Zemanta - reblog

What is Reblog?

It’s the easiest way to post quoted text to your blog, no matter where you find it on the Web. Just select text to quote, add your comments, then publish it instantly to your blog. It’s that simple!

Download Zemanta

Select Text & Write Your Post

» Preview & Publish

» Done!

Aug02Conservatism and Cloud ComputingCloud Computing, General2 Comments »

I don’t talk politics in this blog (and have other outlets to vent my feelings) but I can’t help in this case. Conservatives pull back any attempts to push the envelope while dealing with social issues by inculcating fear in the minds of people. That is what is happening with regards to cloud computing too. Those companies whose business interests are threatened by cloud computing and those in media who are wedded to these companies and their technology, are unleashing a wave of fear about cloud computing. The traditionalists in the software world take an upcoming promising technology that is still in its infancy and use fear tactics to seed confusion in the minds of users. We saw a security meme in the blogosphere that cast a huge shadow of vulnerability on the very concept of cloud computing. Then, with the release of Kaminsky’s DNS exploit in the wild, people are talking about how it exposes the inherent security risks in the cloud computing world. If you are someone who is bitten by this fear bug, I want to point out that all these vulnerabilities they point out (and even more) exist in the current world of online services and traditional software too. We saw similar wave of fear when email was gaining traction. The threats of spam and phishing still exists but we are not going back to using snail mail. The scenario is similar in the case of cloud computing. There are threats to cloud computing and I am not denying it. But if you do the risk benefit analysis, the advantage of cloud computing outweighs the threat factor. Also, the scenario is similar to what happened when we changed from person to person direct talking to telephonic conversations. It is same as what happened when we changed from snail mail to email. The threats shouldn’t force us to shut down cloud computing. If we do it, then the threat wins. Instead, we should take on the threats to cloud computing head on and try to minimize the impact. We should focus on developing better cloud technologies that eliminate these threats. More than anything else, we should realize that all these security threats (pointed out in the cloud security meme and talk about how Kaminsky exploit can affect cloud computing) exists in the case of traditional software services and in the current day data center based traditional web hosting approaches. Let us look forward than look backwards due to the wave of fear unleashed by traditionalists.

Jul15Cloud Computing and EnterpriseCloud ComputingNo Comments »

The folks at Whir TV talked to James Staten of Forrester Research the cloud computing and how it fits into enterprise. You can watch the video below.

May20Google Health: Some observationsCloud Computing, Health Care, Security3 Comments »Googlelaunched Google Health yesterday, a way to store your health records in the computing cloud. I have no problems in putting my health records in the cloud. My insurance company has access to my health records already. If they can have it, I will have no problem with Google storing it on their clouds. Having made my beliefs with respect to storing my health care records on the computing cloud clear, I would like to add my initial observations of Google health. I may write a detailed review at a later stage but these are just some of my initial observations.

  • The interface is simple, like other Google products. I like it better than any flashy designs. It is your health records and I am pretty sure many people won’t have anything flashy in it. Simple interface is always good. (Thumbs Up)
  • It is not HIPAA compliant. However, Google explains why it is not necessary to be HIPAA compliant. Since Google Health is not a health care provider, they do not come under the terms of HIPAA. Google also offers a page explaining the similarities and differences between HIPAA and Google Health Policies. (Neutral)
  • Google Health uses SSL encryption but I would like to see added security. First, unlike what Microsoft did when it launched Health Vault, Google health is not forcing the users to set up a strong password on their account. Second, Google Health is connected to Google accounts and hence to other Google services. Any “mishap” in one of the other services will compromise your health records. I would like to see an additional layer of protection with respect to Google Health. Well, Google suggests you to create an account just for the sake of Google Health but it is rather naive. They should add additional layer of protection for Google Health. Third, there should be an explicit warning to users every time they log into Google Health about possible security issues when accessing Google Health from public computers. Users are not all that educated about the trace of their online activities left on the computers they use. A warning should be shown before they could log into their account every time even if it is inconvenient for users. (Thumbs Down)
  • Google Health is, atleast right now, US based. For a person like me who was born in another country, I need more options to make my health records complete. (Neutral)
  • More importantly, there is no option to export my data from Google Health. It is a downer. I should be able to take my health records to any service I want. (Thumbs Down)

These are my initial observations on Google Health. I haven’t explored it deeply as yet. I understand that the service is still in beta and I hope they add more features in the future. Online health records are important. The complete control of the records should be given to the users. The security and privacy of the records should be given the utmost attention. Google has taken the necessary first step, along with Microsoft and many other startups. We have to wait and see how it is going to benefit the customer. I wouldn’t come to a conclusion about the merits of this service at such an early stage.

