IDC Forecasts $24 Billion Annual Spend on Hosted Private Cloud Services by 2016


A February 28, 2013 article in bizcloud by razavi entitled Hosted Private Cloud Services to Surpass $24 Billion in 2016 reports on International Data Corporation’s (“IDC”) optimistic outlook for Hosted Private Cloud (“HPC”) services in the near future. IDC predicts a compounded annual growth of more than 50% for the next 5 years. IDC predicts that the coming growth of HPC will transform how IT providers for outsourcing and hosting will provide their services.

The two types of deployment models for Cloud Services are:

1.       Public Cloud:  Opened to an unrestricted number of users who share services, and

2.       Private Cloud: Where a single Enterprise has defined users restrictions on access and level of allocated resources.

HPC is a hybrid of the private cloud services model and this hybrid can be further broken down into 2 models:

1.       Dedicated Private Cloud - Focus is on the needs of one enterprise with significant customer control over the contracted resources.

2.       Virtual Private Could – Contains shared virtualized resources with a wider range of customer controls and security options.

Robert Mahowald, Research Vice President at IDC and leads the SaaS and Cloud Services practice stated, “IDC anticipates that virtual private cloud will be the predominant operational model for companies wanting to take advantage of the speed and lower capital costs associated with cloud computing …”

As current IT buyers with an aging infrastructure look to the cost savings available from the Cloud, they will recognize the need to centralize their management of their cloud capabilities. These buyers are more likely to be Virtual Private Cloud customers. Enterprises with existing outsourcing and hosted environments will be looking for relief in the asset management and operational reliability area. These enterprises will probably be the Dedicated Private Cloud purchasers. Large incumbent packaged software providers and equipment providers, global systems integrators, professional services firms, and telecommunications service providers will be the beneficiaries as the Dedicated Private Cloud grows. Conversely, a new crop of vendors will benefit if the Virtual Private Cloud becomes the dominant model as IDC predicts.

Robert Mahowald stated:

“Not even the largest technology incumbents can sustain IT market leadership without achieving leadership in cloud services. Quite simply, vendor failure in cloud services will mean stagnation. Vendors need to be doing everything they can – today – to develop a full range of competitive cloud offerings and operating models optimized around those offerings.”


Cloud Predictions for 2013



James Staten, Vice President and Principal Analyst serving Infrastructure & Operations professionals for Forrester, has written an article entitled 2013 Cloud Predictions: We’ll Finally Get Real About Cloud . In his article he and his team state that Enterprise IT departments have finally accepted the realities of the Cloud. Enterprise use will continue to grow through 2013 as Enterprises begin budgeting for Cloud services and development of private clouds as they prepare to deploy applications in the cloud.

Staten and his team put together what they expect will happen to Cloud Computing in the coming year. Here is a very brief synopsis of their top ten predictions:

1.       Enterprises will shake the idea that all must go into the Cloud: IT professionals will get a handle on what does and what does not belong in the Cloud based on the relative stengths and weaknesses of the platforms and how they differ with traditional methods and hosting.

2.       Cloud and Mobile will become one:  Mobile applications will connect to Cloud based back-end-services and not to your datacenter. This will shield your data from the voluminous requests from mobile clients.

3.       Cloud Service Level Agreements will change: The ability to recover quickly from setbacks (i.e. resiliency) will be built into the application itself. This avoids the need to negotiate an ironclad SLA for the Cloud when such protections are only needed for specific apps.

4.       ROI from Cloud Services and Platforms requires Cost Modeling: Model the costs to the specific applications. There are Cloud-Monitoring tools available and also the vendors use cost reporting tools.

5.       Infrastructure and Operations accepts the Cloud: In-House Developers will be using the Public Cloud and Infrastructure and Operations teams will accept this fact and use it to promote better communication regarding security and oversight.

6.       Use of the Cloud for Back-up and Disaster Recovery: Cloud computing and its pay-per-use pricing model lets you pay for long-term data storage while only paying for servers when testing or declaring a disaster.

7.       Stop thinking the Cloud is a Comodity: Even though Cloud services are highly standardized they are beginning to be backed-up by different and high-end hardware. Vendors will begin to offer these choices to meet specific market demands.

8.       Amazon Web Services will begin to lose market share: Amazon’s 70% market share will begin to erode from competitors such as Microsoft, Google, and other new entrants to the market.

9.       Virtulization does not mean the Cloud: A Virtual Environment usually does not offer self-service to the developer, fully-automated provisioning, standardized services, or cost transparency. The Infrastructure and Operations teams will learn to live with both types of enviroments.

10.  Development is not different in the Cloud:  Developers will realize that the majority of languages, frameworks, and development methodologies used in the enterprise are also in use in the cloud. There are no cloud-specific or cloud-best languages



Interview with Aaron Levie: Box CEO


In my September 25th posting in this Blog in the article entitled “Not yet Convinced? Here is Cloud Computing 101” I mentioned a case study of a company called Box in the Harvard Business Review I had been reading. The case study touted the advantages and efficiencies that Cloud Storage can provide to a global enterprise.

Recently I came across an interview of the Box CEO, Aaron Levie, conducted by James Temple of the San Francisco Chronicle’s SFGate entitled “Box CEO on growth, rivals and the inevitable IPO”. It’s a good interview. Temple asks the right questions covering a wide range of issues and does so in a non-restrictive manner which allows Levie to expound a bit in his responses. Levie’s answers gives us a bit more insight into the workings and future plans of what is sure to be one of the leaders in this new emerging area. Here are some of the highlights:

Regarding Growth: Levie explains, that in the evolving computing world as enterprises move from on-premise systems to more on-line applications and use more products like i-Pad and other handheld devices, the need for new ways to manage content will evolve. Levie states that Box is sitting at the confluence of this evolution, and mobility, and the cloud.

How will Box differentiate itself among its competitors if storage is basically a commodity: Levie explains that he will compete with the likes of Google Drive and Apple’s iCloud by creating value on top of the storage. He explains, “As you add more content into Box, Box gets smarter about your information. We can do much better things around analyzing that content and helping you discover more relevant information.”  Box’s research and development will be targeted at allowing information sharing and collaboration thus allowing the enterprise to leverage its intellectual property.

