Research in Motion (RIM), creators of the popular BlackBerry family of mobile devices and services, is expected to launch formally its long-awaited PlayBook tablet computer tomorrow. Here are four reasons why I think RIM's new tablet may be hard to swallow for business users.
PlayBook Vulnerability #1: its proprietary operating system. In business servers, there are two largely dominant operating environments: Microsoft Windows and the converged Linux/UNIX ecosystem. In mobile networked devices for business users, it's largely Apple's iOS and Google's Android -- and RIM, at least in some segments. (Sorry, Symbian and Microsoft, unless Nokia's decision to replace Symbian's software with Windows Phone spurs growth for that platform.) In PCs for business, it's largely Windows and Linux, plus Mac/iOS in some segments. The point is, few if any segments demonstrate much if any need or demand for an operating system other than those that dominate the segment in question.
But the PlayBook will run a proprietary operating system. A marketing challenge at best and a support and integration non-starter at worst.
To users, value is all about available apps. And application developers have limited resources, which means many can't afford to develop and support versions for more than one or two operating systems. Which does not augur well for original apps written for RIM's operating system. While the BlackBerry faithful may be satisfied by a unique set of available apps, others will wonder if there aren't PlayBook versions of apps already popular on the dominant mobile operating systems.
This makes support for Android apps even more potentially important to the PlayBook's success. But so far, all RIM is offering in emulator software to run (at least some) Android apps. In this light, any perceived or actual performance degradations or incompatibilities could present as many opportunities for criticism and frustration as the iPad's lack of Flash support. And business technology decision makers and their teams are looking for fewer interoperability challenges, not more.
PlayBook Vulnerability #2: its form factor. RIM is touting the PlayBook's ability to run games and other multimedia, something about which even business users increasingly care. The PlayBook's 7-inch form factor, like Samsung's Galaxy Tab and other tablets, means current BlackBerry users can likely continue to type with their thumbs on the PlayBook. But the device isn't as comfortable for two-handed typists, or for gamers, movie watchers or Web surfers who prefer more visual real estate. And the riotous popularity of the iPad amply demonstrates that more visual real estate makes even a larger device worth carrying around to a lot of business users.
PlayBook Vulnerability #3: its connectivity limitations. While the PlayBook seems likely to support high-speed networks from AT&T, Verizon and others at some point, it's being shipped initially with support only for Wi-Fi. (A version for Sprint's WiMAX network is expected within, say, 60 days of the official PlayBook launch.) Which means only users of both PlayBooks and BlackBerry devices with corporate network connections can see real-time updates to their calendars, contacts or e-mail. At least until and unless RIM and/or its developer partners and/or savvy users begin to create and propagate effective tethering arrangements that support other mobile phones and carrier networks.
Also, AT&T and Verizon are increasingly dominating the mobile networking market in the U.S. and elsewhere. For the PlayBook not to support either carrier from Day One will be a deal-breaker for technology decision makers and mobile users at many companies. It's a situation likely to turn off users who don't already use BlackBerry devices as well.
PlayBook Vulnerability #4: it's too little, too late. Had RIM announced and delivered the PlayBook a few months earlier, the dynamics of the discussion would likely be different. However, with the iPad 2 and numerous Android tablets already available and more coming soon, RIM will have a difficult time reaching beyond BlackBerry loyalists with the PlayBook.
I'd love to be wrong about any or all of this, but I don't think I am. Whether or not you believe in signs or portents, it is interesting to note that published reports have said that the PlayBook was delayed in part because of the catastrophe in Japan and in part because challenged manufacturers had previous iPad 2 commitments. It's also not helpful to RIM's prospects that its CEO abruptly ended a recently attempted BBC interview when questions strayed beyond the PlayBook and into possible network security concerns. Not great pre-launch PR.
RIM could be in trouble long-term if the PlayBook isn't successful. At the very least, anything that smacks of lackluster adoption will cement perceptions of RIM as an also-ran in the evolving market for tablet computers and other mobile networked devices.
The BlackBerry ecosystem risks becoming the mainframe of mobile devices. That is to say, venerable and respected, and remaining in use long after being superseded, but relegated to the status of "coulda been a contender." Who'd have thought?
Wednesday, April 13, 2011
Tuesday, March 15, 2011
Viewfinity Beefs Up Privilege Management in the Cloud(s)
Got business-critical IT resources? Got users? Got mobile users? Got or getting Windows 7 across your enterprise?
If you answered "yes" to any or all of the above questions, here's something else you've got: a need to manage user access privileges and administrative rights. Especially if any of those users are being moved to Windows 7 and/or are mobile.
Windows 7 comes with AppLocker, a set of features designed to enhance the software restriction policies (SRPs) supported in previous Windows releases. (Windows Server 2008 R2 also supports AppLocker.) I'm not going to go into details about AppLocker and SRPs here; instead, I'll refer you to two great pieces by IT and Microsoft expert Greg Shields of Concentrated Technology. One is on AppLocker itself. The other is on a security philosophy AppLocker and related offerings can enable and support: approved execution. After all, malware can't hurt your systems if you've got blacklists and whitelists that can determine what code, malware or otherwise, actually gets to run.
Approved execution is one element of a larger set of challenges and solutions some vendors refer to collectively as "least privileges." Basically, this means giving each user the minimum amount of access privileges needed by that person to do their work, to reduce unauthorized execution of malware or access to IT resources. And moving to Windows 7 provides a great opportunity to review and improve the policies and technologies your company's using to increase security and to control access privileges more effectively. But it's unlikely that every user on your network(s) will be moved to Windows 7 at the same time, and it's very likely that AppLocker alone won't solve all of your privileges management challenges.
Some potential help: Viewfinity, a leading player in this market, just announced version 3.5 of its Privilege Management solution. There are three things I really like about Viewfinity's approach. One is that it provides granular, role-based privilege management that you don't have to be an IT or security expert to make work. Another is that interoperates with Microsoft Active Directory but does not require or rely upon it. This means greater flexibility and continuing functionality even if Active Directory fails. The other is that it's Web/cloud-based. This means it's easier to incorporate protection of authorized mobile users (and rejection of unauthorized access or execution attempts).
