Zuora Case Study [Cloud] by Surabhi Ravindra

Zuora Inc.: Venturing into Cloud Computing

[1]

Zuora Case Report

By Surabhi Ravindra

[email protected]

UTD ID # 2021243310


[2]

Theme A: Knowing the Market, Cloud Models, and Ecosystem

1. Describe which market segment(s) Zuora serves in the time-frame and setting of the case?

Zuora provided subscription based personalized billing solution that can be tailored, for following

types of companies:

Zuora is SaaS Billing service provider to SaaS providers

a) Companies that offered offline subscription based services such as AT&T and Zipcar.

b) Companies that offered online subscription based services such as cloud computing

providers and cloud service providers.

2. Summarize from the case the nature of complexity of Services business (vs. Manufacturing)?

Specifically, why do Services businesses have billing complexities? Cite examples of such

complexities from the Zuora case – and optionally, from other sources – in order to substantiate

your reasoning

Pricing for services is more tedious and complex than pricing for products due to the time factor.

The final price depends on many factors such as usage, location of the user, rate plan subscribed

by the user, number of users enrolled into the plan and resource utilization.

One example cited in the case study is that of mobile network providers AT&T billing system.

AT&T offers variety of plans to fit each of their customers (such as Individual plan, Family plan,

Small Business plan, etc). The billing depends on the location of the customer, multiple rate plans,

onetime + recurring fee, annual pricing, quarterly pricing, and the monthly payment method,

whether customer brought the phone under AT&T plan and other considerations such as late

payments or missing payments, final billing is robust and dynamic. AT&T has to do customized

billing for millions of customers every month.

The other example in the case, is that of the complex service based billing for Zipcar, the car rental

industry. Here various factors such as model of the car (sedan/SUV- capacity of the car), reserved

parking, insurance charges, free miles, promotional discounts, application fee, annual charges,

deposits, gas charges, and number of hours rented, penalties for late payments or missing payments

and penalty for damages to be considered for billing. The bills have to be customized for each

customer.

3. Elaborate which cloud delivery / consumption model(s) and which deployment model(s) is used

by Zuora products? Draw simple diagrams to clarify and accompany your brief narrative.

Zuora products such as: Z-billing, Z-Payments, Z-force and Z-commerce use SAAS (Software as

a Service) model of cloud delivery. Zuora ran its business on set of SAAS services from

companies like CVSDude, Amazon and Marketo.


[3]

Majority of Zuora’s deployments are on public cloud as it is most economical solution from a

vendor’s point of view and Zuora’s business model is frugal. But few products of Zuora such as

Z-commerce offer private cloud deployments due to threat to security.

4. Gleaning from the case, draw a diagram of the ecosystem of payment and billing providers,

show their role / relationship with each other and/or with merchants, and show clearly Zuora’s

place in this ecosystem

a. Customer’s details are entered in the subscription website for billing.

b. Zuora computes final bill for the customer based on several factors such as time, type,

location etc. Zuora’s billing solution gives tools needed to price the service in the

appropriate way. Zuora can combine one time, recurring billing periods and usage based

pricing models and can also offer pricing based on promotions, discounts, etc.

c. Zuora’s Z-payments handle the payment, automate exception handling, reduce payment

disputes and shorten collection cycles.

d. Based on type of payment, customer’s details are sent to the payment gateway. E.g. Credit

cards and debit cards details will be sent to Paymentech, and PayPal allowed online

merchants to accept payment through online media, etc.


[4]

Theme B: The Challenges & Opportunities of Multi-tenancy in Cloud (5 points)

1. Research and report what security pain points a cloud multi-tenancy provider like Zuora would

face?

1. Malicious or Ignorant Tenants / Data Breaches: If the provider has weaker logical

controls between tenants, a malicious or an ignorant tenant may reduce the security posture

of other tenants. For example, a high-risk wire transfer transaction processing system for

a finance client should have extensive controls than a low risk non-transactional record

keeping client.

2. Co-mingled Tenant Data / Commingling Data: Data from multiple customers is

typically commingled on the same servers (same database, backups, archives) to provide

economical solution. In such scenarios, data destruction becomes a huge challenge.

3. Logical Security Controls / Data deletion: Software, programs, application programs and

data (Computing Systems) that are shared across various clients in the multi tenancy model

must be adequately protected against unauthorized access and accidental or intentional

destruction or alteration of the system of the other tenants. Most of the times for database

systems, operating systems and application systems shared across various tenants’ logical

security controls often seem to be added as afterthought which results in weak control

setting even when maximum available access restrictions have been implemented. One


[5]

tenant cannot deliberately interfere into other tenants computing system compromising

security.

4. Performance risks / Capacity Optimization: Capacity optimization is not obtained, one

tenant excessive usage might cause service quality issue to other tenants.

5. Shared Services can become single point of failure / Degraded Quality of Service:

Services are flexible in nature and the common services must be architected well if not,

there will be abuse of the resources by a particular tenant leading to the single point of

failure.

2. For the above point points, recommend 2 security measures you would advise to Zuora in

securing a multi-tenancy environment. Be clear about which security pain point you are

addressing, and what mitigation measure is recommended.

