• Who Said Accountants Were Backwards?


    Interesting to see this video that Findlay & Co, a New Zealand chartered accountancy firm, came up with:

    It’s all part of a campaign to promote their new “iCrunch” website , essentially an online tool to get a quotation for compliance work with the ability to pay in advance. Their quote engine consists of a simple form to fill in:


    Of course anything this simple needs to be priced with enough breadth to cover all bases – I ran one of my businesses through iCrunch and the quote at the end was significantly more than what I’ve paid previously. However for many businesses, the certainty of knowing what their compliance will cost from the outset is worth a lot – there’s many organizations that will appreciate the help that a service like iCrunch can bring. Hat tip to the Xero blog for pointing this out.

    CloudAve is exclusively sponsored by

    Read more

  • Video: Cloud Computing Economies Of Scale

    From time to time, I find some really interesting talks on cloud computing and I share those videos here at Cloud Ave, essentially acting as a filter and sharing talks I consider important for our readers. I came across one such talk (thanks to Mark Masterson) from a conference that was held in March. It was a talk by James Hamilton of Amazon Web Services (yeah, the same guy whom Amazon grabbed from Microsoft sometime back) at Mix 10 at Las Vegas. He shows beautifully how cloud computing is not a fad and, in fact, the right way to go forward. The whole talk is amazing but I would ask you not to miss an important data point he offers which debunks the conventional wisdom about server utilization. He shows how our idea of consolidating resources and shutting down unused resources is wrong and this data point could also tell us why Amazon jumped into offering cloud services in the first place. A great talk and worth every minute you spend on it.
    If the above embed doesn’t work on your browser, please use the following link.
    CloudAve is exclusively sponsored by

    Read more

  • Standards Or Openness?

    Lew Moorman writing on GigaOm (warning: two weeks old post) suggests that openness is more important standards because it gives more options to consumers. 
    Many suggest that standards are the key to encouraging broader adoption of cloud computing. I disagree; I think the key is openness. What’s the difference? In the standards approach, a cloud would look and work just like any other. Open clouds, on the other hand, could come in many different flavors, but they would share one essential feature: all of the services they’d offer could run outside of them.
    I completely agree with his take. I also feel the same if we have to decide between openness and standards. I would love to open this up for debate and want to hear more from both practitioners and users on what they think about it. Feel free to jump in and debate.
    Disclaimer: Rackspace is a client of Diversity Analysis.
    CloudAve is exclusively sponsored by

    Read more

  • Did Somebody Say Relying On Third Party Cloud Vendors Is A Risk?

    One of the biggest criticisms leveled against Cloud Computing, in general, and SaaS, in particular, is the reliance on third party for the availability of applications. It is true that SaaS forces you to rely on the third party vendors because the resources lie on the datacenters elsewhere as opposed to your local machine or on-premise datacenters. But, I do not agree that SaaS cannot be trusted just because we have our applications and data elsewhere. In my opinion, it is pure FUD than anything else.
    Our reliance of third party providers dates long back into the human history. Even in the traditional computing world, we have to rely on many third party vendors from electricity to run the business to proper functioning of computing resources to operating system to software. Even though they are located on premise, there is some sort of reliance on third party vendors and service providers. When we buy a software from a traditional vendor, we trust them to work the way we want (unless it is open source), we trust the vendors to make timely security patches and updates, we rely on the update to work flawlessly, etc.. Once upon a time we relied on the vendors to send the updates and patches through media. We trusted that the vendors will send in time, the carriers will deliver it properly and the media will work flawlessly. Once internet became part of our lives, we trusted the vendors to send the patches and updates through the internet so that our software are updated regularly. In short, we have been relying on third party for many of our computing tasks forever. As the vehicle of delivery changes and matures, we rely more and more on such third party providers to save time and cost. Now, with the maturation of internet and internet capable devices of many form factors, we are trusting third party providers to deliver the applications and other computing services through the internet for consumption. This is a normal progression in any technological evolution. Trying to spin it in any other way is pure FUD.