There is no single solution that is going to guarantee complete security for any business computing environment. However, tools such as Viewfinity Privilege Management can give you a significant leg up on the continuing "arms race" between malware developers and those attempting to defend their environments against malware. Check it out and see if it can help you to protect your environment, especially if you're facing a move to Windows 7, a growing requirement to support mobile users or both.
If you answered "yes" to any or all of the above questions, here's something else you've got: a need to manage user access privileges and administrative rights. Especially if any of those users are being moved to Windows 7 and/or are mobile.
Windows 7 comes with AppLocker, a set of features designed to enhance the software restriction policies (SRPs) supported in previous Windows releases. (Windows Server 2008 R2 also supports AppLocker.) I'm not going to go into details about AppLocker and SRPs here; instead, I'll refer you to two great pieces by IT and Microsoft expert Greg Shields of Concentrated Technology. One is on AppLocker itself. The other is on a security philosophy AppLocker and related offerings can enable and support: approved execution. After all, malware can't hurt your systems if you've got blacklists and whitelists that can determine what code, malware or otherwise, actually gets to run.
Approved execution is one element of a larger set of challenges and solutions some vendors refer to collectively as "least privileges." Basically, this means giving each user the minimum amount of access privileges needed by that person to do their work, to reduce unauthorized execution of malware or access to IT resources. And moving to Windows 7 provides a great opportunity to review and improve the policies and technologies your company's using to increase security and to control access privileges more effectively. But it's unlikely that every user on your network(s) will be moved to Windows 7 at the same time, and it's very likely that AppLocker alone won't solve all of your privileges management challenges.
Some potential help: Viewfinity, a leading player in this market, just announced version 3.5 of its Privilege Management solution. There are three things I really like about Viewfinity's approach. One is that it provides granular, role-based privilege management that you don't have to be an IT or security expert to make work. Another is that interoperates with Microsoft Active Directory but does not require or rely upon it. This means greater flexibility and continuing functionality even if Active Directory fails. The other is that it's Web/cloud-based. This means it's easier to incorporate protection of authorized mobile users (and rejection of unauthorized access or execution attempts).
There is no single solution that is going to guarantee complete security for any business computing environment. However, tools such as Viewfinity Privilege Management can give you a significant leg up on the continuing "arms race" between malware developers and those attempting to defend their environments against malware. Check it out and see if it can help you to protect your environment, especially if you're facing a move to Windows 7, a growing requirement to support mobile users or both.
Tuesday, January 18, 2011
ERP in the Cloud, and Beyond: Expandable Software's Bob Swedroe
Bob Swedroe is President and CEO of Expandable Software. Expandable provides solutions for enterprise resource planning (ERP) and other business functions, with three key twists.
First off, Expandable offers on-site or cloud-based implementations, depending on user preferences and business needs. Secondly, the company promises seamless integration with what Bob calls "best-of-market solutions." Third, the folks who actually get Expandable solutions up and running for customers are Expandable employees. This gives the company more direct influence over how these implementers do their jobs. This, in turn, lets Expandable offer some pretty impressive levels of support and service.
Bob's a big believer in cloud-based and software as a service (SaaS) solutions, but his perspective is refreshingly different from that of some of his industry peers. So I thought I'd ask him three pointed questions about the business software market. Please enjoy!
Q1: What is the single greatest challenge to success for software providers seeking to deliver modern business software solutions?
A1: The single greatest challenge is a level up from integration…I’d say flexibility in meeting business [requirements] while continuing to reduce the infrastructure worries. Businesses of all sizes want to focus on business rather than systems. This is driving force [behind] SaaS momentum.
Market trending is toward new business models of marketing and selling. We see this with our own business and with the [history of all] business software. We’ve come from point products to integrated business functions. ERP [solutions] by definition are single platforms that have integrated many business functions [originally performed by] point products. Now we are swinging back to point solutions as obviously there is a market for robust point solutions that bring a focused and higher level of complexity and flexibility to solve the issues at hand.
Software providers need to remain true to their core vision AND learn to integrate seamlessly (really seamlessly) with other applications such that the combined applications work together and [are] flexible enough to provide the best-of-breed solution. While the delivery method of the particular application is not important (i.e., on site or SaaS), the application must be able to integrate seamlessly and efficiently with other key applications residing in the cloud.
Again, companies don’t want to worry about the infrastructure. They just want it to work; and it will, because those that don't won't survive.
Q2: What is the single greatest challenge to success for enterprises seeking to deploy business-critical modern business software solutions?
A2: Probably the single biggest challenge is to be able to create a solid, dedicated, focused team [that] includes the company employees and the business solutions provider's employees. In addition, there needs to be complete executive-level support for the implementation to have a good chance of success – and the implementation of a review and monitoring process for the implementation.
Very often, unrealistic demands are set as employees are expected to do their normal job and also to "suck it up" and be on the deployment team. Execs need to be at least aware of the risks and consequences of taking employee’s [personal] bandwidth for granted.
One critical element that is so often overlooked is to find a software solution provider that is a true business partner. As a business partner they should be engaged and concerned about the success of your business. In essence, they become a valued extension of your internal team. The only way to know for sure how good a business partner is a software solution provider, is to perform a very thorough job of due diligence on the software provider. (Editorial Note: you can register to receive a free white paper from Expandable on checking vendor references at http://dortchon.it/gInN9J.)
Sage [an Expandable competitor] just recently created and appointed a Chief Customer Officer (CCO), but many ERP companies and business solutions companies sell, then “drop” their customers. To further add complexity to the issue, if the application is sold, delivered and implemented by a reseller, then the [purchasing] company not only has to perform proper due diligence on the software provider, but also on the reseller as well.
Salesforce.com realizes this as well and has a transfer after the sale to a Customer Success Manager that has primary focus on the customer success with the product. Expandable has a model where everyone [from the company] is/can be involved with the success of our customers.
Q3: What do you see as the next "great leap forward" for the modern business software solutions market - technological, organizational, perceptual or otherwise?
A3: The next "great leap forward" will be driven by the organizational/social changes that are coming as the "new generation" of employee comes through the ranks and the "Baby Boomers" leave. Essentially, the new ways versus old ways of how people work [and] socialize, and their comfort level with new technology will force this change – ubiquitous computing, networking, and real-time information access. The changes will happen. The question now is, how fast? The rate of change will be different for [different] applications and…functions (i.e., sales versus manufacturing.
