains a URL with a number of parameters to verify that only the person receiving the email can move to the next step.
  2. Confirm reset password – A user clicks on the URL link in the email to confirm that they want to reset their password. The system verifies the parameters, generates a new temporary password and sends the user an email. The user can not log in with this temporary password.
  3. Complete reset password – A user clicks on the URL link in the email, enters their temporary password and their new password in order to be able to log into the system.

A number of these parameters are not stored anywhere, except in the email. There are other system checks and balances to verify some of these parameters. Therefore, when automating the performance testing, it is not possible to populate the database with a full set of valid data and run the script. Access to the generated email content is required. This is where SubEthaSMTP and Wiser help out.

By having an implementation of Wiser to write the emails to a file, all of the time based parameters, that are not stored anywhere, are available for a subsequent performance testing script to refer to.

Social CRM @ OOW 2008

At this years Oracle Open World watch out for some fantastic Social CRM sessions and demonstrations. Below are two sessions in particular to put into your diary where the next generation of Social CRM applications will be shown off. Since the launch of the Oracle Social CRM Applications earlier in the year Tara Roberts, amongst others, have been blogging about the new Social CRM paradigm.

Session ID: S300050
Session Title: Social CRM Applications Strategy Overview and Road Map
Session Abstract: Oracle’s social CRM applications provide a new level of end-user productivity that finally gives sales professionals the kinds of tools they need for accelerating sales cycles. In this session, learn from Oracle product experts how organizations can use these applications to increase user adoption and make their sales teams more productive.
Duration: 60 minutes
Speaker: Mark Woollen, Oracle
Session ID: S300051
Session Title: Social Sales Applications: Focus on End-User Productivity
Session Abstract: Oracle’s new Social Sales Applications — Oracle Sales Prospector, Oracle Sales Campaigns, and Oracle Sales Library — deliver specific end-user functionality to make sales professionals more productive throughout the sales cycle. This session will highlight social capabilities and social intelligence supported by these applications and provide demonstrations of these applications at work.
Duration: 60 minutes
Speaker: Tara Roberts, Oracle