Jul 15
The folks at Whir TV talked to James Staten of Forrester Research the cloud computing and how it fits into enterprise. You can watch the video below.
Related articles
May 20
Image by Vurter via Flickr
Googlelaunched Google Health yesterday, a way to store your health records in the computing cloud. I have no problems in putting my health records in the cloud. My insurance company has access to my health records already. If they can have it, I will have no problem with Google storing it on their clouds. Having made my beliefs with respect to storing my health care records on the computing cloud clear, I would like to add my initial observations of Google health. I may write a detailed review at a later stage but these are just some of my initial observations.
- The interface is simple, like other Google products. I like it better than any flashy designs. It is your health records and I am pretty sure many people won’t have anything flashy in it. Simple interface is always good. (Thumbs Up)
- It is not HIPAA compliant. However, Google explains why it is not necessary to be HIPAA compliant. Since Google Health is not a health care provider, they do not come under the terms of HIPAA. Google also offers a page explaining the similarities and differences between HIPAA and Google Health Policies. (Neutral)
- Google Health uses SSL encryption but I would like to see added security. First, unlike what Microsoft did when it launched Health Vault, Google health is not forcing the users to set up a strong password on their account. Second, Google Health is connected to Google accounts and hence to other Google services. Any “mishap” in one of the other services will compromise your health records. I would like to see an additional layer of protection with respect to Google Health. Well, Google suggests you to create an account just for the sake of Google Health but it is rather naive. They should add additional layer of protection for Google Health. Third, there should be an explicit warning to users every time they log into Google Health about possible security issues when accessing Google Health from public computers. Users are not all that educated about the trace of their online activities left on the computers they use. A warning should be shown before they could log into their account every time even if it is inconvenient for users. (Thumbs Down)
- Google Health is, atleast right now, US based. For a person like me who was born in another country, I need more options to make my health records complete. (Neutral)
- More importantly, there is no option to export my data from Google Health. It is a downer. I should be able to take my health records to any service I want. (Thumbs Down)
These are my initial observations on Google Health. I haven’t explored it deeply as yet. I understand that the service is still in beta and I hope they add more features in the future. Online health records are important. The complete control of the records should be given to the users. The security and privacy of the records should be given the utmost attention. Google has taken the necessary first step, along with Microsoft and many other startups. We have to wait and see how it is going to benefit the customer. I wouldn’t come to a conclusion about the merits of this service at such an early stage.
May 16
As cloud computing grows and matures, there are many vendors who venture into Software as a Service model (SaaS) targeting small and medium businesses. Recently, I was talking to a CEO of a small firm from across the world and he asked me the difference between SaaS and ASP (Application Service Providers) of the previous decade. I thought I will write a post here explaining the difference in case if others have similar questions as well. For those of you who came here with an expectation to see posts related to Open Web, I would like to point out that Cloud Computing is also part of the open web and this post highlights the importance of SaaS models built on the cloud. Since cloud computing and the business based on clouds is of interest to me, I will post some posts on these topics too.
SaaS and ASP have a somewhat similar philosophy but there are many differences that makes SaaS more competent in the marketplace than the ASP in the previous era. Lemme, explain the differences in this post.
- ASP was single tenancy whereas SaaS has multi tenancy. This offers SaaS the much needed ability to scale. ASP was limited to single organization and hence high cost of implementation. Since SaaS is shared by multiple organizations, without compromising on the reliability, security and privacy, the cost for businesses is very minimal compared to the implementation of ASP.
- In many cases, the underlying cloud is built upon open source software. The application stack also uses open source software overwhelmingly. This reduces the cost of infrastructure by several fold, thereby, bringing down the cost of implementation to a much smaller level. Today, a small business having three employees can have CRM fro free and a company with 5 employees can have it for as low as $24 per month. I am not sure about Zoho’s infrastructure but many SaaS vendors rely heavily on open source software and the associated cost savings (plus the cost savings due to multi tenancy) is passed on to the customers.
- Some SaaS vendors offer the source code under one of the open source licenses. This helps organizations some reliability in the case of SaaS vendor going out of business. As I have explained in some of the previous posts, businesses can take the source code and their data and host it anywhere in the cloud. Since the cost of cloud infrastructure is almost close to zero, this option saves a huge amount of money for businesses compared to the ASP approach.
- Unlike the ASP approach, SaaS vendors can release a particular version and it shows up for all the customers. This reduces the time and cost involved in support and security implementation. Unlike ASP, all the SaaS customers will be using the same version of the app.
- Another important aspect of SaaS vis a vis ASP is the pay as you go model (which I forgot to add in the original post and Peter Laird pointed out in the comments). This is very important from small business perspective. This kinda approach is akin to utilities where you pay only for what you use rather than a fixed amount every month.
There are various other advantages of SaaS over ASP. I am just pointing out to some of the advantages that are important according to many industry analysts (including me :-)).
PS: The basic structure of this article is based on one of the old articles on the topic by Julie Craig in one of the Internet.com reports. I added my ideas about cloud computing and open source to that structure.
Apr 21
Craig Balding raises the following issues related to security cloud computing. Since some of the issues concern to the theme of this blog, opensource, open standards and open web, I thought I will link the concerns here. Some of the issues highlight the need to have a cloud computing infrastructure without any proprietary software infrastructure.
Multiple cloud storage providers for a single app, raises some issues.* Is ISV obligated to tell you they are migrating to a cheaper cloud storage provider? (think cross border data transfer issues).
* What security ‘certification’ will take place of the new provider and what visibility will you have of that?
* How much notification do you get before the switchover?
* If you don’t want to go with the new provider, but that is the only supported option, what happens to all your data? Even if we *assume* an export function is provided you still need to find an alternate ISV that has coded a compatibility layer to access your existing data. If you can’t, where do you export the data too? Will we have ‘frozen clouds‘?
* What integrity checks take place to ensure data was properly migrated over?
* When the migration happens, what clean-up happens at the source? (can anyone say forensic wiping?). What about any backup tapes or off-line copies? Who is responsible for making sure those are wiped/destroyed?