What’s the next new thing from Box:  Levie described their customers’ needs to have their data accessible across all applications from anywhere on the globe. Customers want to avoid reproducing the same data in different environments.   Box is anticipating the “post-PC enterprise”.

Is there an IPO in the offing: Temple asked the obvious since this summer, Box closed a $125 million funding round that reportedly valued the company at $1.2 billion. Levie, the consummate CEO, handled this adroitly.

Top 10 Concerns Holding Back Cloud Adoption


Article in bizcloud by Razavi entitled “Cloud Maturity Study Reveals Top 10 Issues Eroding Cloud Confidence” reports on a recent study conducted by ISACA and the Cloud Security Alliance which shows what is holding back C-Level executives from adopting Cloud Computing. Razavi reports that the  business leaders in the enterprise are still not yet as sufficiently involved with Could Computing and lack the understanding of its business advantages as their technical counter-parts in the enterprise and this seems to be holding back the adoption of the cloud. Yves LeRoux, a member of CSA and the ISACA Guidance and Practices Committee stated:

“Results show that CIOs and IT management understand cloud best and are most involved in driving cloud innovation in their organizations. This limits cloud maturity and innovation since cloud continues to be viewed as a technical solution and not as a business enabler”

Here are the top 10 concerns C-Level executives have regarding the cloud. The survey ranks the confidence from 0 to 5 with 0 as least confident and 5 as most confident:

“1. Government regulations keeping pace with the market (1.80)

2. Exit strategies (1.88)

3. International data privacy (1.90)

4. Legal issues (2.15)

5. Contract lock in (2.18)

6. Data ownership and custodian responsibilities (2.18)

7. Longevity of suppliers (2.20)

8. Integration of cloud with internal systems (2.23)

9. Credibility of suppliers (2.30)

10. Testing and assurance (2.30)”

Not Yet Convinced? Here Is Cloud Computing 101


I found a very interesting article in the November 2011 Harvard Business Review entitled What Every CEO Needs to Know About The Cloud by Andrew McAfee sponsored by Citrix. Admittedly, this White Paper is 10 months old and in our industry that can be a lifetime. However, if you are still considering a move to the Cloud, or if you have come late to the party and need a fast way to catch-up to the rest of the IT community, this article is a must read. The article was sent to me and what caught my eye was the blurb attached to it which simply stated:

“When it comes to cloud computing, today’s IT executives generally ask three important questions:

·         Why will the cloud be a big deal beyond the IT department?

·         What are the main concerns and areas of skepticism, and how valid are they?

·         And, how should we get started?

This timely resource answers these critical questions while explaining the cloud and its benefits. Read now to learn about the cloud’s perceived barriers and other apprehensions that will prevent some companies from taking full advantage of it.”

In the introduction the author describes the current on-premise computing environment and how by its very structure it is an impediment to the inevitable paradigm change that will occur. As the author explains, many large enterprises might not appreciate the benefits of Cloud Computing since they have the resources to do all things promised by the Cloud. But today’s large enterprises spend only a little over 10% of their budgets on development since the bulk of their IT budgets go to maintenance and infrastructure. A case study is presented where a global corporation utilized Box, a provider of cloud- based content management and file sharing”. The result was that anything stored in the cloud was easily accessible to any employee around the world as long as they had an internet connected device, (i.e. computers, tablets, or smartphones). An additional benefit was that any user could administer their own account thus facilitating collaboration and increasing productivity.

Another feature I found particularly helpful in this White Paper were the use of what the author referred to as “sidebars”. These sidebars were a synopsis of areas or questions of particular concern to the reader. For example the sidebars dealt with the following issues:

1.       Overhyped criticisms of cloud computing which only provide “cover” for those not willing to do the due diligence and learn the true benefits of the technology. Questions about cost, security, and reliability of the cloud are the same or comparable issues faced by on-premise data centers.


2.       What is the Cloud? This sidebar lays out succinctly the three categories of offerings the cloud can provide:


·         IAAS (Infrastructure as a Service): Basically a group of servers providing storage and/or bandwidth for those requiring computing power without the burden of installing and maintaining it.


·         PAAS (Platform as a Service): This category comes fully equipped with development tools and allows an enterprise to outsource a part of their infrastructure to develop custom software or to integrate existing applications.


·         SAAS (Software as a Service): The largest category is a suite of applications in the cloud as opposed to the user’s laptop or the enterprises data center.


·         The benefits for all three categories are: 1) a renting or pay-as-you-go feature thus eliminating the initial capital outlay, 2) the vendors take care of all maintenance and administration, and 3) it is faster and easier to get more out of the cloud for each of the three aforementioned categories than from an on-premise approach.


3.       How to Start Moving into the Cloud: This sidebar discusses the following topics:


·         Identify restrictions and grey areas


·         Start running experiments with SaaS


·         Do your next development project in the Cloud


·         Talk with your core enterprise software vendors to understand their plans for the Cloud


The White Paper concludes with a very informative interview with Sameer Dholakia, Group Vice President and General Manager, Cloud Platforms Group, Citrix. The questions are pertinent and open-ended which allows for a fuller and more complete explanation. I highly recommend this White Paper for all those still sitting on the fence deciding whether to embark on the future of IT computing.

Cloud Moves IT Decision-Making Away From the CIO


When the paradigm shifts it’s best to heed the words of Bette Davis in the 1950 movie classic All About Eve; “Fasten your seatbelts. It’s going to be a bumpy night”.

An article in bizcloud by ameyer entitled Six Principles for Effective Cloud Computing”, discusses a Whitepaper by ISACA. The significance of the Whitepaper is to explain the shift in IT decision making away from the chief information officer (CIO) and technology specialists and to the business unit leaders and how to deal with the risk to the Enterprise if such the shift is not implemented correctly. As Enterprises seek to reduce their IT costs and also address the demands from business units for more functionality and faster response times from their devices the internal IT team had turned to outsourcing. They have grown comfortable with this sort of arrangement. However, Cloud Computing is a fundamental shift in how technology is acquired and managed in Enterprises. This shift can cause problems within the Enterprise if its Corporate Culture and its policies and procedures cannot adapt quick enough, if at all, to this paradigm shift.