For many modern software solutions, changes will happen faster than we think. The next generation of successful companies (and their employees) is driving this [change] hard and fast – and it will be adopted. Just 10 years ago there was a war of ATM [Asynchronous Transfer Mode] vs. IP [Internet Protocol]. The big companies drove the adoption [choice] and IP won.
Now the "war" is [between] the cloud or on-site [software deployment]. The younger generation and the now-popular new big companies on the block – Google, Amazon, Salesforce.com, etc. are the new, exciting and upcoming. The old [guard] – Microsoft, IBM (although they are very resilient and probably will continue to be), Oracle, SAP,…etc. [will] be less of a "mover and shaker" and either move with the flow and adjust or move to the background…. This is happening in the marketplace. I believe this trend will increase as the big leap toward more cloud [computing swings us] back to centralized computing to some degree….
Bottom line: there will be ubiquitous business tools available anywhere, anytime for a world that is moving very fast toward a mobile and remote workforce. However, having said that, a key point to consider is [that] the importance of ubiquitous and mobile computing will be dependent on an employee’s role/function in the organization.
Dortch's Recommendations
The more mobile, social and collegial Web is not coming. It's here, and getting bigger, faster and more important to more businesses every day. In this brave new online world, business agility and success will be determined largely by a company's ability to adapt business processes and infrastructures as necessary to identify and meet customer needs most effectively.
Whether your company sells business software, uses business software or both, these trends are going to affect what's available to you and your business. Increasingly, where your applications are hosted will matter less, while the ability to deliver ready access to them where, when and as needed will matter more. And your chosen providers are going to have major if not primary impact on your company's ability to succeed with its chosen technological solutions.
If you haven't already, begin now to focus on due diligence, regarding both your chosen solutions and providers and with your organization's stated goals and plans. Make sure that all of the above are aligned closely and correctly with what your customers and prospects care about most, and with your company's core strengths. And if your solution providers can't provide the assistance and support your business needs to succeed, consider replacing them – based on careful due diligence, of course.
First off, Expandable offers on-site or cloud-based implementations, depending on user preferences and business needs. Secondly, the company promises seamless integration with what Bob calls "best-of-market solutions." Third, the folks who actually get Expandable solutions up and running for customers are Expandable employees. This gives the company more direct influence over how these implementers do their jobs. This, in turn, lets Expandable offer some pretty impressive levels of support and service.
Bob's a big believer in cloud-based and software as a service (SaaS) solutions, but his perspective is refreshingly different from that of some of his industry peers. So I thought I'd ask him three pointed questions about the business software market. Please enjoy!
Q1: What is the single greatest challenge to success for software providers seeking to deliver modern business software solutions?
A1: The single greatest challenge is a level up from integration…I’d say flexibility in meeting business [requirements] while continuing to reduce the infrastructure worries. Businesses of all sizes want to focus on business rather than systems. This is driving force [behind] SaaS momentum.
Market trending is toward new business models of marketing and selling. We see this with our own business and with the [history of all] business software. We’ve come from point products to integrated business functions. ERP [solutions] by definition are single platforms that have integrated many business functions [originally performed by] point products. Now we are swinging back to point solutions as obviously there is a market for robust point solutions that bring a focused and higher level of complexity and flexibility to solve the issues at hand.
Software providers need to remain true to their core vision AND learn to integrate seamlessly (really seamlessly) with other applications such that the combined applications work together and [are] flexible enough to provide the best-of-breed solution. While the delivery method of the particular application is not important (i.e., on site or SaaS), the application must be able to integrate seamlessly and efficiently with other key applications residing in the cloud.
Again, companies don’t want to worry about the infrastructure. They just want it to work; and it will, because those that don't won't survive.
Q2: What is the single greatest challenge to success for enterprises seeking to deploy business-critical modern business software solutions?
A2: Probably the single biggest challenge is to be able to create a solid, dedicated, focused team [that] includes the company employees and the business solutions provider's employees. In addition, there needs to be complete executive-level support for the implementation to have a good chance of success – and the implementation of a review and monitoring process for the implementation.
Very often, unrealistic demands are set as employees are expected to do their normal job and also to "suck it up" and be on the deployment team. Execs need to be at least aware of the risks and consequences of taking employee’s [personal] bandwidth for granted.
One critical element that is so often overlooked is to find a software solution provider that is a true business partner. As a business partner they should be engaged and concerned about the success of your business. In essence, they become a valued extension of your internal team. The only way to know for sure how good a business partner is a software solution provider, is to perform a very thorough job of due diligence on the software provider. (Editorial Note: you can register to receive a free white paper from Expandable on checking vendor references at http://dortchon.it/gInN9J.)
Sage [an Expandable competitor] just recently created and appointed a Chief Customer Officer (CCO), but many ERP companies and business solutions companies sell, then “drop” their customers. To further add complexity to the issue, if the application is sold, delivered and implemented by a reseller, then the [purchasing] company not only has to perform proper due diligence on the software provider, but also on the reseller as well.
Salesforce.com realizes this as well and has a transfer after the sale to a Customer Success Manager that has primary focus on the customer success with the product. Expandable has a model where everyone [from the company] is/can be involved with the success of our customers.
Q3: What do you see as the next "great leap forward" for the modern business software solutions market - technological, organizational, perceptual or otherwise?
A3: The next "great leap forward" will be driven by the organizational/social changes that are coming as the "new generation" of employee comes through the ranks and the "Baby Boomers" leave. Essentially, the new ways versus old ways of how people work [and] socialize, and their comfort level with new technology will force this change – ubiquitous computing, networking, and real-time information access. The changes will happen. The question now is, how fast? The rate of change will be different for [different] applications and…functions (i.e., sales versus manufacturing.
For many modern software solutions, changes will happen faster than we think. The next generation of successful companies (and their employees) is driving this [change] hard and fast – and it will be adopted. Just 10 years ago there was a war of ATM [Asynchronous Transfer Mode] vs. IP [Internet Protocol]. The big companies drove the adoption [choice] and IP won.
Now the "war" is [between] the cloud or on-site [software deployment]. The younger generation and the now-popular new big companies on the block – Google, Amazon, Salesforce.com, etc. are the new, exciting and upcoming. The old [guard] – Microsoft, IBM (although they are very resilient and probably will continue to be), Oracle, SAP,…etc. [will] be less of a "mover and shaker" and either move with the flow and adjust or move to the background…. This is happening in the marketplace. I believe this trend will increase as the big leap toward more cloud [computing swings us] back to centralized computing to some degree….
