Head in the Clouds: SaaS, PaaS, and Cloud Strategy


June 17, 2015  9:27 AM

Is mobile software really this bad?

Joel Shore Profile: Joel Shore
Mobile Application Development, Program Debugging

Every day, I check my iPhone to see which apps have been updated. Think of it as the latest fad in armchair spectator sports. What I see only reinforces my belief that mobile apps may look pretty, but are often scary bad under the hood.

One app’s “What’s New” section reports “corrected issue with removing previous purchase,” “improved reliability,” and “corrected other issues.” Another app reports “we may have exiled some bugs.” From the Google app, we get “bug fixes and performance improvements.” Panera Bread’s app tells me “various bug fixes.” The Starbuck’s app notes “this release contains bug fixes and enhancements throughout the app.” Shazam’s 8.6.1 update tells me “We know, we broke a few things in 8.6. For those of you who’ve been getting crashes on startup, update now and things should be back to normal.” The Walgreens app, version 5.2.2, lists specific bug fixes. Evernote’s June 12 version 7.7.7 update reports “numerous bug fixes and improvements.” Even the app that I use to measure connection speed says on its latest update, “this is primarily a bug fix release.” Was it reporting erroneous speeds?

The Facebook app notes that it delivers an update every two weeks and that “every update … includes improvements for speed and reliability.” You’ve got to wonder how much faster and more stable it can get. Or, if you’re a professional skeptic like me, you wonder how miserably slow and undependable it must have been 26 updates, or a year ago.

Apps that are downright ugly or feature unfriendly, convoluted user navigation are a different matter. We’ll save that for another blog post.

Some apps are indeed problematic enough that they merit being banished from my phone. There are apps that never got past their startup screens without crashing. There are apps there were so slow as to be incredibly annoying. And there is one app that insists I’m someone else. That’s especially disconcerting.

So what’s going on? Are mobile apps as bad as these messages suggest? Well, yes and no, according to people I talked to during the recent Cloud Computing Expo in New York. We all understand that software is never really finished. On my desktop PC, Microsoft’s “Patch Tuesday” provided updates for Windows XP for 13 years, until support finally ended in 2014. The same, apparently, is true for mobile apps, only that updates come more frequently. I’ve seen updates on one day followed by another on the very next day to repair something the first update simply broke.

Is this due to bad app design? Incomplete specs? Poor coding? Inadequate testing? A rush to get apps published? A conscious strategic effort to “fail fast” and fix? Or something else?

If you’re an app designer, developer writing code, or QA tester, you already have pretty strong feelings about this. Let’s hear them.

June 14, 2015  10:35 PM

Incorporating security into an app starts on day one

Joel Shore Profile: Joel Shore
Application development, Application security, cloud encryption, Data Encryption, FIPS, Mobile Application Development, Security compliance

I won a football at the New York Cloud Computing Expo in a session about encryption. Ask a meaty question and the speaker just might toss you a prize. My question was simple: If the only way to protect all the data is to encrypt all the data (except that which is already public), aren’t edge devices like tablets and smartphones going to suffer a potentially significant performance penalty since everything will need to be unencrypted before it can be used and then re-encrypted for transmission?

Well, yes, of course, said Ray Potter, CEO of SafeLogic, as he heaved a small toy inflatable red football emblazoned with the SafeLogic logo my way. Encrypt. Just get over it. Just do it. Don’t encrypt and you’ve got a good chance of becoming front page news. Right, U.S. Government? Right, Sony? And while you’ve got encryption on your mind, understand its three pillars: confidentiality, integrity, and availability.

Confidentiality, the idea that information should not be disclosed to people who shouldn’t have it. This is the idea of encrypting data and making it unreadable to attackers. Integrity, as Potter puts it is “making sure that data isn’t mucked with in transit.” A use case might be financial transfers where you need to make sure that account numbers and amounts are not compromised.

Third is availability, which might not initially appear to be related to security. But, it is. “We see a lot of distributed denial-of-service attacks that take down a server or an entire site,” Potter says. Think about Amazon going down. That’s a major loss of both revenue and goodwill. Yes, availability is security.