The six principles in ameyer’s article on the ISACA whitepaper are as follows:

1.       The Enablement Principle: Plan for cloud computing as a strategic enabler, rather than as an outsourcing arrangement or technical platform.

2.       The Cost/Benefit Principle: Evaluate the benefits of cloud acquisition based on a full understanding of the costs of cloud compared with the costs of other technology platform business solutions.

3.       The Enterprise Risk Principle: Take an enterprise risk management (ERM) perspective to manage the adoption and use of cloud.

4.       The Capability Principle: Integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.

5.       The Accountability Principle: Manage accountabilities by clearly defining internal and provider responsibilities.

6.       The Trust Principle: Make trust an essential part of cloud solutions, building trust into all business processes that depend on cloud computing.

ISACA: ISACA was incorporated by individuals who recognized a need for a centralized source of information and guidance in the growing field of auditing controls for computer systems. Today, ISACA has more than 95,000 members worldwide. ISACA got its start in 1967, when a small group of individuals with similar jobs—auditing controls in the computer systems that were becoming increasingly critical to the operations of their organizations—sat down to discuss the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

Numecent "Cloud Paging" A Game Changer


What is Cloud Paging? How does it work and why will it revolutionize the fast emerging Cloud Computing industry? Julie Bort, writer for the Business Insider, answers these questions in her article in Business Insider entitled, “WE'RE BLOWN AWAY: This Startup Could Literally Change The Entire Software Industry”. Bort reports on what Osman Kent, founder and CEO of Numecent a new entry into the Cloud Computing marketplace, describes as a new enterprise technology that “Cloudifies” any software, including operating systems. The software will then be delivered to the users device (i.e. desktop, tablet, smartphone, etc.) and run the software just as fast, if not faster, as if the software was installed on the device itself.

Numecent’s new technology can be used not only for enterprise software but also for video gaming and smartphones. This Cloud Paging can turn a person’s smartphone into a server. It is faster than desktop virtualization and even works if the user's device gets disconnected from their network or the internet. How does this happen?

Desktop virtualization relies on pixel-streaming technology. Cloud Paging does not. Numecent’s technology downloads bits of the instructions from the software right onto the user’s device. The users can also avoid extra licensing fees associated with Cloud Computing. Numecent grants “full license control” to users and not to the device itself which allows the users to check out an application and then check it back in when done using it.

Red Hat has already signed on with Numecent. This will allow it to offer Windows applications to Linux users. More partnerships are expected. Numecent also plans to create subsidiaries using Cloud Paging for different industries and spin them off thus inserting its technology into many industries. Numecent is a company to watch.

Cloud Security: Myths Busted - What Chief Security Officers Need To Know


I found a very good White Paper on Cloud Security entitled Cloud Security Myths and Strategies Uncovered. I think the best way to start off is with the opening quote from the White Paper itself:

“In today’s evolving information economy, cloud computing offers immense opportunity. Whether companies have started their cloud journey or not, security concerns remain the largest inhibitor to adoption. Concerns around control, data privacy, and security abound. However, the technology and expertise required to build a trusted cloud is closer than imagined. Progressive CSOs are embracing a new strategic role as a true business enabler in partnership with business leaders, to make sure that the trusted cloud becomes a reality and enterprises can capitalize on cloud technology.”

Security concerns still abound with Cloud Computing and a fair number of adopters still opt for a private cloud environment. However, there is a trend towards a more hybrid approach, allowing enterprises to take advantage of the cost saving a public cloud provides. A majority of IT professionals surveyed indicated that their top priority was managing access to the data in the cloud. The White Paper suggests that “Virtualization” provides better visibility than the older legacy systems.

The White Paper then lists the three major Myths about Cloud Computing and provides the answer that debunks each one:

1.       The Cloud simply cannot be secure - YES IT CAN.

2.       Cloud Security is a new challenge – NO IT’S NOT.

3.       Compliance equals security – not necessarily … it is only an “as of” date.

The authors state that a successful and secure Cloud is one that has “Trust” as its foundation. The Trust Equation is as follows:


Control + Visibility= Trust


·         Availability: Ensure access to resources and recovery following interruption or failure.

·         Integrity: Guarantee only authorized persons can use specific information and applications.

·         Confidentiality/privacy: Protect how information and personal data is obtained and used.


·         Compliance: Meet specific legal requirements and industry standards and rules.

·         Governance: Establish usage rights and enforce policies, procedures, and controls.

·         Risk management: Manage threats to business interruption or derived exposures.

The White Paper goes on to say that the key to obtaining the visibility needed to control the Cloud is Virtualization. “Virtualization consolidates multiple physical components into a logical view so they can be administered from one place. This alleviates the complexity of managing and monitoring multiple moving parts across internal and external infrastructure.

When it comes to building a trusted cloud, Checklist for Your Trusted Cloud is as follows:

·         Use virtualization as your foundation.

·         Build control and visibility into your security framework.

·         Extend your security perimeter to include applications and endpoints.

·         Adopt the three-layer controls framework: controls enforcement, controls management, and security management.

·         Select a cloud vendor with offerings that can meet enterprise-class cloud security requirements across private and public clouds.

·         Ensure services are secured to a common standard, in a transparent and auditable fashion.

·         Tap prescriptive guidance from industry coalitions such as the Cloud Security Alliance (

Importance of Service Level Agreements for the Cloud


Thomas Trappler is Director, UCLA Software Licensing, UCLA. He is the Manager (and I believe he is also the Founding Member) of “Software Licensing Professionals”, a group on LinkedIn which I am a member. Tom has a wealth of experience and his articles and commentary have been an excellent resource for me during my research on Cloud Computing and many other software licensing related topics. His current article in Computerworld entitled The Cloud Contract Adviser: Service-level agreements will be very helpful to those of you considering moving some or all of your computing to the Cloud.