Bottom line: there will be ubiquitous business tools available anywhere, anytime for a world that is moving very fast toward a mobile and remote workforce. However, having said that, a key point to consider is [that] the importance of ubiquitous and mobile computing will be dependent on an employee’s role/function in the organization.
Dortch's Recommendations
The more mobile, social and collegial Web is not coming. It's here, and getting bigger, faster and more important to more businesses every day. In this brave new online world, business agility and success will be determined largely by a company's ability to adapt business processes and infrastructures as necessary to identify and meet customer needs most effectively.
Whether your company sells business software, uses business software or both, these trends are going to affect what's available to you and your business. Increasingly, where your applications are hosted will matter less, while the ability to deliver ready access to them where, when and as needed will matter more. And your chosen providers are going to have major if not primary impact on your company's ability to succeed with its chosen technological solutions.
If you haven't already, begin now to focus on due diligence, regarding both your chosen solutions and providers and with your organization's stated goals and plans. Make sure that all of the above are aligned closely and correctly with what your customers and prospects care about most, and with your company's core strengths. And if your solution providers can't provide the assistance and support your business needs to succeed, consider replacing them – based on careful due diligence, of course.
Monday, December 20, 2010
Private Clouds: First, There Is a Mountain, Then There Is No Mountain, Then There Is…
One of the great things about having savvy, articulate friends is that I can occasionally appear savvy and articulate (at least a little) merely by commenting on what those friends have to say. Who could resist? Not me, certainly…
My learned industry colleague and friend Peter Coffee of Salesforce.com recently opined that the idea of a private cloud – a cloud computing infrastructure owned and operated by and for a particular company – is a choice that doesn't really exist. If you own and operate the infrastructure, it ain't cloud computing in its most true sense, Peter said. (Of course I'm paraphrasing. You can read his exact words at http://dortchon.it/PrivateCloudQuestions.)
But another learned industry colleague and friend, Andi Mann of CA Technologies, has opined recently that the public cloud – THE cloud, according to Peter and many others, I'd wager – is not for everybody, and certainly not for every business or government agency. Andi makes many cogent and salient points, which could be taken in summary as an argument in favor of private clouds. (You can read Andi's exact words at http://bit.ly/fZS0dN.)
The thing is, I agree with Peter and with Andi. At least partly.
I think the core issue here is a need to, as they say in parliamentary procedures, "move to divide." There's the issue of IT service delivery, which is separate from IT service consumption.
If I own an IT infrastructure and I configure and manage that infrastructure in a converged, unified way, I can deliver services that can be consumed "by the drink" or per user/per month. So to my users, it looks a lot like cloud computing. Users get authorized and simply use the services they need, as they need them. But what I've built and am operating isn't THE cloud, and may or may not be a cloud. It's what some savvy vendors such as Egenera and more and more savvy analysts describe with terms such as "unified computing" and "converged infrastructure."
Make no mistake – converged infrastructures are incredibly valuable, especially if and when they help companies to manage IT more efficiently and economically. But there's nothing written in stone that says a converged infrastructure has to result in cloud-like on-demand service delivery or consumption. Convergence and unity can, at least metaphorically, stop inside the data center door and still help to reduce operational costs, improve operational responsiveness or both.
So, as Andi Mann argues, not every business can or should make the wholesale leap to public cloud solutions. However, as Peter Coffee said, it's not clear that such businesses need, want or even can build private clouds. So what do business decision makers really need and want?
What many need is a set of effective processes for evaluating and comparing current and candidate solutions. Those processes should be used to decide if, when and where it makes sense to adopt and integrate cloud-based services into incumbent environments. (Maybe we can call such adoptions and integrations "cloudbursts." Maybe not.) Those processes can and should also be used to decide if, when and where it makes sense to deliver on-demand utility-like IT services to users. Whether those services originate from premise-based, cloud-based, physical and/or virtual computing, storage or network platforms.
With such processes in place, business and technology decision makers can collaborate to evaluate, compare and select the best available service and resource management solutions. These, in turn, will help businesses to deliver consistently efficient and economical services to users, again wherever those services may reside. (This is why Network World recently opined that private clouds are "not for the faint of heart" in its comparison of five cloud management solutions, as you can read at http://dortchon.it/PvtCloudMgmt.)
If you're at a company that's serious about building a private cloud, you should look at the Network World comparison. You should also look at what analysts and users are saying about how Egenera, Cisco, HP, IBM and other vendors are approaching the growing need for converged, integrated management of physical, virtual, premise-based and cloud-based resources. I think this is the real goal of many if not most efforts focused on private clouds. I also think that "private cloud" is an unfortunate term that is likely more helpful to vendors trying to sell stuff than it is to business decision makers trying to run their businesses better. But I don't think the term or the debate over its definition and validity is going away any time soon…
My learned industry colleague and friend Peter Coffee of Salesforce.com recently opined that the idea of a private cloud – a cloud computing infrastructure owned and operated by and for a particular company – is a choice that doesn't really exist. If you own and operate the infrastructure, it ain't cloud computing in its most true sense, Peter said. (Of course I'm paraphrasing. You can read his exact words at http://dortchon.it/PrivateCloudQuestions.)
But another learned industry colleague and friend, Andi Mann of CA Technologies, has opined recently that the public cloud – THE cloud, according to Peter and many others, I'd wager – is not for everybody, and certainly not for every business or government agency. Andi makes many cogent and salient points, which could be taken in summary as an argument in favor of private clouds. (You can read Andi's exact words at http://bit.ly/fZS0dN.)
The thing is, I agree with Peter and with Andi. At least partly.
I think the core issue here is a need to, as they say in parliamentary procedures, "move to divide." There's the issue of IT service delivery, which is separate from IT service consumption.
If I own an IT infrastructure and I configure and manage that infrastructure in a converged, unified way, I can deliver services that can be consumed "by the drink" or per user/per month. So to my users, it looks a lot like cloud computing. Users get authorized and simply use the services they need, as they need them. But what I've built and am operating isn't THE cloud, and may or may not be a cloud. It's what some savvy vendors such as Egenera and more and more savvy analysts describe with terms such as "unified computing" and "converged infrastructure."