Regarding encryption, Potter says it fits everywhere, even on your spiffy new smartwatch. What each business needs to undertake is a risk-management plan, figuring out where data lies in the system, classifying data in terms of its sensitivity or the assets it protects, and then assigning weighted metrics. What’s typically revealed is that encryption, which was once done at the device level, now needs to be everywhere. What it boils down to is that data needs to be encrypted both in transit and at rest. Otherwise, you could be the next Sony Pictures or Anthem Health Insurance.

When it comes to encryption standards, there’s really only one that matters, and that is FIPS 140-2. The Federal Information Processing Standard (FIPS) Publication 140-2 is a cryptographic standard maintained by the Computer Security Division of the U.S. National Institute for Standards and Technology. It encompasses four distinct security levels, but for most commercial (read that as non-governmental) applications, level one is usually sufficient.

Even though FIPS 140-2 is the standard you need to implement when building your applications, usually followed by compliance verification and certification testing for certain environments (governmental and healthcare, for example), there is one gaping hole. The current version, enacted on Nov. 15, 2001, predates mobility — the existence of tablets by a decade and the mainstream advent of mobile phones by many years.

If you’re a business that’s signing up for anything-as-a-service, part of your due diligence is a demand to see the provider’s FIPS compliance certificate. And you also need to know on what exact platforms compliance has been tested — and which platforms haven’t been tested.

 


June 12, 2015  1:43 PM

Monetization: It may be the real reason we built the cloud

Joel Shore Profile: Joel Shore
Business strategy, recurring revenue

At the Cloud Computing Expo in New York (June 9-11), there was plenty of talk about Docker, APIs, everything-as-a-service, and all manner of things technical. Yet, there was an interesting simultaneous shift in some of the conversation toward leveraging the cloud to conduct business. And that’s a good thing.

After all, you’re not in business to sell shoes, you’re in business to make money. Everyone from the CEO down to the kid in the corner cranking out lines of Python code had better understand that. If there’s one word that dominated these discussions, it’s “monetization.” And montenization is about services, not devices. Your mobile phone company really has only three things it can ever sell you: voice, text, and data. The specific devices are irrelevant. Monetization is about services.

Brendan O’Brien, chief evangelist and co-founder of San Francisco-based Aria Systems, is all about monetization, which he describes as recurring, pay-per-use revenue streams, more so than one-time transactions. Here’s the perfect example: Medical MRI machines cost millions of dollars to buy. That means only large hospitals located in major metropolitan areas can afford them. The problem, of course, is that there is a finite number of these large hospitals. And they’ve already bought their machines. The market is saturated, right? Or is it?

Drill down to the next tier and you’ll find thousands of regional hospitals, 10 for each major city hospital, according to O’Brien. They need that MRI machine, but can’t afford the enormous up-front purchase price. What they can afford is a pay-per-use scheme. And that’s exactly what this major equipment maker is doing. It’s installing machines around the world in these second-tier hospitals with Aria Systems handling the monetization aspect (which includes billing and remittance, but is so much more than that). The hospitals get their gear, the equipment maker has increased its market tenfold, and Aria handles the monetary flow, essentially an annuity. It’s a recurring revenue model.

Other examples of monetization were noted at the conference. On your car’s next set of tires, you may pay per use based on mileage instead of shelling out nearly a thousand dollars as the up-front purchase price. It’s coming. And then there’s that shoe company. What if you could get yourself the best (and likely outrageously expensive) running shoes available if you could pay for them based on a usage model that’s tied to the number of steps you take or miles you run. Don’t ponder the question too long. It’s coming, too.

Note that we’re not talking pretty cloud apps that run on a smartphone or tablet. These are the industrial cloud applications that you can’t see, the ones that run inside an MRI machine or deep within your car. These are the cloud apps of business.


June 4, 2015  9:13 AM

Cloud app functionality is not enough

Joel Shore Profile: Joel Shore
Analytical tools, Application analytics, Applications development, Cloud Applications, Mobile Application Development, User experience

You’ve got a huge portfolio of development tools for building and testing cloud applications. And you’re probably running analytics against that mountain of big data you’ve kept either on-premises or moved to cloud-storage, maybe because you’re not sure which is the better location. You can even see how users navigate through your mobile apps to see where the bottlenecks are and at what point they give up and abandon their shopping cart. But what about measuring the performance of your digital assets? Understanding that is part of delivering a good user experience.