He begins his article by breaking down SaaS, IaaS, and PaaS to its simplest terms, and that is “Service”. As Trappler points out, the key concern for the licensee should be “Uptime”. The service availability should be memorialized in the contract itself. Trappler cautions us about the vendor’s claims of 99.9% uptime. As he comments, the initial impression to the licensee to such a claim is favorable, but as the cliché goes, read the fine print. Such service availability and the vendor’s responsibility for downtime are not always computed as part of the 99.9% claims if your internet connection is lost. Also not included in the percentage is scheduled maintenance. Trappler also suggests that in the contract definition of service availability the percentage can be affected if it is measured by consecutive minutes or such downtime is spread over a certain period of time. Any or all of these components can be included in the contract definition of service availability or downtime.

Trappler’s section in his article on the remedies built into the contract is very useful. He states that this is the place where the draftsman builds in certain incentives to help assure compliance with the 99.9% uptime claims. These incentives usually come in the form of credits to be applied to future billings. I’ve been practicing law for close to 25 years and I have a particular angst when I hear my opposing counsel say something like “I’ve never heard of that before”, but I have to admit I was not familiar with one of the suggested remedies, as Trappler labels it, the reputational remedy. Apparently, one might consider including a remedy which would require the vendor to take out a full page ad in a newspaper of general circulation announcing missed service levels. A strong motivator, no doubt; but getting it into the contract itself might be a bit tricky.


The Paradigm Shift: Software Execs Move to the Cloud


Kamesh Pemmaraju heads cloud computing research for Sand Hill Group. He writes a weekly blog, Leaders in the Cloud for weekly updates on developments in the cloud market. In an opinion piece for Sand Hill entitled Cloud Leaders Face a Changing Tide he reports to us on the latest Sand Hill survey of 100 software CEOs and senior executives and their responses regarding their firms expected revenues from Cloud Computing for the next few years, their customer’s attitudes and readiness to adopt Cloud Computing, and which products and services seem to be catching hold.   What appears to be obvious to Pemmaraju from the results of the survey is that these vendor’s customers want to be in the Cloud and the execs recognize this demand and no longer expect their customers to accept the existing products for sale. The survey respondents seem to feel that the global recession is ending and they expect considerable growth in the Cloud Computing market space.

85% of the respondents already had cloud products and service offerings ready for sale to their customers and 43% expect that Cloud Computing sales will make up the majority of their sales in the next 5 years:

The survey showed an interesting dichotomy between small firms (i.e. revenues of $250M or less) and large firms. The larger firms will grow their revenue from Cloud Computing but at a much slower pace in the next 5 years:

Pemmaraju identifies the key to success for these software vendors are to recognize the value their customers see in the applications and the platforms on which these applications are developed. Hence these software vendors “also need to create platforms to attract developers to extend and build new applications.” The concerns from all parties are very real and consist of:

·         PaaS (Platform as a Service) is still relatively new and unproven

·         Enterprise customers are stocked with on-premises development tools

·         Customers want to avoid being locked into one vendor

Although SaaS is the primary model today, Pemmaraju reports that the surveys show that PaaS is the choice for most respondents in the next 3 years:

The paradigm is shifting once again and as the software vendors learn and adapt there will be many missteps along the way. Pemmaraju sums it up nicely in his opinion piece:

“But as customers move away from traditional licensing models, software vendors—particularly the incumbents—face challenges in adjusting their products, go-to-market strategies and pricing models. How can they move towards cloud computing without cannibalizing their existing product revenues? Even the metrics or methods that software firms use to track their business are evolving rapidly. Moreover, nearly 50 percent of the executives surveyed said the cloud offerings today are not yet ready for enterprise use, and the current lack of standards is a growth inhibitor.”



Intellectual Property Magazine - Cloud Computing: What In-House Counsel Needs to Know


Intellectual Property Magazine - Cloud Computing: What In-House Counsel Needs to Know

Intellectual Property Magazine asked me to write an article for their March 2011 issue. We discussed various topics and ultimately settled on the subject matter in the title of this Blog posting above. Our arrangement allows me to publish my work in my Blog. The graphics in the published article are really quite amazing. What follows is the text of my article minus the graphics:


Cloud Computing: What In-House Counsel Needs to Know

The only constant is change. I remember being at an Oktoberfest back in the late ‘80’s. My friends and I noticed a young man wearing a phone on his belt. We laughed and thought how self-important he must think he is. Well, I confess that today I do not leave the house without my Smart-Phone firmly attached to my belt. I can make and receive calls, send and receive emails, surf the net, and even take a picture if needed. The old adage “Change, embrace it” holds true in today’s technological environment. 

It is said that the speed of processing chips doubles every 18 months. There does not seem to be an end in sight in the growth in sales for the ubiquitous mobile phones. Apple’s iPad is all the rage and the Apple stores cannot keep them on the shelves. The number of applications to be written for all mobile computing devices in the coming year is staggering. So the next phase in innovation in this burgeoning IT industry is Cloud Computing. The term “Cloud” gives the concept a rather nebulous tone. Studies show the sales in the Cloud Computing marketplace have doubled in the last few years and there is no slowdown in sight. Let’s first define exactly what Cloud Computing is in order to rid ourselves of the uncertainty and then examine its advantages and disadvantages.

Cloud Computing – What is it?

Software as a Service, also known as SaaS or On-Demand, is the term most closely associated with Cloud Computing. The key word is “Service”. SaaS acts similar to a linked network of computers, or a cluster of linked networked computers, to perform different functions. This cluster of networked computers acts as a virtual supercomputer. Each person working on his or her own laptop computer is provided with the exact application they need to work and perform the tasks on their part of a project or to perform their assigned tasks in their area of work in the corporate entity. These applications are provided to that person via the internet. The user can work remotely and the applications needed are accessed by them from the internet through their web-browser. It is a seamless delivery system and it appears to the user that the applications are installed on their lap-top. The software and the data generated are not stored on the premises or the user’s own hard drive, but rather on shared servers at the vendor’s site.

What are its advantages?