May16How is SaaS different from ASP of the past?Cloud Computing2 Comments »

As cloud computing grows and matures, there are many vendors who venture into Software as a Service model (SaaS) targeting small and medium businesses. Recently, I was talking to a CEO of a small firm from across the world and he asked me the difference between SaaS and ASP (Application Service Providers) of the previous decade. I thought I will write a post here explaining the difference in case if others have similar questions as well. For those of you who came here with an expectation to see posts related to Open Web, I would like to point out that Cloud Computing is also part of the open web and this post highlights the importance of SaaS models built on the cloud. Since cloud computing and the business based on clouds is of interest to me, I will post some posts on these topics too.

SaaS and ASP have a somewhat similar philosophy but there are many differences that makes SaaS more competent in the marketplace than the ASP in the previous era. Lemme, explain the differences in this post.

  • ASP was single tenancy whereas SaaS has multi tenancy. This offers SaaS the much needed ability to scale. ASP was limited to single organization and hence high cost of implementation. Since SaaS is shared by multiple organizations, without compromising on the reliability, security and privacy, the cost for businesses is very minimal compared to the implementation of ASP.
  • In many cases, the underlying cloud is built upon open source software. The application stack also uses open source software overwhelmingly. This reduces the cost of infrastructure by several fold, thereby, bringing down the cost of implementation to a much smaller level. Today, a small business having three employees can have CRM fro free and a company with 5 employees can have it for as low as $24 per month. I am not sure about Zoho’s infrastructure but many SaaS vendors rely heavily on open source software and the associated cost savings (plus the cost savings due to multi tenancy) is passed on to the customers.
  • Some SaaS vendors offer the source code under one of the open source licenses. This helps organizations some reliability in the case of SaaS vendor going out of business. As I have explained in some of the previous posts, businesses can take the source code and their data and host it anywhere in the cloud. Since the cost of cloud infrastructure is almost close to zero, this option saves a huge amount of money for businesses compared to the ASP approach.
  • Unlike the ASP approach, SaaS vendors can release a particular version and it shows up for all the customers. This reduces the time and cost involved in support and security implementation. Unlike ASP, all the SaaS customers will be using the same version of the app.
  • Another important aspect of SaaS vis a vis ASP is the pay as you go model (which I forgot to add in the original post and Peter Laird pointed out in the comments). This is very important from small business perspective. This kinda approach is akin to utilities where you pay only for what you use rather than a fixed amount every month.

There are various other advantages of SaaS over ASP. I am just pointing out to some of the advantages that are important according to many industry analysts (including me :-)).

PS: The basic structure of this article is based on one of the old articles on the topic by Julie Craig in one of the Internet.com reports. I added my ideas about cloud computing and open source to that structure.

Apr21Some concerns about cloud computingCloud ComputingNo Comments »

Craig Balding raises the following issues related to security cloud computing. Since some of the issues concern to the theme of this blog, opensource, open standards and open web, I thought I will link the concerns here. Some of the issues highlight the need to have a cloud computing infrastructure without any proprietary software infrastructure.

Multiple cloud storage providers for a single app, raises some issues.

* Is ISV obligated to tell you they are migrating to a cheaper cloud storage provider? (think cross border data transfer issues).
* What security ‘certification’ will take place of the new provider and what visibility will you have of that?
* How much notification do you get before the switchover?
* If you don’t want to go with the new provider, but that is the only supported option, what happens to all your data? Even if we *assume* an export function is provided you still need to find an alternate ISV that has coded a compatibility layer to access your existing data. If you can’t, where do you export the data too? Will we have ‘frozen clouds‘?
* What integrity checks take place to ensure data was properly migrated over?
* When the migration happens, what clean-up happens at the source? (can anyone say forensic wiping?). What about any backup tapes or off-line copies? Who is responsible for making sure those are wiped/destroyed?

Krishwords, Jul 2008

Title

Post

Tags(separate multiple tags with commas: cats, pet food, dogs)

Pick a Quote and Write your post »

Preview & Publish

» Done!

No title

Note: The final appearance of your post may be different, depending upon your blog’s style sheets.

loading

Publish to your blog ...

Like yourblog.blogspot.com, yourblog.typepad.com, yourblog.wordpress.com

We will not store your username or password—ever.

... or copy the code into your blog.