Tools vendor Keynote is giving it a try. Its Keynote Digital Performance Intelligence product sets out to benchmark third-party services and competitive performance against an organization’s digital assets. The idea is to allow IT and business users to collaborate and get a handle on performance proactively instead of reactively. The company says the cloud-based analytics suite provides organizations with real-time insight into the performance of digital assets. That should help them improve customer experiences, which, in turn, makes corporate decision-making easier.

So, what’s really going on? Analyst Raul Castañon-Martinez of 451 Research says Keynote is integrating information from different digital channels. “Everyone talks about this but they are one of the few giving you a holistic view of how you are performing.” Castañon-Martinez says he sees a trend toward realtime analytics and tighter integration with the development function. “There’s a lot of noise in the industry and it’s hard to figure out what companies are doing and delivering. Keynote is not making much noise, but in thought leadership it stands out,” he says.

I like that idea; tighter integration between realtime analytics and development. It’s good for developers to understand how well their app functions in the wild.

Jennifer Tejada, Keynote CEO is pretty blunt about the way things work in the real world. “As organizations look to engage consumers through digital and mobile offerings, they often overlook the performance impact.” That’s probably true, but as developers’ mobile experience deepens, I expect that will lessen. Then she gets to the crux of the matter: “Research has shown that customer tolerance for failure on digital channels is significantly decreasing.”

Tejada is right about that. Attention spans seem to grow shorter with each passing decade. As a developer, what are you doing to build a user experience that makes sense, that’s easily navigable, and that won’t bomb out halfway through a shopping spree, entering sales data, or something else? It’s simply not good enough to build applications that function correctly, it’s necessary to build apps that are enjoyable and engaging to use. Because, if you don’t your competitors will.


May 15, 2015  2:59 PM

Where cloud meets Big Data: New expert advice

Jan Stafford Jan Stafford Profile: Jan Stafford
BDaaS, Big Data, Big Data analytics, Business Intelligence, cloud, Hadoop

Today, an application without data analytics is like a car without a steering wheel. It will go, but there’s no controlling its direction.

The cloud and big data are infiltrating company practices, and in some cases, they’re doing it together. The intersection of the two brings many challenges and opportunities for companies that choose to process and store big data in the cloud. Once companies decide to host big data in the cloud, they’ll want to assess their circumstances and decide what works best for them.

Nowadays, there are many emerging and evolving Web- and cloud-based technologies for controlling and using data inside applications, and they’re available as full-featured cloud suites, the popular Hadoop programming framework and other business intelligence tools that can be embedded into applications.

Recently, the SearchCloudApps team wrote a series of articles that looks at different platforms and tools developers can use to harness big data in the cloud. Here’s the lowdown on the advice, tips and information this series offers, both in our special report and supporting advice articles on SearchCloudApps.

First off, SCA News Writer Joel Shore shares advice on how software pros can use big data as a service (BDaaS) in the lead story of our special report, Pick the right tools for cloud and big data. BDaaS delivers a platform and suite of tools that can speed up builds of analytics applications. The article describes how BDaaS expands the capabilities of cloud-based analytics.

Is BDaaS the right data analytics development platform for your organization? CIMI Corp. CEO and cloud consultant Tom Nolle answers that question in the series’ second story, How to choose the best cloud big data platform. He describes and opines on BDaaS (big data as a service) and do-it-yourself options and covers the role databases play. He notes that “cloud planners need to decide on a database model, select between cloud database services and cloud database platforms, and review the features of each platform against their own special needs.”

Nolle questions a key big data tool assumption, that Hadoop fits all situations, in his tip. Cloud and big data don’t necessarily mean Hadoop. To Hadoop or not to Hadoop, he advises, depends on such variables as whether data access is centralized, the level of data distribution performance needs, database practices and more.

Joel Shore digs deeper into the pros and cons of BDaaS in his new report, Beware of the BDaaS double boomerang. What does that mean? Essentially, as data volume grows, there can be conflicts between IT, which manages data analytics processes, and marketing and other departments who demand more and more access and capabilities. “We often see the marketing and sales departments getting tired of waiting for projects, so they jump over IT and do it themselves,” Enterprise Strategy Group analyst Nike Rouda told Shore. Sounds like trouble in Data City, and that makes interesting reading.