The major reason usually given for Cloud Computing is that SaaS is faster to get up and running into a productive environment when compared to a full blown enterprise wide implementation and therefore a much less expensive alternative. Hand in hand with the touted speed to productivity is the claim that the enterprise can avoid the upfront capital expenditures for additional or specialized hardware that are usually required in most Enterprise Resource Planning (“ERP”) implementations. The servers are not on premises. It is a shared server array at the software vendor’s site. Since it is a service, the pricing is based on a per seat use rate and so the millions in the initial cash outlay for the software suite are non-existent. The theory is that the enterprise pays for what one uses and no more. Depending on the application, the pricing might not be exactly pay as you go, but a hybrid. The software vendor may have a subscription based pricing for the estimated number of users or hits required over a shorter period of time. This pricing model can then be adjusted as events require. Another advantage to this delivery model is that it is easily scalable and provides flexibility as projects or the enterprise at large experiences growth. Users, storage space, and upgrades to new versions and releases to the software can all be dealt with as the needs arise.

What are its disadvantages?

Security is the paramount concern. Where’s my software? Where’s my data? We have government regulations to adhere to. There are new banking regulations and new privacy rules. What about protecting non-public personal information? How do you assure me that my data does not get mixed up with another entity’s data? And the list can go on and on. 

How do we address these concerns?

Cloud Computing is inevitable. Given the centralized nature of Cloud Computing, security becomes more efficient. Instead of fighting the concept, it might be wiser to prepare for its eventual acceptance and implementation.  It is a good idea to train your IT department personnel for the change so they can have a shorter learning curve when the switch is made. One way to approach this matter is to initiate trials for your personnel by creating an innovation sandbox in the cloud. Contractually, this is the time when in-house counsel needs to lean on the “techies” on the business team. Actually both sides must feel comfortable with the solutions to the security issues. Let the business teams gather all the questions and all the means to address those concerns. Then it is the contract draftsman’s job to memorialize these areas of concern and the consequences into the contract to be signed if such matters are not met. 

The teams must agree on the specifications of how the data is to be isolated and protected. Include language that allows and mandates that the customer’s data is retrievable in a format that is desirable and safe. The ability to retrieve your data in the right format should be part of any Disaster Recovery language and the policies and procedures discussed and inserted into the contract. Your data should be backed-up periodically on a regular basis and copies of the back-ups should be stored off-site at another secure facility. Support levels and upgrades are part of the selling feature of any SaaS initiative and so these must be clearly spelled out in the contract, usually via a separate Support Schedule attached to the terms and conditions and incorporated by reference. In addition to clearly defining what is included in Support, make sure to have your team develop in conjunction with in-house counsel and the vendor’s team a Software Support Response Schedule for inclusion into the contract. Such a Response Schedule should have up-time availability percentages for the Productive System and a sufficient penalty if these availability percentages are not met. Do not be afraid to include tough penalties for failure to achieve the agreed upon up-time availability to adequately incentivize the On-Demand vendor to meet their promised availability times. These penalties usually are a dollar percentage credit to the customer’s monthly or quarterly use fees. The teams should work on clearly defining different levels of priority and the times to respond to such calls for support (e.g. Level 1 is Very High Priority due to Productive System Shutdown. Response time after reported is 1 hour).   The contract must clearly state that the vendor is SAS 70 certified and such certificate must be made available to the customer upon signing of the contract. It should go without saying, but verify that all of the promises made have been confirmed by a team from the customer by an on-site visit to the vendor’s facilities. The on-site visit should be able to confirm all the physical security claims and the policies and procedures discussed in the contract negotiations. Once the promised savings materialize due to reduced costs on maintenance and upfront costs for specialized hardware, the enterprise can use these funds and direct its efforts to more innovative ways of running the business.

Is complete surrender the only alternative?

Depending on the type of business your company is engaged in, considering the move to Cloud Computing and the nature of the data to be processed, the concerns over security might be just too high a hurdle to overcome. The new Privacy Laws and computer hacking and new government regulations sometimes present an insurmountable obstacle.  Another approach is to perform a cost benefit analysis of just certain parts of your business and the results might make the transition to Cloud Computing more palatable. On-demand service providers, another name of SaaS software vendors, are coming up with hybrid delivery approaches to Cloud Computing. If the enterprise has a myriad of smaller customer interfacing transactions at a multitude of cites, why not make use of the Cloud with all its advantages of scalability and pricing based on use while leaving the more sensitive data processed and stored on premises in a single tenancy traditional approach. This allows the enterprise to take advantage of the cost savings of using Cloud Computing while still maintaining the integrity of the more sensitive data stored on premises.

Where do we go from here?

The worldwide recession has kept the lid on software vendors raising prices. But this economic downturn cannot last forever. During this time, there has been a consolidation of software developers in the ERP industry. In April 2009 Oracle purchased Sun Microsystems. This purchase alone gave Oracle, one of the prime players in the ERP market space, access to not only Sun’s premiere hardware capabilities, but also the keys to some of Sun’s stalwart software applications, most importantly the Java programming language. Along with Oracle’s purchase of Sun came the Solaris operating system asset as well. With all the assets of the Sun Microsystems purchase, including both the software and hardware, Oracle has placed itself in a position to provide the foundation to build its SaaS and Cloud Computing services. 

SAP, who has been partnering with IBM since the late 90’s, plans on developing along with IBM a product that will facilitate the creation of an in-house cloud. SAP’s new endeavor, the “Reservoir” cloud computing project’s aim is to spread the utilization of requested applications across the enterprise’s servers thus addressing under utilization and spikes in usage.

Intel, the world’s prime chip manufacturer, purchased McAfee, a leader in network security industry. With this purchase Intel hopes to integrate security directly into the architecture of its chip. If this is accomplished, Intel’s potential to enter such new markets as network security, smart phones, and PC tablets is boundless.  

Google, purveyor of the prime search engine of choice, has recreated itself into a vendor of mobile devices, operating systems, and Cloud Computing. Other big IT players such as CISCO, IBM, and HP, now flush with cash and seeing the impending paradigm shift in the industry, have gone on a shopping spree purchasing unified communications vendors, and network security companies, and business intelligence vendors. Oddly enough all of these companies apparently are perceived as being outside of the acquirer’s original area of expertise.  