One recommendation would be isolate Database to overcome Co-mingled Tenant Data and

Performance risks. Giving each tenant its own database makes it easy to extend the application's

data mode to meet tenants' individual needs, and restoring a tenant's data from backups in the

event of a failure is a relatively simple procedure. In a typical SaaS model, the tenants usually

share a database, the database tables must be further secured by simply restricting access on a

database-wide level to the tenant associated with that database. Also by, keeping the resources

separate increases the performance of the service and brings at most capacity utilization.

Another method is to provide encryption of data, so that data will remain secure even if it falls

into the wrong hands, to eliminate Malicious or Ignorant tenants. Encryption is important in

situations involving high-value data or privacy concerns, or when multiple tenants share the same

set of database tables as in case of multi-tenant SAAS model.

This space is intentionally left blank


[6]

3. For 2 above, draw appropriate diagrams to accompanying your narrative.

(Your investigations can source from the Zuora case material or from the Internet or other sources)

Diagrammatic representation for isolation of data:


[7]

Illustration of encryption of data:

Theme C: Impact of Cloud to Business Model & Business Operations (3 points)

1. Identify from the case and elaborate on 2-3 business operations challenges which are unique to

(a) a company such as Zuora in becoming a cloud provider, and

(b) a traditional software company in becoming a SaaS provider such as some off Zuora’s

customers.

(Hint: Examine in the case for dynamics around cost structure and revenue in light of above

change)

Challenges for Zuora in becoming a cloud provider:

Financial modeling for cloud computing is different to that of SAAS billing, Zuora had to face challenge from a governance and control standpoint.


[8]

SAAS companies have different kind of billing system, charge as the cutomer continues to use compared to the traditional software companies on buying licenses, which reduced

Zuora’s revenue. For company like Zuora to make huge investments for infrastructure re-

design to move to cloud.

Challenges for traditional software company in becoming a SAAS provider:

Traditional software companies to invest lots of money to move to SAAS provider to set

up appropriate infrastructure.

Revenue of traditional software companies to be redefined, they have to move from traditional way of billing customers on purchase of license to subscription method of pay

as you use model.

The whole structure of the organization has to be revamped and huge investments of time and money need to be made to for traditional software company to move as SAAS provider,

appropriate billing and in house billing systems to be built to charge the customers, billing

structure to be re modelled etc.

Theme D: Summing it up: Take a position (5 points)

The case ends with Zuora considering three possible scenarios:

• Scenario 1 – Continue to focus on billing for the SaaS industry

• Scenario 2 – Expand to capture the broader cloud computing trend

• Scenario 3 – Grow big fast and try to capture the broader subscription opportunity

1. Arrive at your independent recommendation on which of the 3 scenarios should Zuora take – in

the 2009 time frame the case is set. Provide your reasoning.

Scenario 3 was the best decision for Zuora. The reasons are as follows:

Scenario 1- to continue focus on SAAS billing was not good choice because Zuora had to expand

its sales capacity, in Scenario 1 the growth was small and Zuora had to take an opportunity to grab

the growing trend and secure its place in subscription-based billing and payment industry before

it would be left behind the competitors.

Scenario 2 -had many risks such as, risks of SAAS provider competitors and decrease in demand

for SAAS providers. Risks involved in Series C funding.

Scenario 3 -was the best move to Zuora, as other services were value added and Zuora was able

to branch out into other services of subscription billing. Scenario 3 was perfect aid for Zuora when

SAAS market was diminishing. Expanding and specializing in SAAS billing and other existing

services was the most logical move for Zuora.

2. Determine from current Zuora web site, company/industry analysis, and other sources which of

these paths (or other) did Zuora actually end up.

Zuora followed Scenario 3 to grow big fast to capture the broader subscription opportunity.


[9]

Bonus Questions [5 points]

1. Zuora & Zipcar: The case alludes to Zipcar, the car-sharing service, as an example “offline”

company in the “subscription economy”. Draw and accompany a brief narrative of the sequence

flow between a user of Zipcar and its use of Zuora services.

Zipcar is the world’s largest car sharing service, offering self-service, on-demand cars by the hour

or day. Zipcar can be reserved via Internet, iPhone app, android app or through automated

telephone service.

Zipcar’s office application, website uses Zuora’s SAAS application to compute customer’s final

bill. Some of the factors considered for billing are:

a. Driving discount based on the customer. (eg. Students have more discount than other

individuals or businesses, etc.)

b. Monthly membership fee or annual membership fee, which might also include application

fee and deposit fee.

c. Driving rate- hourly rate or daily rate depending on the usage of the customer.

d. Also other miscellaneous factors such as gas, insurance, reserved parking, free miles,

promotions, discounts.

Based on the above criteria, Zuora’s Z-billing to customize the bill for the customer and Zuora’s

Z-commerce routes customer’s details to payment gateway to authorize payment.


[10]

2. Trivia: We discussed early in the semester that cloud is causing a reordering of the software

stack. According to facts cited in the case, what dollar value of the worldwide software stack was

projected for 2011.

Worldwide software industry valued $744 billion, in 2011. About 12% was estimated to migrate

to the Internet as on demand or SAAS applications, which represented $95 billion.

Zuora Case Study [Cloud] by Surabhi Ravindra

Internet

Transcript of Zuora Case Study [Cloud] by Surabhi Ravindra