SearchCloudApps coverage of the big data, BDaaS and cloud analytics scenes is ongoing, and our readers help us tailor our reports to your needs. Are you evaluating solutions for embedding data analytics into applications and can’t find the advice you need in these articles? Tell us about your projects, and our editors and resident experts will looks for answers to your problems.


April 23, 2015  9:15 AM

Rx for integration pain

Jan Stafford Brein Matturro Profile: Brein Matturro
Application integration, Cloud integration, SaaS

Jan Stafford, Executive Editor

In a 2014 survey, readers of SearchCloudApplications and its sister sites identified application and data integration as the biggest challenges in software-as-a-service adoption. Industry researchers agree. Gartner analyst Eric Knipp calls app integration the No. 1 barrier to cloud deployment success, and 451 Research ranks it as the second-most-acute cloud pain point, beaten only by security.

Integration pain isn’t a cloud adoption deal breaker for most companies, though. Otherwise, the cloud applications market wouldn’t be so huge—$30 billion in cloud application subscription reviews in 2014—or growing so quickly, to the tune of $67 billion in projected subscriptions in 2018, according to IT researcher Apps Run the World.

Competitive pressure spurs that growth, and integration issues have to be handled. A starting point could be answering the nine questions on cloud application integration in this guide’s first article, by Valerie Silverthorne. Each query comes with an expert how-to or why-to discussion.

An overall cloud app integration strategy should include a unifying plan for adoption projects, writes consultant Tom Nolle in his tip on integrating applications across cloud boundaries. Without a step-by-step integration approach, each cloud app adoption project has to start from scratch. Nolle advises organizations to codify best practices for each application integration component or layer.

Making applications play nicely together is only the means to cloud application integration’s goal, enabling workflow. “The purpose of cloud application integration is to connect workflows through components,” writes Nolle in this guide’s third article. Beware of tool vendors that want to tie integration projects to their cloud services and not the project’s targeted workflow goals, he advised.

Planning provides the best relief from chronic integration pain. If your organization is feeling an ache we haven’t addressed in these pages, our experts can provide suggestions for remedies.

Find out more about application integration and SaaS adoption in our e-handbook.


April 22, 2015  8:03 PM

PaaS comes into its own

Jan Stafford Brein Matturro Profile: Brein Matturro
AWS, Cloud integration, Cloud platform, PaaS

Jan Stafford, Executive Editor

2015 is—wait for it—the year of platform as a service! Of course, pundits have already given PaaS the keys. But 2015 is when they work. This is largely because Amazon released AWS Lambda PaaS in January, cementing the notion that PaaS will drive growth for infrastructure-as-a-service vendors. Also this year, more new PaaS offerings will be tailored for the Internet of Things, mobile devices and other hot technology areas.

Essentially, a PaaS system provides an integrated cloud hardware and software platform and the tools used for software development and delivery. PaaS breaks the ice for those new to IaaS. Most software architects and developers enter projects via PaaS or a PaaS-like environment and aren’t as familiar to the infrastructure, said Kris Bliesner, CEO of consultancy 2ndWatch, an AWS partner. Overall, Amazon’s potential customers need both infrastructure and a platform, he said.

Building IoT applications has been difficult in the past because few development tools could facilitate machine-to-machine communication. In 2013, this type of open source tool emerged and got the ball rolling. New cloud platform offerings embrace IoT, and there’s a laundry list of features that these PaaS IoT options must have to be viable.

IoT presents a strong use case for investing in PaaS, but it’s only one in a crowd. Businesses can use PaaS for many types of application and cloud integration projects, and future use cases abound. We kick off this handbook by exploring PaaS uses, current and future.

So here’s your passkey to the Year of PaaS.


April 22, 2015  5:11 PM

Personality counts in building apps, says IBM Cloud VP

Jan Stafford Jan Stafford Profile: Jan Stafford
API, cloud, Cloud platform, IBM, IBM Watson, Software development

“Once burnt, twice shy” is a cliché that rings true when software development teams fail to build what their target user really wants.  “Too many developers and companies know that pain of a user dropping off and never returning because the value was not there,” said Damion Heredia, IBM vice-president for Cloud Platform Services Product Management. Unfortunately, eliciting users’ true requirements often works against delivering applications as quickly as users demand. Speeding up the requirements phase of development with automated “personalization” tools is one approach to making both practices compatible.