With this consolidation in the market many of the potential ERP customer’s choices will be eroded as only a handful of ERP vendors will remain. It’s a fair assumption that prices will be on the rise. Your IT budgeters should expect the need to request increases in funding for the usual items that accompany an ERP Business Suite purchase such as increased costs for support, higher rates for users, and the ever burdensome costs of a full blown enterprise wide implementation with all its foibles and miscues.   One way to counteract the consolidation in the ERP market space is to examine the alternative methods for deployment of the needed IT services. Cloud Computing, Software as a Service, a hybrid approach, or Managed Services are options your IT department should be considering. As I have discussed the insurmountable hurdles to Cloud Computing can be overcome. With the right contracting model, adequate assurances and protections, along with sufficient penalties to incentivize adherence to agreed upon terms of protection, Cloud Computing can be the viable alternative for your IT department. Change is coming. Embrace it.

Epilogue : My editor asked me to develop a “To Do” list for the readers. The graphics in the published piece consist of a yellow legal pad with the following bullet points:


·         When implementing cloud computing, it is a good idea to train your IT department personnel for the change so they can have a shorter learning curve when the switch is made. 

·         In addition to clearly defining what is included in support, make sure to have your team develop in conjunction with in-house counsel and the vendor’s team a software support response schedule for inclusion into the contract.

·         The contract must clearly state that the vendor is SAS 70 certified and such certificate must be made available to the customer upon signing of the contract.

·         Make use of the cloud with its advantages of scalability and pricing based on use while leaving the more sensitive data processed and stored on premises in a single tenancy traditional approach. 


2011: The Next Computing Platform


David Needle reports in EnterpriseMobile Today on IDC’s prediction of the plethora of sales of mobile devices expected in the coming year with over 25 billion apps expected to be written for these devices in his article entitled Mobile Apps Will Heat up to 'Staggering' Levels in 2011: IDC. This will be the eventual merging of Cloud Computing, Mobile Computing, and Social Networking. This will be the next paradigm shift in the computing world. For me this shift is clearly signaled when Needle quotes Frank Gens, IDC's senior vice president and chief analyst:

 "In 2011, we expect to see these transformative technologies make the critical transition from early adopter status to early mainstream adoption"

“In addition to creating new markets and opportunities, this restructuring will overthrow nearly every assumption about who the industry's leaders will be and how they establish and maintain leadership"

Apple’s iPhone will dominate, but Android’s Marketplace will not be a distant second for long. With the staggering prediction of over 25 billion apps to be written and sold for all the new mobile devices, the other two budding technologies of cloud computing services and social networking will combine to move the new way of computing to warp speed.

Should we expect the acquisition by major software vendors of social networking providers? The IDC research says yes.

The Cloud or On-Premises: HP Says Why Not Both


As I have discussed in several articles in this Blog, the concern over security has been a huge hurdle for most enterprises when considering whether to adopt Cloud Computing. There also is the simply reticence to change. David Needle discusses this in his article in ServerWatch entitled HP Pushes ‘Instant On’ Vision of Enterprise Cloud Services and explores an ingenious response to the resistance to change developed by HP. Perhaps the best way to describe this new development in Cloud Computing is to call it a hybrid approach. HP also offers the consulting services that will assist the enterprise to implement and manage these services. Needle’s article is peppered with quotes from Sandeep Johri, vice president of enterprise strategy and industry solutions at HP, and from a company spokesman. I think the fastest and most direct way to describe this approach and the services to implement it is to read exactly what they say about it. Here are some select quotes and you can make the determination if this could be the game-changer for the adoption of Cloud Computing:

“Part of our vision is about transforming old applications, not necessarily to the cloud, but to make them more available using new frameworks that can be accessed as a service.”

“We think the cloud needs to be more than the standard definition of on-demand services.  An enterprise needs a level of security commitments and service quality commitments, among other attributes we believe are necessary.”

"The cloud can be something you use to augment other parts of your business.  For example, for some of our airline customers we do 'ticketing as a service.' Those companies get billed on a per passenger basis and they don't get billed for servers -- the backend infrastructure is all handled by HP.

"From an instant-on perspective, an airline might just want the ticketing aspect, which we let them get right away without buying new infrastructure, but they may also want to keep a lot of other IT functions in house, and this program lets them do that."

"We do medical claims processing for 20 states in the U.S. and we get paid on a per claim basis. We process over a $100 billion in claims every year," he said. "We don't call it software as a service, but that's effectively what it is.”

And on the hybrid delivery services that implement this approach:

"This offering provides clients with a patent-pending, model-driven framework to introduce hybrid delivery concepts into their existing environments.”

"The optimal architecture for the enterprise is a hybrid architecture, not everything is moving to the cloud or staying in-house.  At the end of the day, IT needs to deliver services and some of those are best delivered in-house in a traditional single-tenancy environment, some in the cloud and some outsourced. We believe HP can bring optimization across multiple dimensions.”

The Paradigm Shift in IT Continues: Intel Buys McAfee


I highly recommend Larry Barrett’s August 20th article in CIO Update entitled Intel’s McAfee Buy Latest Sign of Sea Change in IT. In the second half of his article Barrett discusses how Intel’s acquisition of McAfee opens the door for Intel to become a key player in the mobile device and network security markets. I will discuss some of his key points later in this posting.  However, what I found most interesting is his discussion in the first half of his article where he describes quite adroitly and with relative ease his perception of the “Sea Change” in the IT industry. Barrett lays out the salient points in rapid fire succession based on his perception that the arrival of wireless networks, smartphones, and the “consumers’ unquenchable thirst for mobile devices” has sparked an acquisition frenzy amongst the big IT players who have plenty of cash on reserve. For example, Google has gone from the prime search engine vendor to mobile devices, operating systems, Cloud Computing, and SaaS. He mentions Cisco Systems, IBM, and HP purchasing unified communications, network security, and business intelligence companies, all of these companies apparently outside of the acquirer’s original area of expertise.

And now Intel’s Security on a Chip:

This acquisition takes Intel in a totally different direction from its core business. Gartner security analyst, Peter Firstbrook, doesn’t believe you can build security on a chip:

"Security is dependent on the OS and the apps in the stack. You can't anticipate that in the chip."