    I hope a recent incident involving a traditional software vendor puts an end to such FUDs. If the traditional form of computing is more reliable, I would love to hear from the FUD promoters about their reaction to what happened in enterprises all over the world after a McAfee security update. Today, McAfee acknowledge the problem through a blog post.
    Early Thursday morning (at around 1 AM PT) we published a SuperDAT Remediation Tool to help customers fix affected systems. The tool suppresses the driver causing the false positive by applying an Extra.dat file in folder. It then restores the “svchost.exe” Windows file, the file quarantined as a result of the false detection.
    What is McAfee doing to make their customers comfortable? They assured them that they will improve their quality control to prevent such mishaps in the future.
    To prevent this from happening again, we are implementing additional QA protocols for any releases that directly impact critical system files. In addition, we plan to add capabilities to our cloud-based Artemis system that will provide an additional level of protection against false positives by leveraging an expansive whitelist of critical system files
    Apart from the irony that they are relying on the cloud to stop such mishaps with the traditional software, the important point is that they are asking their customers to trust them and their process. I am not writing this post to diss McAfee or make fun of their misery. I just want to point our once again (hopefully, for a last time) that our reliance on third party providers is nothing new and we rely more and more on them to have huge savings as the vehicle for delivery matures. SaaS (and Cloud Computing) is just part of this evolution and any FUD against them is plain ridiculous.
    CloudAve is exclusively sponsored by

    Read more

  • T Shirt Friday #40 – CloudCamp


    cc-t-frontEveryone knows that professional conference goers like myself attend events not to listen to presentations, not to network but to collect schwag. Over the past couple of years I’ve done fairly well collecting tech t-shirts and I decided to create a weekly series critiquing tech companies t-shirt offerings in the expectation that a company with  a great t-shirt is a prime candidate to have a great product also. Click here to see the series.

    If you’d like your t-shirt reviewed, flick me an email to arrange things. The judges decision is, of course, final and very little correspondence will be entered into (perhaps).

    For the one or two readers of this blog who don’t already know, CloudCamp is a series of events where:

    early adapters of Cloud Computing technologies exchange ideas.

    I’m the Australasian organizer for the events and am also helping run events in Denver and the Middle East this year. Given my involvement, and the fact that I actually printed these T Shirts myself, one could surmise that I’m a little biased in my assessment of these shirts – I’ll do my very best to remain suitably neutral though! cc-t


    • White T Shirts are good!
    • CloudCamp is (OK so I’m biased!) a beautiful thing. Antipodean CloudCamps are even better
    • The CloudCamp logo is a subtle and attractive one


    • The shirts are made in China (yes OK – feel free to call my a blatant hypocrite!) – at least they’re printed here in EnZed!


    CloudAve is exclusively sponsored by

    Read more

  • Video: Does Open Source Mean Open Cloud – Panel Discussion

    There was a panel discussion held sometime back during the collaboration summit 2010 and the topic was “Does Open Source Means Open Cloud”. Since this topic is closer to my heart and of interest to many of Cloud Ave readers, I am embedding the video here. You could also view the video directly on this link.
    CloudAve is exclusively sponsored by

    Read more

  • Salesforce takes it to Data Services Companies


    I’m all about disruption. It never ceases to amaze me the impact that small agile players can have when up against the well funded big boys. Witness RedMonk  going up against Gartner et al. As a SaaS CEO I…

    Read more

  • PaaS Is The Future Of Cloud Services Series

    Diagram showing overview of cloud computing in...

    Image via Wikipedia

    There is an overwhelming view among the pundits that PaaS is the future of cloud services and IaaS will slowly go into the background. In fact, in my opinion, PaaS is the idea of cloud computing that comes closer to the utility comparison made by Nick Carr in his book “The Big Switch”. In this series I am going to dig deeper into the future of PaaS and how various companies are positioning themselves to meet this future. In this first post of the series, I am going to dig deeper into the general idea and then take a look at how different players from the entire cloud stack, IaaS to SaaS, are playing the game. In the next post, I will talk about one of the interesting companies in the mix, Heroku, and briefly touch upon a recent news that came out recently.

    Why PaaS and Why Not IaaS?

    The poster boy (girl) of cloud computing is Amazon Web Services and they are basically an IaaS player offering compute and storage services. Their huge success is one of the reasons why cloud computing is gaining so much traction with everyone from individual developers to small businesses to enterprises. They completely altered the way we do computing by cutting down the costs drastically empowering the startups and small business to have IT similar to that of enterprises. Their success has lead many more providers to jump into the infrastructure game making IaaS the pretty girl (handsome boy) in the cloud computing block.

    IaaS completely changed the way developers deployed their applications. Instead of spending big with their own datacenters or managed hosting companies or colocation services and then hiring operations staff to get it going, they can just go to Amazon Web Services or one of the other IaaS providers, get a virtual server running in minutes and pay only for the resources they use. With cloud brokers like Rightscale, enStratus, etc., they could easily grow big without worrying about things like scaling and additional security. In short, IaaS and other associated services has enabled startups and other businesses focus on their core competencies without worrying much about provisioning and management of infrastructure. IaaS completely abstracted the hardware beneath it and allowed users to consume infrastructure as a service without bothering anything about the underlying complexities.

    Even though IaaS made it easy for developers to go to the market fast with their applications and other services, it still required them to have some operational expertise. In the case of startups and other small companies, the use of IaaS still required the developers to know a bit about managing the virtual servers, OSes, middleware stack, etc.. If the developers didn’t have much expertise, they had to hire sysadmins who could take care of managing the infrastructure. On the enterprise level, it needed significant investments in operations workforce. In short, it was not the cloud which Nick Carr made us all to imagine.

    This is where PaaS came in handy. PaaS is one layer above IaaS on the stack and abstracts away everything up to OS, middleware, etc.. This offers an integrated set of developer environment that a developer can tap to build their applications without having any clue about what is going on underneath the service. It offers developers a service that provides a complete software development lifecycle management, from planning to design to building apps to deployment to testing to maintenance. Everything else is abstracted away from the “view” of the developers. In short, PaaS takes operations out of the picture and gives the developers a complete peace of mind. With IaaS, a developer with no help on operations from people with sysadmin skills is very likely to botch up the application either at its inception or while scaling. PaaS makes developers succeed even if they are completely “operations blind”. This makes PaaS ver attractive for the future of cloud computing.

    The advantages of PaaS are

    • Complete abstraction all the way up to development environments and other middleware components, taking the operations out of the picture
    • Considerable cost savings and faster time to market
    • Better security. As Chris Hoff pointed out,  one could enforce sanitary programmatic practices across the derivate works built upon PaaS

    Does it mean end of road for IaaS?

    Not really. PaaS will not kill off IaaS. Rather, it pushes IaaS completely into the background. Even in a PaaS dominated world, IaaS is still important because

    • PaaS will not be dominated entirely by big players like Google or Microsoft. There will be many smaller level players, some of whom offer some niche platforms. For example, PaaS companies like Heroku and Engine Yard can’t afford their own datacenters. Such players will run on top of IaaS
    • There are other component services that extend core PaaS platforms. These players will run on top of IaaS while integrating with PaaS players
    • There may be many developers who want custom platform stack for their needs. Such developers will always need IaaS

    There are many other reasons why IaaS will exist in the background ceding limelight to PaaS.

    The Future Of IaaS Vendors Are Gloomy. Huh?

    Not exactly. Many IaaS vendors are understanding the PaaS based world in the future. That is why they are already planning to move up the stack. Whether it is public cloud providers like Amazon or players who are strong in the private cloud space like VMware, they are already moving up the stack. We will continue to see this trend where these originally IaaS players differentiate themselves in the PaaS layer. It is not just the IaaS vendors who are moving up the stack but we are also seeing SaaS vendors moving down the stack. For example, we have seen how Salesforce is trying to make their Force.com platform attractive for the developers. SaaS vendors are also seeing a PaaS future and are repositioning themselves to take advantage of such a future.

    In the future posts in this series, I will take individual providers and dig deep into their offerings, strategies, etc.. The next post in this series will feature Heroku and I will follow it up with other players in the coming weeks.

    CloudAve is exclusively sponsored by

    Read more

  • SaaS Sales – Don’t Discount Traditional Channels


    We’ve heard for years that SaaS applications will disintermediate traditional marketing channels with it’s direct to consumer and viral uptake – many were envisaging a future without traditional media usage. The truth however seems to be somewhat different – the number of SaaS vendors I’ve spoken to recently who are embarking on “traditional” approaches is legion.