Heredia talks about how developers can use the IBM Watson Personality Insights service in this interview.  Personality Insights is available on Bluemix, IBM’s Cloud Foundry-based open cloud development platform. The IBM Personality Insights (PI) cloud service uses linguistic analytics to determine potential software users’ needs, usage patterns and other information.

What are some ways that developers try to speed through the user requirements phase of content, service and software creation?

Heredia: The kitchen sink approach comes to mind; just throwing in lots of features to give the impression of value. On the user end, there’s a frustration point at which they’re getting a lot of content served up to them that’s not relevant, that turns them off very quickly to the product.

How would software developers use Watson Personality Insights?

Heredia: We’re making available for developers an API that can help them access personality data about their users. There’s a lot of documentation on the API and also a sandbox environment that is completely free to use.

So, when building recommendation engines around a particular set of data, a developer can embed our service into their application via the API. They’ll take that data, and they’ll actually map it to the behavioral data that they are collecting through their app. For example, they could see a certain demographic in a geographical location and tie that data to personality data.

Could you give an example of how that user data is gathered?

Heredia: The information is gathered through the Watson visual personality assessment tool. For example, say, we show a user an image with a caption associated with it, and the user has the choice between saying ‘me’ or ‘not me’ to that image, based upon their reaction to it. Behind the scenes, Watson is scoring that user’s responses as related to personality traits. We measure on over 100 personality traits, and then return to the developers the score for that user on each of those 100 plus traits. They can use that for recommendations, personalization, targeted marketing. There are other requirements aspects to explore, of course, but PI gives a view of the user that previously was unavailable so quickly.

How much impact has the rising number of mobile applications user had on the demand for tailored features?

Heredia: It’s been a huge factor, because mobile devices have become the predominant way that people access the Internet, content and applications. Mobile has disrupted the traditional text-based delivery system because mobile is a predominately visual medium. Even this (IBM PI) service is an example, because we had to design it to be used on mobile devices. Try to do a traditional personality assessment, like the Meyers-Briggs survey, on your smart phone.  Sure, you could, but you would be pulling your hair out, it would be so frustrating. So, we had to find a way for the developer to collect data in a way that reduces that friction, and makes it fun and enjoyable for the user so everyone wins in the end.


December 31, 2014  3:20 PM

2014 cloud news: IBM Watson, mobile and IoT get top clicks

Jan Stafford Jan Stafford Profile: Jan Stafford
Cloud Applications, Cloud projects, Enterprise Architects, Internet of Things, iot, Mobile development

In 2014, news about developing cloud applications using IBM Watson’s cognitive capabilities and mobile-first strategies were top traffic-getters on SearchCloudApplications. An article about developing Internet of Things (IoT) apps and a piece about enterprise architects’ cloud projects were runners up.

Looking at why these four stories attracted over 12,000 readers, I talked with our expert contributor, George Lawton, who wrote all of them. Together, we offered some footnotes to each story.

The year’s top story was “IBM’s Watson supercomputer gives developers access to cognitive cloud.” In it, Lawton describes how software developers are using IBM Watson to build customer-focused cloud-based applications. Essentially, Watson provides the ability to analyze data about customer behavior and suggest — or, even, predict — future behaviors. For example, Watson technology has been used by Fluid Inc.’s retail business customers to increase customer engagement and sales. Also, Welltok Inc. is building a Watson app that provides regular wellness activity guides and rewards for users’ healthy behavior.

IBM’s Watson Group is putting $100 million into fostering work by third-party software developers, one of those being Welltok, according an article by reporter Stephanie Neil about cognitive computing. Talking about that investment, Lawton told me that setting up a new Watson Group headquarters spurred “the single largest movement of IBM research personnel in its history,” he said. He predicts spurt of Watson-based product releases in 2015, particularly in vertical markets such as financial services, retail, healthcare and travel.

Mobile-first report takes second

High interest in SearchCloudApplications’ feature on mobile-first development of enterprise apps shows that “mobile is now a premiere consideration in the rollout of new services,” Lawton told me. Mobile-first design of applications is now a must, because people don’t have to use a computer to access information and make transactions.