Make no mistake – converged infrastructures are incredibly valuable, especially if and when they help companies to manage IT more efficiently and economically. But there's nothing written in stone that says a converged infrastructure has to result in cloud-like on-demand service delivery or consumption. Convergence and unity can, at least metaphorically, stop inside the data center door and still help to reduce operational costs, improve operational responsiveness or both.
So, as Andi Mann argues, not every business can or should make the wholesale leap to public cloud solutions. However, as Peter Coffee said, it's not clear that such businesses need, want or even can build private clouds. So what do business decision makers really need and want?
What many need is a set of effective processes for evaluating and comparing current and candidate solutions. Those processes should be used to decide if, when and where it makes sense to adopt and integrate cloud-based services into incumbent environments. (Maybe we can call such adoptions and integrations "cloudbursts." Maybe not.) Those processes can and should also be used to decide if, when and where it makes sense to deliver on-demand utility-like IT services to users. Whether those services originate from premise-based, cloud-based, physical and/or virtual computing, storage or network platforms.
With such processes in place, business and technology decision makers can collaborate to evaluate, compare and select the best available service and resource management solutions. These, in turn, will help businesses to deliver consistently efficient and economical services to users, again wherever those services may reside. (This is why Network World recently opined that private clouds are "not for the faint of heart" in its comparison of five cloud management solutions, as you can read at http://dortchon.it/PvtCloudMgmt.)
If you're at a company that's serious about building a private cloud, you should look at the Network World comparison. You should also look at what analysts and users are saying about how Egenera, Cisco, HP, IBM and other vendors are approaching the growing need for converged, integrated management of physical, virtual, premise-based and cloud-based resources. I think this is the real goal of many if not most efforts focused on private clouds. I also think that "private cloud" is an unfortunate term that is likely more helpful to vendors trying to sell stuff than it is to business decision makers trying to run their businesses better. But I don't think the term or the debate over its definition and validity is going away any time soon…
Thursday, December 2, 2010
Private Clouds? Can They Exist? Are They Necessary?
An incredibly popular concept amongst those of us following business use of cloud computing is the private cloud. As near as I can tell, it's basically supposed to be a kind-of "cloud with benefits," combining the advantages of the public cloud with "enterprise-class" data protection, manageability, security and/or other features, depending on who's asking, who's answering and when.
But here's a thing -- is the idea of a private cloud an oxymoron?
My friend and fellow MIT escapee Peter Coffee is Head of Platform Research at Salesforce.com. He recently collected several disparate blog entries and related thoughts into the following, which I find to be interesting, well reasoned and thought provoking. He gave me permission to distribute it, so the text from it appears below in its entirety. (Peter adds: "this material is freely usable under Creative Commons Attribution-NoDerivs 3.0 United States as specified at http://creativecommons.org/licenses/by-nd/3.0/us/")
===
Private Clouds, Flat Earths and Unicorns
Peter Coffee | Head of Platform Research, salesforce.com inc.
A “preference” is not a choice unless the “preferred” thing actually exists. I might “prefer” a flat earth (literally, not in the Tom Friedman sense) to this pesky, not-quite-spherical planet that requires us to have time zones: I might prefer to have the whole world doing business on one common clock, and flipping between day and night like a planet-sized coin, but that's not a feasible option.
In the same vein of confusing fantasy with reality, I've lately seen dozens of statements asserting that IT managers “prefer a private cloud.” It's time to insist that a preference is only relevant when there's actually a choice to be made. The label of “private cloud” is more associated with a desire than a choice.
When someone says that they would “prefer a private cloud,” the actual attributes of desire seem to be physical possession of the data and operational control of the infrastructure. It’s impossible to have these things and still enjoy the defining benefits of the cloud.
• If you have physical possession of the data, you also have to own and maintain the data storage hardware and software.
• If you have operational control of the infrastructure, you also have to employ and supervise a team of expensive experts who spend too much of their time on tasks that add no competitive advantage to the firm – while wasting costly skills as they wait to respond to events that are critical, but in practice are quite rare.
In either case, you're structurally embedding unproductive costs – and blocking yourself from enjoying the massive economies that the cloud should be providing.
If desires are on Side 1, fears of lost capability are on Side 2 of the broken record of oft- repeated excuses for shunning true multi-tenant clouds. People routinely express concerns, whether real or pretended, about security, compliance, and the customization and integration that enterprise IT capabilities require. Let’s bust some myths.
• Security in cloud services can be constructed, maintained and operated at levels that are far beyond what's cost-effective for almost any individual company or organization. Further, it's inherent in multi-tenancy that security must address the sum of all fears of all customers: in satisfying the most demanding customers in every respect, the enterprise-grade cloud service provider will wind up exceeding the needs of almost every individual organization while sharing the costs of security on a massive scale.
• Compliance with regimens including HIPAA, Sarbanes-Oxley and other commonly encountered laws and regulations is more a challenge of policy and practice than of technology. The discipline and clarity of service invocations in true cloud environments can greatly aid the control of access, and the auditability of actions, that are dauntingly expensive and complex to achieve in traditional IT settings.
• Customization and integration of cloud services are neither intrinsically better nor inherently worse than the capabilities of an on-premise stack. There are rigid and inflexible systems, and there are powerful and productive process engineering environments, available in either kind of setting. Buyers will do best when they ask for what they need, instead of asking for what they assume they have to tolerate.
When a survey asks IT buyers to express a choice between public and private clouds, it's like asking a fairy-tale princess whether she'd rather ride a horse or a unicorn. The unicorn sure sounds better, and survey results will likely reflect that appeal.
In this or any other situation that invites a choice between a reality and a fantasy, the fantasy can be expected to get more votes – except from grown-ups, who are expected to know when something is not actually an option. Professionals do their job by making the best possible choice – among the options that are actually at hand.
Independent industry experts have lately added their voices to the debunking of the “private cloud” label. In November 2010, blogger and consultant Phil Wainewright offered this forthright advice to CIOs who are being offered a “private cloud” proposition:
The whole point of cloud computing is to be able to operate in the cloud — in that global, 24×7, connected universe where you can instantly reach and interact with your customers, your partners and your mobile employees, as well as tapping into an expanding cornucopia of third-party resources and services that can help you achieve business results faster, better and at lower cost.
Those who say that cloud is just a deployment choice, just a technology option, have shut their eyes to the wider opportunity and potential that the cloud context opens up. They’re still building application platforms and business systems that are designed without any acknowledgement of that global web of connections and resources — as if in today’s business environment, being connected is just an afterthought, an optional extra. Maybe for some applications it is, but their numbers are shrinking daily.
Further, this is now becoming a global and even geopolitical conversation. In Canada, for example, I recently read a warning against turning that country into a "technology ghetto" whose industries will be constrained "to a standard of technical stagnation and inefficiency" by failure to use the cloud to best advantage. If financial capital is wasted on imported technology that doesn't yield economic advantage, and if intellectual capital is wasted on complex tasks that are necessary but not differentiating for employers or entrepreneurs, then enterprise and national goals will not be met – or will, at a minimum, be deferred.
===
Peter's thoughts inspired me to post a discussion question about private clouds at Focus.com. You can join that discussion by visiting http://focus.com/c/EDa/. Or you can share your thoughts and reactions here, or with me directly via e-mail to medortch@dortchonit.com. I have a feeling this is an issue that isn't going away any time soon. Should be fun!
But here's a thing -- is the idea of a private cloud an oxymoron?
My friend and fellow MIT escapee Peter Coffee is Head of Platform Research at Salesforce.com. He recently collected several disparate blog entries and related thoughts into the following, which I find to be interesting, well reasoned and thought provoking. He gave me permission to distribute it, so the text from it appears below in its entirety. (Peter adds: "this material is freely usable under Creative Commons Attribution-NoDerivs 3.0 United States as specified at http://creativecommons.org/licenses/by-nd/3.0/us/")
===
Private Clouds, Flat Earths and Unicorns
Peter Coffee | Head of Platform Research, salesforce.com inc.
A “preference” is not a choice unless the “preferred” thing actually exists. I might “prefer” a flat earth (literally, not in the Tom Friedman sense) to this pesky, not-quite-spherical planet that requires us to have time zones: I might prefer to have the whole world doing business on one common clock, and flipping between day and night like a planet-sized coin, but that's not a feasible option.
In the same vein of confusing fantasy with reality, I've lately seen dozens of statements asserting that IT managers “prefer a private cloud.” It's time to insist that a preference is only relevant when there's actually a choice to be made. The label of “private cloud” is more associated with a desire than a choice.
When someone says that they would “prefer a private cloud,” the actual attributes of desire seem to be physical possession of the data and operational control of the infrastructure. It’s impossible to have these things and still enjoy the defining benefits of the cloud.
• If you have physical possession of the data, you also have to own and maintain the data storage hardware and software.
• If you have operational control of the infrastructure, you also have to employ and supervise a team of expensive experts who spend too much of their time on tasks that add no competitive advantage to the firm – while wasting costly skills as they wait to respond to events that are critical, but in practice are quite rare.
In either case, you're structurally embedding unproductive costs – and blocking yourself from enjoying the massive economies that the cloud should be providing.
If desires are on Side 1, fears of lost capability are on Side 2 of the broken record of oft- repeated excuses for shunning true multi-tenant clouds. People routinely express concerns, whether real or pretended, about security, compliance, and the customization and integration that enterprise IT capabilities require. Let’s bust some myths.
• Security in cloud services can be constructed, maintained and operated at levels that are far beyond what's cost-effective for almost any individual company or organization. Further, it's inherent in multi-tenancy that security must address the sum of all fears of all customers: in satisfying the most demanding customers in every respect, the enterprise-grade cloud service provider will wind up exceeding the needs of almost every individual organization while sharing the costs of security on a massive scale.
• Compliance with regimens including HIPAA, Sarbanes-Oxley and other commonly encountered laws and regulations is more a challenge of policy and practice than of technology. The discipline and clarity of service invocations in true cloud environments can greatly aid the control of access, and the auditability of actions, that are dauntingly expensive and complex to achieve in traditional IT settings.
• Customization and integration of cloud services are neither intrinsically better nor inherently worse than the capabilities of an on-premise stack. There are rigid and inflexible systems, and there are powerful and productive process engineering environments, available in either kind of setting. Buyers will do best when they ask for what they need, instead of asking for what they assume they have to tolerate.
When a survey asks IT buyers to express a choice between public and private clouds, it's like asking a fairy-tale princess whether she'd rather ride a horse or a unicorn. The unicorn sure sounds better, and survey results will likely reflect that appeal.
In this or any other situation that invites a choice between a reality and a fantasy, the fantasy can be expected to get more votes – except from grown-ups, who are expected to know when something is not actually an option. Professionals do their job by making the best possible choice – among the options that are actually at hand.
Independent industry experts have lately added their voices to the debunking of the “private cloud” label. In November 2010, blogger and consultant Phil Wainewright offered this forthright advice to CIOs who are being offered a “private cloud” proposition:
The whole point of cloud computing is to be able to operate in the cloud — in that global, 24×7, connected universe where you can instantly reach and interact with your customers, your partners and your mobile employees, as well as tapping into an expanding cornucopia of third-party resources and services that can help you achieve business results faster, better and at lower cost.
Those who say that cloud is just a deployment choice, just a technology option, have shut their eyes to the wider opportunity and potential that the cloud context opens up. They’re still building application platforms and business systems that are designed without any acknowledgement of that global web of connections and resources — as if in today’s business environment, being connected is just an afterthought, an optional extra. Maybe for some applications it is, but their numbers are shrinking daily.
Further, this is now becoming a global and even geopolitical conversation. In Canada, for example, I recently read a warning against turning that country into a "technology ghetto" whose industries will be constrained "to a standard of technical stagnation and inefficiency" by failure to use the cloud to best advantage. If financial capital is wasted on imported technology that doesn't yield economic advantage, and if intellectual capital is wasted on complex tasks that are necessary but not differentiating for employers or entrepreneurs, then enterprise and national goals will not be met – or will, at a minimum, be deferred.
===
Peter's thoughts inspired me to post a discussion question about private clouds at Focus.com. You can join that discussion by visiting http://focus.com/c/EDa/. Or you can share your thoughts and reactions here, or with me directly via e-mail to medortch@dortchonit.com. I have a feeling this is an issue that isn't going away any time soon. Should be fun!
Wednesday, November 10, 2010
SpotCloud: Worth Watching (and Perhaps Using)
SpotCloud is a "cloud capacity clearinghouse," a "spot market" for cloud computing capacity. Want to deploy an on-demand server instance to test or tinker with something? SpotCloud will sell you pre-configured Linux or Windows "virtual machine (VM) packages" with defined profiles and capacities, by the hour, and let you pay as you go. Got extra server capacity? SpotCloud will help you sell access to it. A kind-of brokerage for infrastructure as a service (IaaS) on demand.
The details are always the challenge, of course, but frankly, this is an idea for which the time has in fact arrived. For the right workloads and projects, SpotCloud can reduce significantly or eliminate entirely the barriers to entry into cloud computing. If you or your company have been on the fence, take a look at SpotCloud. It may provide the push you need to replace apprehension and uncertainty with some real-life experience.
The details are always the challenge, of course, but frankly, this is an idea for which the time has in fact arrived. For the right workloads and projects, SpotCloud can reduce significantly or eliminate entirely the barriers to entry into cloud computing. If you or your company have been on the fence, take a look at SpotCloud. It may provide the push you need to replace apprehension and uncertainty with some real-life experience.
Thursday, July 15, 2010
Sinclair Schuller, CEO of Apprenda: the Dortch on SaaS 3-Q Interview
Greetings. I’m refining and revising an interview format I first borrowed/adapted from my friend and colleague Philippe Winthrop of the Enterprise Mobility Foundation. Today’s 3-Q Interview is with Sinclair Schuller, CEO of Apprenda. Apprenda sells software that helps other software companies to deliver SaaS/cloud-based solutions more easily, economically, efficiently and rapidly. Sinclair has some interesting things to say to companies seeking to deliver or to deploy SaaS/cloud-based solutions, as you’ll see right now!
Q1: What is the single greatest challenge to success for software providers seeking to deliver SaaS/on-demand solutions?
A1: Easily, it’s understanding the technical and operating transition that a product company must go through to become a successful and profitable service provider. Software companies that sell on-premises products are not accustomed to offering a service that costs money – they’re used to selling perpetual licenses that have no unit cost associated with the license. As SaaS providers, they’ll be paying for servers, bandwidth, staff, and a number of other things. How efficiently they deliver their software to leverage these costs will play into determining how profitable they are. For example, choosing to not have a multi-tenant architecture could have dire economic consequences on a unit cost level.
[Editorial Aside: there is a debate in the software industry about how relevant multi-tenancy – the ability to support multiple separate groups of users with a single copy of an application – is to cloud computing and SaaS. I recommend that you read a 2008 ZD Net blog post by SaaS/cloud veteran Phil Wainewright, “Why Multi-tenancy Matters.” I also recommend a February 2010 Information Week blog post, “Why Multitenancy Matters in the Cloud,” by Alok Misra, who works for a company that provides cloud-based applications and SaaS enablement services. Without getting to far into the weeds here, multi-tenancy is an important tool for every provider of SaaS/cloud-based solutions, but is not the only way to support multiple users cost-effectively, and may not always be the best way. Back to Sinclair.]
Operationally, [those software companies] need to consider a bevy of other issues: how will I provision customers to the SaaS offering? Will they self provision? Does it require manual labor? How will I track what customer owes what money based on usage? How will I roll out an update across dozens or even hundreds of servers with minimal downtime? All of these critical considerations play into the single greatest challenge: transitioning from a product company to a service company. We work with Microsoft .NET ISVs [independent software vendors] that struggle with these questions every day, so it’s given us amazing insight.
Q2: What is the single greatest challenge to success for enterprises seeking to deploy business-critical SaaS/on-demand solutions?
A2: Establishing trust. Enterprises have built significant confidence in their IT competence, and despite carrying the costs of direct responsibility, they lower their trust [concerns] since “it’s run in-house.” Enterprises need to understand that in reality (using subjective measure) deploying a SaaS offering is safer and more trustworthy in nearly all regards. After all, do these enterprises hide their money on-premises “under a mattress” or let a third-party provider – a bank – guard their most liquid assets?
Q3: What do you see as the next "great leap forward" for the SaaS/on-demand solutions market – technological, organizational, perceptual or otherwise?
A3: I think the great leap forward will be SaaS enablement. To date, most SaaS/cloud offerings have been built as “one-offs.” That is, each SaaS company re-invented the wheel by dealing with a huge amount of SaaS-specific architecture. Technologies like SaaSGrid will define the “gold standard” of architectures by defining advanced cloud middleware, allowing companies to leverage robust SaaS stacks. This will catalyze the development of new innovative SaaS solutions by drastically reducing the amount of engineering and money spent in building pure SaaS offerings. At the end of the day, it means that the end user will have many, many more SaaS applications to choose from because someone else has helped with the architectural heavy lifting.
Dortch’s Recommendations:
R1: If you are a business technology decision makers pursuing or considering SaaS/cloud-based solutions, find a partner – a reseller or integrator, preferably one with which you’ve worked before – who “gets” your business and how SaaS/cloud solutions are evolving. If you’re a small or mid-sized business, you just don’t have the resources to devote to figuring this SaaS/cloud stuff out without help. And even if your company has an IT department, it might be worth bringing in some outside perspective, and you’re going to have to buy your solutions from someplace. It might as well be someone who knows stuff, rather than someone who just sells stuff. And if you work for a reseller or integrator, make sure your company is asking the right questions and implementing the right knowledge, policies, practices and technologies that will enable it to become such a partner – or consider changing jobs.
(In this context, I highly recommend to users, resellers and integrators the “SaaS 2.0” blog by Dan Druker of Intacct, especially the recent entries on “SaaS & Cloud Computing and the Channel.” And for what is intended as a darkly humorous take on IT teams and SaaS/cloud solutions, check out my blog post, “The Cloud? You Ain't READY for the CLOUD! (Or ARE You??)”)
R2: Once you’ve identified one or more candidate partners, as Ronald Reagan so often admonished his Soviet Union counterparts back when there was a Soviet Union, “trust, but verify.” Ask questions about multi-tenancy, data center redundancy and other critical elements of the infrastructures that will be supporting the services upon which your company relies. And ask even harder and more specific questions about your prospective partners’ relevant business experience and expertise, and their track record in helping companies similar to yours succeed with SaaS/cloud-based solutions. Make sure to record the results of these Q&A sessions, for prospective partner comparisons and because they likely each contain information you can use, no matter which partner or partners you ultimately choose.