However others are not so skeptical. They see the potential that exists for Intel to enter a whole array of markets from network security, to smartphones, to PC tablets, to the myriad of hardware and software these markets create. Intel CEO, Paul Otellini, stated that the purchase of McAfee and bringing security to the chip was

“not just the opportunity to co-sell but also the opportunity to deeply integrate into the architecture of our products."


3 Reports re: Cloud Computing & SaaS


In my research of items concerning the latest in the software industry, I came across three short articles of interest. I’ll give you a brief synopsis of each and a link to the article if you wish to explore further.  I’ve added a bonus “Quote of the Week” at the end. Sorry but I just couldn’t resist.

1.       Gartner Reports on the Surge in SaaS

Larry Barrett’s article on Gartner’s SaaS Market Report entitled SaaS Market Growing by Leaps and Bounds: Gartner states the latest report from Gartner shows no indication on any slowing in the demand for on-demand software applications. Gartner defines “SaaS as software that is owned, delivered and managed remotely by one or more providers”. Gartner expects 2010 SaaS sales to top $8.5 billion, an increase of over 14% of 2009 sales.

Advantages to SaaS:

·         Lower start-up costs compared to on premises deployments

·         Lower maintenance costs compared to on premises deployments

·         Ease in sharing applications and documents through the cloud

Gartner analyst Sharon Mertz stated, "As tighter capital budgets demand leaner alternatives, familiarity with the model increases, and interest in platform as a service and cloud computing grows.”  Further Mertz noted, "Greater market competition and increased focus by the mega-vendors reinforces the legitimacy of on-demand, mitigating initial objections about security and availability for many, as acceptance of SaaS as a viable model for enterprise computing services grows."

2.       Microsoft Claims Top Spot in Cloud Computing

Stuart J. Johnston’s article on Microsoft’s claim to be #1 in Cloud Computing entitled Microsoft: We’re No. 1 in the Cloud reports that Kevin Turner, Microsoft COO, proclaimed at their annual meeting for financial analysts in Redmond, Washington that Microsoft is “number one” in cloud computing. The company claims 40 million cloud computing users globally and Turner reported that "Seventy percent of the wins in the cloud that we had in [the fourth quarter of fiscal 2010]… were new Microsoft customers." He touted three of their new customers:

·         Dow Chemical Co.

·         Hyatt Hotels & Resorts

·         University of Georgia

Additionally, Turner made sure that his audience was aware of the company’s record year due in large part to a total of over 175 million licenses sold for their new Windows 7 operating system in the short nine months since its release.

3.       Public Cloud Storage Services the New Choice for Enterprises

David Needle has a new article on Public Cloud Storage entitled New Public Cloud Storage Services Target IT. In it he discusses the latest report from research firm Ovum regarding public cloud storage services. Ovum senior analyst Timothy Stammers stated:

"Not only do they relieve the burden of storing data on customers' premises, but they also have the multiplying effect of transferring to the cloud provider the responsibility of backing up that data"

Initially companies poured vast sums of cash into online storage services to no avail. Economies of scale could not be reached due to the fact that the vendors were using the same storage systems of the enterprises they wished to sell. Huge network bandwidth costs along with their customer’s refusal to accept to the unknown contributed to the collapse of this new emerging venture.

The solution and/or opportunity was as follows:

·         Slowing economy put CIO’s on the hunt for cost cutting measures

·         Cost of network bandwidth plunges

·         The unknown becomes known due to success of certain vendors, most notably Amazon and Salesforce

·         New object-oriented storage technology, i.e. much more bang for the buck

New start-ups offering these services include Nirvanix, Nasumi, and Ctera. Stammers revealed that these vendors often leverage the storage clouds from such mega-providers as Amazon, Microsoft, and RackSpace. He stated,

“To the customer it still looks like ordinary storage and there's caching to alleviate latency issues. Typically these systems also provide their own backup, but companies may also choose to do that on their own for an extra level of protection.”

4.       Quote of the Week

And finally, I just couldn’t resist this one. To paraphrase a line from a well-known cable news network, I’ll Report, You Decide. Here is my pick from David Needle’s article entitled Say What? The Week’s Top Five IT Quotes:

"First of all, moving to the cloud is not the right way to think about anything. There will be new things in the cloud -- redoing something doesn't make a lot of sense. If you want to argue we've been somewhat slow in expanding to the cloud -- fair enough -- but customers have a lot of interest in seeing that our applications maintain their core value, the data integrity and consistency. Taking that to the cloud takes a lot of work."

Kaj Van de Loo, an executive in the office of the CTO at SAP, defending his company's cloud computing strategy.

Salesforce Sues Microsoft: The Future of Cloud Computing Awaits


In May of this year Microsoft sued Salesforce for infringement of nine Microsoft patents. Last week Salesforce counter-sued Microsoft claiming Microsoft has infringed on five of its patents. Salesforce has asked for treble damages (i.e. three ‘3’ times the amount of harm caused), an injunction of Microsoft’s use of the patents in question, and attorneys’ fees and court costs. Hanging in the balance is the future of cloud computing for enterprises and consumers alike. For more on this matter see Stuart J. Johnston’s article in eCRM entitled Salesforce Suit Clouds Microsoft’s Patent Attack.

The Microsoft products affected by the Salesforce claim of patent infringement are as follows:

·         SharePoint Server and related products

·         Windows Server AppFabric

·         Windows 7 error reporting system

·         Windows Server 2008 R2

·         Microsoft’s .NET development platform

·         Windows Live delegated authentication system

The outcome of this law suit could have a tremendous consequence on Microsoft’s cloud computing initiatives.