    Many are embracing channel partnerships with “old-school” services companies – witness NetSuite’s (see disclosure) new SP100 reseller model (I analyzed the move here). Witness also Intacct (see disclosure) partnering with the AICPA to sell/market/endorse their product through US CPAs.

    I recently spoke with CEO of Acumatica (more on them here) Ezekiel Steiner about their channel strategy specifically, but more generally channel strategies for ERP vendors.

    Accumatica is 100% committed to a channel strategy and sees a significant conflict with vendors who embrace both a channel and a direct sales approach. In fact Steiner went so far as to call the NetSuite moves a “gimmick” given previous comments they’ve made about the validity (or otherwise) of a channel model. Steiner believes that, for mid-market ERP products at least, a channel strategy is the only way to make money. This belief is gained from experience seeing just how much implementation help customers want – price points on mid-market ERP products are such that a direct sales and support channel isn’t viable for a vendor to establish and maintain.

    My analysis isn’t quite as stark as that of Steiner – while I’d concur that the channel is important for existing customers looking to transition to new products, there is a large number of greenfield opportunities such as businesses growing out of a lower level accounting product, and they are still likely to be amenable to the direct approach.

    I would say that a clear delineation is required between reseller prospects and direct sales prospects – resellers are feeling very fragile right now and any dual-channel approach is going to be approached with caution – it’s vitally important for vendors going down this route to have a clear demarcation in place so resellers can feel secure in the partnership.

    SaaS sales strategy, and in particular channel approaches, is an intensely interesting topic (well, to me anyway) – I’m keen to hear other vendor’s thoughts about this – flick me an email at [email protected]

    CloudAve is exclusively sponsored by

    Read more

  • Vindicia Builds a Tunnel to Relaxation


    PCI compliance is hard. Hard, expensive and time consuming. Third party subscription and billing vendors have attempted to remove as much of the burden of PCI compliance from their customers but one barrier remains – any business that wants to allow customers to enter their credit card details in their own site, and in familiar surroundings, still has a PCI burden because of the credit card details entered into their site. In an effort to remedy ulcers and late nights for vendors (or their PCI compliance people at least) Vindicia (see disclosure) has decided to do something about it.

    They’ve today announced their Hosted Order Automation (HOA) capabilities. By using HOA, online merchants are able to completely offload PCI compliance to Vindicia while maintaining control over their customers’ buying experience. HOA allows merchants to accept credit cards on their own order pages without ever touching a credit card and subjecting themselves to PCI regulations.

    What HOA does (beyond the press release hype) is to create a secure tunnel between a field within a vendors credit card form, and Vindicia’s own servers. In effect when a customer enters their credit card number, they are doing so within a Vindicia form field, but on the vendor’s own page. HOA requires only a code snippet within the page so existing customization and styling is retained and customers have a seamless on-site experience. The transactions progresses like this:

    1. Consumers visit the vendor’s website and want to make a purchase or update their payment method.  As they request the page, a call is made to CashBox that contains the function being used and the IP address of the customer.
    2. CashBox creates a secure session that allows customer payment information to be submitted directly.  The customer continues to enter their data into the form fields on the page as they would normally. For additional security, the session will time out after a pre-configurable amount of time.
    3. Once the customer submits their information, it is sent directly to CashBox and bypasses the vendor’s servers altogether. CashBox validates the IP address as an additional security measure and stores the customer data and payment information with the requested action.
    4. The customer is redirected to the results page by CashBox. As the redirect loads, the successful receipt of customer information is returned. Once the vendor’s servers receive this information, another call to CashBox is made requesting the actions be performed (e.g., fraud screening, authorization, tokenization, new account signup, payment capture or update).
    5. The success or failure of the requested action is passed back to the vendor’s server upon completion, with all of the necessary information (results, tokenized payment method, etc…) to display a detailed confirmation message to the customer on the results page.

    Or if you much prefer a purty picture, like this:


    Hosted Order Automation is available immediately as part of the Vindicia CashBox solution. Wait and see how the competition reacts…

    CloudAve is exclusively sponsored by

    Read more