R3: When selecting SaaS/cloud-based solutions and partners alike, focus on those that are focused on combining proven and broadly supported underlying practices, processes and technologies. Integration of new solutions and processes with the resources your company already uses and understands is paramount to the success of any new solutions, SaaS/cloud-based or otherwise. And just like you likely don’t have time to become a SaaS/cloud expert and to run your business, few if any vendors or resellers can succeed by inventing and building everything from scratch. So keep an eye on companies such as Apprenda and solutions such as SaaSGrid, of which there will be more. And keep an even sharper eye on how widely supported such solutions become, and what underlying platforms are adopted by the providers of the applications and services critical to your business. (Almost forgot: the Focus.com community is an invaluable asset for relevant observations and discussions here!)
Q1: What is the single greatest challenge to success for software providers seeking to deliver SaaS/on-demand solutions?
A1: Easily, it’s understanding the technical and operating transition that a product company must go through to become a successful and profitable service provider. Software companies that sell on-premises products are not accustomed to offering a service that costs money – they’re used to selling perpetual licenses that have no unit cost associated with the license. As SaaS providers, they’ll be paying for servers, bandwidth, staff, and a number of other things. How efficiently they deliver their software to leverage these costs will play into determining how profitable they are. For example, choosing to not have a multi-tenant architecture could have dire economic consequences on a unit cost level.
[Editorial Aside: there is a debate in the software industry about how relevant multi-tenancy – the ability to support multiple separate groups of users with a single copy of an application – is to cloud computing and SaaS. I recommend that you read a 2008 ZD Net blog post by SaaS/cloud veteran Phil Wainewright, “Why Multi-tenancy Matters.” I also recommend a February 2010 Information Week blog post, “Why Multitenancy Matters in the Cloud,” by Alok Misra, who works for a company that provides cloud-based applications and SaaS enablement services. Without getting to far into the weeds here, multi-tenancy is an important tool for every provider of SaaS/cloud-based solutions, but is not the only way to support multiple users cost-effectively, and may not always be the best way. Back to Sinclair.]
Operationally, [those software companies] need to consider a bevy of other issues: how will I provision customers to the SaaS offering? Will they self provision? Does it require manual labor? How will I track what customer owes what money based on usage? How will I roll out an update across dozens or even hundreds of servers with minimal downtime? All of these critical considerations play into the single greatest challenge: transitioning from a product company to a service company. We work with Microsoft .NET ISVs [independent software vendors] that struggle with these questions every day, so it’s given us amazing insight.
Q2: What is the single greatest challenge to success for enterprises seeking to deploy business-critical SaaS/on-demand solutions?
A2: Establishing trust. Enterprises have built significant confidence in their IT competence, and despite carrying the costs of direct responsibility, they lower their trust [concerns] since “it’s run in-house.” Enterprises need to understand that in reality (using subjective measure) deploying a SaaS offering is safer and more trustworthy in nearly all regards. After all, do these enterprises hide their money on-premises “under a mattress” or let a third-party provider – a bank – guard their most liquid assets?
Q3: What do you see as the next "great leap forward" for the SaaS/on-demand solutions market – technological, organizational, perceptual or otherwise?
A3: I think the great leap forward will be SaaS enablement. To date, most SaaS/cloud offerings have been built as “one-offs.” That is, each SaaS company re-invented the wheel by dealing with a huge amount of SaaS-specific architecture. Technologies like SaaSGrid will define the “gold standard” of architectures by defining advanced cloud middleware, allowing companies to leverage robust SaaS stacks. This will catalyze the development of new innovative SaaS solutions by drastically reducing the amount of engineering and money spent in building pure SaaS offerings. At the end of the day, it means that the end user will have many, many more SaaS applications to choose from because someone else has helped with the architectural heavy lifting.
Dortch’s Recommendations:
R1: If you are a business technology decision makers pursuing or considering SaaS/cloud-based solutions, find a partner – a reseller or integrator, preferably one with which you’ve worked before – who “gets” your business and how SaaS/cloud solutions are evolving. If you’re a small or mid-sized business, you just don’t have the resources to devote to figuring this SaaS/cloud stuff out without help. And even if your company has an IT department, it might be worth bringing in some outside perspective, and you’re going to have to buy your solutions from someplace. It might as well be someone who knows stuff, rather than someone who just sells stuff. And if you work for a reseller or integrator, make sure your company is asking the right questions and implementing the right knowledge, policies, practices and technologies that will enable it to become such a partner – or consider changing jobs.
(In this context, I highly recommend to users, resellers and integrators the “SaaS 2.0” blog by Dan Druker of Intacct, especially the recent entries on “SaaS & Cloud Computing and the Channel.” And for what is intended as a darkly humorous take on IT teams and SaaS/cloud solutions, check out my blog post, “The Cloud? You Ain't READY for the CLOUD! (Or ARE You??)”)
R2: Once you’ve identified one or more candidate partners, as Ronald Reagan so often admonished his Soviet Union counterparts back when there was a Soviet Union, “trust, but verify.” Ask questions about multi-tenancy, data center redundancy and other critical elements of the infrastructures that will be supporting the services upon which your company relies. And ask even harder and more specific questions about your prospective partners’ relevant business experience and expertise, and their track record in helping companies similar to yours succeed with SaaS/cloud-based solutions. Make sure to record the results of these Q&A sessions, for prospective partner comparisons and because they likely each contain information you can use, no matter which partner or partners you ultimately choose.
R3: When selecting SaaS/cloud-based solutions and partners alike, focus on those that are focused on combining proven and broadly supported underlying practices, processes and technologies. Integration of new solutions and processes with the resources your company already uses and understands is paramount to the success of any new solutions, SaaS/cloud-based or otherwise. And just like you likely don’t have time to become a SaaS/cloud expert and to run your business, few if any vendors or resellers can succeed by inventing and building everything from scratch. So keep an eye on companies such as Apprenda and solutions such as SaaSGrid, of which there will be more. And keep an even sharper eye on how widely supported such solutions become, and what underlying platforms are adopted by the providers of the applications and services critical to your business. (Almost forgot: the Focus.com community is an invaluable asset for relevant observations and discussions here!)
Subscribe to:
Posts (Atom)