So what are the chances that young upstart Salesforce can defeat the mighty Goliath Microsoft in any legal action? Well I would not count my chickens before they are hatched. Salesforce has hired David Boies as legal counsel for this litigation. For those of you not familiar with Mr. Boies or any of his notable cases you can find a brief synopsis of his career here. Just to whet your appetite here is a list of some of his more notable cases:

Notable cases



  • At Cravath, Boies assisted top litigator Thomas D. Barr in defending IBM in the 13-year antitrust cases brought by the Justice Department and many private competitors.
  • Also at Cravath, he represented the Justice Department in the United States v. Microsoft case. Boies won at trial and the verdict was upheld on appeal. The appellate court overturned the relief ordered (breakup of the company) back to the trial court for further proceedings. Thereafter, the George W. Bush administration settled the case. Bill Gates said Boies was "out to destroy Microsoft."
  • Boies represented New York Yankees owner George Steinbrenner in a suit against Major League Baseball. This involved an action against all the teams. The Atlanta Braves were owned by Time Warner, a longtime Cravath client, who objected to his representation of the Yankees.
  • He defended CBS in the action brought by General William Westmoreland. The general abandoned his case during the trial.
  • Following the 2000 U.S. presidential election, he represented Vice President Al Gore in Bush v. Gore.
  • Boies defended Napster when the company was sued by the RIAA for facilitating copyright infringement.
  • In November 2003, he represented Andrew Fastow, deposed Chief Financial Officer of Enron.
  • Boies has been retained by the SCO Group in their pursuit of alleged infringement of their rights to the Unix intellectual properties.
  • He negotiated on behalf of American Express two of the highest civil antitrust settlements ever for an individual company: $2.25 billion from Visa, and $1.8 billion from MasterCard.



Public vs. Private Cloud Computing: A Decade Long Look


Rob Ederle in his article in entitled 2010: The Year and Decade of the Cloud has an interesting theory on the circuitous nature of the computing populace and the nature of the industries that feed into this arena.  Enderle surmises that we have come, or will be coming, full circle in our approach to computing in this second decade of the 21st century. He notes that we started this journey with huge centralized computing and dumb terminals, and now with the surge in growth of Smartphones and Smartbooks, we may be headed back to that original configuration, but this time in “The Cloud”. Enderle’s advice for companies to survive is to change their approach of how they view the market. Larger vendors ensconced in the large systems approach may have a leg-up on their competitors who were more user-focused; however, these larger vendors must accommodate these user’s demands or risk alienating them. Similarly, the more user-centric vendors must adopt the large centralized systems approach or be left behind. Enderle foresees the most likely way these vendors, large systems vendors and more user-centric vendors, will survive and evolve is through partnerships. He predicts Google as a likely survivor if this decade of cloud computing pans out the way he envisions it.

Ederle gives us a quick definition of what he calls Services-Based Computing, otherwise known as “The Cloud”. He takes a retro look back and states that is what IBM started. I’m not sure if I buy a direct correlation to what was the IBM leasing/services model and what the new cloud computing will become, but I at least understand where he is going with this perspective.

Ederle’s article makes an interesting observation and distinguishes between “Public” cloud computing and “Private” cloud computing. It is easy to guess, and Ederle’s article is quite clear, that the Public brand of cloud computing would be lower cost while the Private brand will be more concerned with security, but at a higher cost.  As a neophyte when it comes to cloud computing (well I guess most of us are neophytes at this point in time), I am not sure I can make the distinction between Private cloud computing and a Managed Hosting arrangement, or is this a distinction without a difference? Further in his article there is a discussion how the enterprise vendor (i.e. the large centralized systems vendor) must meld its strategic efficiencies with the more user-centric vendors who have the knack for responding to the needs of the line managers who have become the new decision makers when it comes to technology spending.

Ederle’s solution, or at least his prediction, is that companies will need to form partnerships with each partner having the right mix of Public and Private components. He concludes his article by stating that the companies that exit the new decade of cloud computing will not resemble anything like they were when they entered this new decade.


SaaS Predictions for 2009: How to Market SaaS in the Current Economic Downturn


The SaaS story remains the same, but now the approach must shift.  SaaS is cheaper to implement and the enterprise can avoid the upfront capital expenditures for hardware.  Since it is a service, the pricing is based on per seat use and so there is no initial cash outlay for the software suite.  You pay for what you use.  In this current economic crisis enterprises are ripe for a way to lower costs and so the approach the SaaS vendor should take needs to adjust to the times and the SaaS vendor must highlight the advantages in their marketing approach.  Demian Entrekin, founder and Chief Technology Officer of Innotas, has written an Op Ed piece for SandHill entitled 10 Predictions for Software as a Service.  In it he cites a Gartner study that predicts the $6.4 billion in SaaS sales for 2008 will grow to over $14.8 billion by 2012.  In his article Entrekin discusses the 10 key trends that the SaaS vendor should consider in order to expand their market share by encouraging acceptance of their application.  I will provide a brief synopsis of these trends below, but I strongly suggest his article to my readers for the full story.

10 Key Trends to Growth and Acceptance:

1.     Sell the product features:  Abandon the traditional approach of selling the whole product and emphasis the individual product features that address the individual business processes desired.


2.     The application is seamless:  SaaS is not restricted to the enterprise and more directed toward user networks.  This should lead to easier adoption.


3.     Have an Elevator Speech:  Just when marketing yourself for a job, one needs to be able to sell oneself in the first few moments of the interview, Entrekin suggests the SaaS Vendor be able to demonstrate added value in the first minutes of meeting the prospect.


4.     A Deming Approach:  W. Edwards Deming would emphasis the ability to support a reliable, scale-able service at a low cost.”


5.     Emphasis Tier 1 Support:  Stress the capability of your Tier 1 Support and suggest the enterprise eschew the need for high priced consultants to answer what become high priced questions.


6.     Product Alliances are key to growth:  Make alliances with other SaaS vendors as a means to growing market share.


7.     Video rules the day:  Use video for training and support.  It is cheaper and much more interesting than the traditional text tools.


8.     Consider a full service Hosting Provider:  This is the point of most interest to me.  Entrekin points out that the SaaS Vendor obtains the same leverage from an outsourcer that they provide to their own customers.  This has the added benefit of leading to aggregation of applications and partnerships.


9.     Grid Computing:  SaaS vendors should build their applications so they are “cloud compatible”.  It remains to be seen if grid computing becomes cost efficient, but the SaaS vendor should be ready to take advantage if such is the case.


10.  Your approach can shift from the technology hurdles to a marketing strategy: Entrekin believes the hurdles getting the application to market are slowly but surely being overcome and now is the time to shift to a viable marketing strategy.