The mobile-first trend has far-reaching impact. “It’s helping to redefine the traditional notion of service-oriented architectures to embrace a more flexible infrastructure based on much simpler APIs,” Lawton said. At the same time, the gap between native and hybrid development environments is starting to shrink, which promises to lower the bar in keeping up with the proliferation of iPhone, Android and now Windows devices.

Developers, take note of IoT

The intersection of cloud computing and the Internet of Things (IoT) was a buzzy topic at the 2014 Silicon Valley EclipseCon conference. Developers there posited that the cloud could enable quick tests on new IoT projects, according to SearchCloudApplications’ third most popular news story, which covered the IoT cloud discussion at EclipseCon. Cloud testing will speed development and innovation in IoT projects by reducing the number of failed projects traditionally associated with early-adopter rollouts. “Leveraging the cloud to quickly test out new ideas will allow businesses to weed out bad ideas with less risk,” Lawton said.

Watch SearchCloudApps in 2015 for regular, in-depth coverage of cloud-based IoT development. Meanwhile, catch up on IoT with articles on design issues in mobile and IoT development and how IoT technologies are impacting product development.

An enterprise architect’s cloud apps success

Everyone likes to learn by example, so it’s no surprise that a first-person account of cloud development projects was fourth on our news traffic tally. Exploring enterprise architects’ first cloud projects, George Lawton tapped the experiences of veteran software pros. Check it out to learn about how cloud helped in landing NASA’s Curiosity Rover and onboarding two companies’ sales teams to mobile and cloud apps.

If first-person articles appeal to you, you’ll find a bunch of them in our Change Agents profiles of software developers and architects.

That’s the news round-up for 2014. I can’t wait to see what tickles readers’ fancy in 2015.

Happy New Year!


December 16, 2014  2:04 PM

Popular cloud application tweets in 2014

Moriah Sargent Moriah Sargent Profile: Moriah Sargent
Automation, Cloud Applications, Integration, iPaaS, MBaaS

Based on a list of the most popular tweets by SearchCloudApplications.com this year, twitter users were interested in a variety of cloud application topics, from integration to mobile backend as a service (MBaaS) to automation. Here are five of the most clicked on tweets and the articles they referenced.

When Buying Back-end Services Beats Building

The above tweet linked to a feature on how mobile developers view building and buying backends. The tweet was the most popular of 2014, and the link grossed 179 clicks. The quote in this tweet reflects the opinion that investing in a backend service is more cost-effective than building an application’s back end. Companies in certain industries, however, may want to avoid MBaaS for compliance reasons. Check out the story for more specifics from developers who have carefully considered if MBaaS is right for their companies.

What Is iPaaS.

When integration platform as a service (iPaaS) began to pop up in the cloud app world, there was some confusion over what the service provided customers. Some of that confusion remains because iPaaS is still nascent. When SearchCloudApplications.com shared our definition of the term, different tweets with a link to the article where clicked on several times and retweeted a handful of times. The definition is a good starting point for those who are unfamiliar with iPaaS, as well as developers in need of a refresher.

Automated Office Suite Advances Strategic SaaS

Automation is a tricky but appealing part of IT. For companies that are able to automate some of their processes, automation can save time and money. SearchCloudApplications.com’s third most clicked on tweet of 2014 was about how cloud computing company Strategic SaaS adopted automated migration software to upgrade the company’s operation, a good case study for other companies considering automation.

Effective Tools for Cloud App Integration

Integration appears for the second time on this list with the above tweet, which was the fourth most popular tweet by SearchCloudApplications.com this year. The tip linked to in this tweet provided readers with information on some common and useful tools for cloud app integration. Covering iPaaS and software as a service vendors, this tip reviews some new products that readers might find useful to their companies.

Why MBaaS Helps GSN Games

MBaaS joins integration as the reoccurring topics in the top five tweets of the year. This feature highlighted in the tweet above examined an MBaaS success story. It’s another good read for mobile developers, particularly those who are struggling with handling the back end of their applications.

Follow us on Twitter @SearchCloudApps if you’re interested in receiving tweets like those above on a regular basis.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: