Google Cloud Connect for Microsoft Office


Microsoft and Google have become arch enemies of sorts in the cloud computing market, with the two tech powerhouses engaging in an ongoing tit-for-tat for high-profile cloud computing customer wins and cloud computing features and functions as each one looks to claim the cloud collaboration crown.

Google Cloud Connect for Microsoft Office brings collaborative multi-person editing to the familiar Microsoft® Office experience. You can share, backup, and simultaneously edit Microsoft Word, PowerPoint®, and Excel® documents with coworkers.



And Microsoft fires back..
Microsoft this week reiterated its stance that when it comes to cloud computing, Google's heart isn't in it.

Microsoft's bold proclamation comes as Google launches Google Cloud Connect for Microsoft Office, a plug-in that enables cloud collaboration capabilities in Microsoft Office desktop productivity apps and puts Office files and documents into the cloud.

The Cloud ERP Shortlist for Manufacturers

The market for SaaS manufacturing software solutions will expand considerably in the coming years

By Derek Singleton

Manufacturing software vendors are making aggressive moves to the cloud. In the past year alone, four vendors rolled out a full suite Software-as-a-Service (SaaS) offerings for the industry. That brings the current tally of SaaS players in the manufacturing arena to five: Epicor Express, Infor SyteLine, NetSuite, Plex, and SAP Business ByDesign.

The buzz around the cloud has manufacturers asking if a cloud solution is right for them. To help answer that question, I'll explore the features and functionality each vendor offers, and the ideal target market for each. Many more vendors are redesigning their software for the cloud, but I thought I would spotlight the five that are already there.

First, here's a brief introduction to the vendors.

In May of 2010, Epicor released Epicor Manufacturing Express Edition (Epicor Express), the SaaS version of their Epicor 9 product. Their SaaS offering was designed specifically with smaller job shops and manufacturers in mind. Currently, 70 of Epicor's 9,500 manufacturing clients are working in the cloud on Epicor Express. The product is currently targeting a 20 to 30 day period to go live. That should be attainable for small job shops without complex data migration needs.


Infor moved their flagship SyteLine product to the cloud in October of 2010. Of their 70,000 customers, mostly manufacturers, 800 have put some of their production in the cloud. Infor takes pride in the flexibility of their .NET architecture and their ability to serve mixed-mode manufacturers. In future releases, Infor plans to expand multi-site capabilities, and expand their mobile applications.


NetSuite began pursuing light assembly and less complex discrete manufacturing customers in 2007. In June of 2010, they launched their first full-suite manufacturing offering to target mid-market manufacturers. As a pure SaaS company, NetSuite's manufacturing clients all operate in the cloud. NetSuite currently supports multiple sites, multiple languages and currencies. In future releases, they plan to expand upon this functionality and target more complex manufacturing industries.

Plex was the first SaaS player to target the manufacturing industry with their 2001 cloud-computing debut of Plex Online. At their start, Plex targeted the automotive industry. Since then, the company has expanded into several other verticals. As a pure SaaS vendor, all of Plex's 589 manufacturing clients are in the cloud. Future releases will focus on expanding global capabilities, and developing functionality for more vertical manufacturing markets.

The July 2010 release of Business ByDesign 2.5 marked the on-premise ERP powerhouse's first SaaS move into the manufacturing market. The product hosts 250 customers, but we don't have a detailed count for how many customers are manufacturers. Regardless, SAP has tremendous manufacturing domain expertise to incorporate into the product over time. In future releases, SAP will focus on expanding their functionality to cover mixed-mode manufacturing and engineer-to-order.
What Products Serve Your Size Business?
The sweet spot for these SaaS vendors is small to mid-sized manufacturers who don't have the resources to implement more complex, expensive on-premise solutions. Epicor Express finds its niche among manufacturers with less than $50 million in revenue. Plex and Infor target a slightly higher end of the market, providing offerings for manufacturers with up to $500 million in revenue. Another way to measure target market is by number of employees. The table below breaks down the target market based on number of employees.

Support for Manufacturing Modes
The type of manufacturing mode a software package can support is a great indicator of the depth of functionality it offers. Notably missing from the modes supported by these SaaS vendors is process manufacturing. Process manufacturing is tricky to support because it requires complex formulas and involves a wide range of variability in production. The software to support these modes also has special requirements, such as material management and process modeling. Below is table indicating which modes are supported by each product.

Industries Served
Manufacturing mode support determines what industries these SaaS solutions can serve. Instead of trying to take on process manufacturing industries immediately, SaaS manufacturers chose "safer" industries to serve first. By serving simpler industries like consumer products or industrial machinery, SaaS vendors can build a steady revenue stream, and develop for other industries later.

Enterprise Application Breadth
Because of their heritage of offering functionally complete on-premises products, most of these vendors are able to offer a fairly rich set of applications in their cloud solutions. Therefore, in addition to manufacturing resource planning (MRP), most of these vendors also offer functionality for customer relationship management (CRM), human resources (HR), business intelligence (BI), etc. The table below illustrates the applications offered in each system.

SaaS Manufacturing Moving Forward
These vendors already offer impressive functionality in their full suite ERP cloud software. But cloud software still lags behind the functionality of on-premise systems. Most on-premise vendors could have checked all the boxes above, and then some. This gap in functional parity is sure to narrow in the coming years as more vendors invest in the cloud platform.
The growth of Plex, the SaaS manufacturing veteran, should serve as an indication of the success cloud vendors can have in the manufacturing industry. In 2010, Plex posted a record 27% increase in revenue. This is strong growth during a time when most on-premise vendors are losing licensing sales.
We believe that this sort of growth will continue and potentially accelerate. The market for SaaS manufacturing software solutions will expand considerably in the coming years.

Box.net: The Facebook of Cloud Computing?

By Laura Stotler

There's a fresh face in Silicon Valley, and venture capitalists are making a bet his startup online storage company will do for cloud computing what Facebook (News - Alert) has done for social networking. The company is Box.net and its CEO is Aaron Levie, a 26-year-old USC dropout. Sound familiar? The company and its CEO share a number of similarities with Facebook and its infamous founder, Mark Zuckerberg (News - Alert), and that fact, along with a promising business plan, was enough to convince investors to drop $48 million on the growing enterprise.

Based in Palo Alto (News - Alert), CA, Box.net offers online "storage lockers" for personal and corporate information. Users simply upload their content to the company's servers, and it may be accessed from any device and through any type of Internet connection for ease of sharing. Free individual storage accounts are available with up to five GB of storage space. Box.net makes its profit through corporate customers, who pay $15 per user annually to get administrative control over stored content.

The company recently announced updates to its iPad and IPhone applications, to offer enterprise-grade security and functionality for its mobile content management. Box.net says more than 60,000 businesses and 73 percent of Fortune 500 companies use its services to share, manage and collaborate on content. Indeed, the company was profiled in Forbes last June and is proving to be a formidable opponent for heavyweights like Mozy and Sharepoint.

"We think it may be reaching an inflection point," said George Bischof, managing partner of Meritech Capital, of the investment. He points out parallels to Facebook's position when Meritech decided to invest in it in 2006. At that point, Facebook became available to everyone after being initially adopted by college students. The company has grown from 12 million active users to more than 500 million today, with a market value of $50 billion and a $1.5 billion investment coordinated by Goldman Sachs Group Inc. just last month.

More here

Top Six Security Questions Every CIO Should Ask a Cloud Vendor

By Ian Huynh
Cloud computing has become an integrated part of IT strategy for companies in every sector of our economy. By 2012, IDC predicts that IT spending on cloud services will grow almost threefold, to $42 billion. So it’s no surprise that decision makers no longer wonder “if” they can benefit from cloud computing. Instead, the question being asked now is “how” best to leverage the cloud while keeping data and systems secure.
 
With such an astounding amount of cloud computing growth expected in the next few years, it’s important for all executives, not just IT professionals, to understand the opportunities and precautions when considering a cloud solution. Security questions can span from whether information transferred between systems in the cloud is safe, to what type of data is best stored in the cloud, to how do I control who accesses my data? 
 
It’s important to arm executives with actionable advice when considering a cloud computing service provider. Below is a list of the top six questions every CIO should consider when evaluating how secure a cloud solution is:
 
1.  How does your vendor plan on securing your data?
 
You need to understand how your provider’s physical security, personnel, access controls and architecture work together to build a secure environment for your company, your data and your external partners or customers that also might be using the solution.
 
Application Access Control
For application access control, think front-end as well as back-end. While there may be rigorous user access management rules when the application is accessed via the application interface (i.e., front-end), what about system maintenance activities and related accesses that are routinely performed by your cloud vendor, on the back end, to ensure optimal application and system performance? Does your cloud vendor also apply the same rigorous access control, if not more? 
 
Physical Access Control
Most people are familiar with application access control and user entitlements, but physical access control is just as important. In fact, many people forget that behind every cloud platform is a physical data center, and while it’s easy to assume vendors will have robust access controls around their data center, this isn’t always the case. Vendors should limit physical access to not only the overall data center facility but also to key areas like backup storage, servers and other critical network systems. 
 
Personnel Access Control
Personnel considerations are another aspect of network security closely related to physical access control. Who does your vendor let access your data and how are they trained? Do they approach operations with a security-centric mindset? The security of any platform depends on the people that run it. This means that HR practices can have a huge impact on your vendor’s security operations. Smart vendors will institute background checks and special security training for their employees to defend against social engineering and phishing attacks.
 
Architecture
Your cloud vendor’s solution needs to keep your data separate from that of other cloud tenants that use the same platform. This should be a primary concern when your data resides in “virtual private clouds”, where there is an expectation of stronger segregation controls. Because your data is stored in the same storage space as your neighboring tenants, you need to know how your cloud vendor will ensure that your data isn’t illegally accessed.
 
Also, the overall level of security for cloud applications needs to be addressed. Depending on your vendor’s architecture, there may be customers with differing security needs operating within the same multi-tenant environment. In these cases, the entire system needs to operate at the highest level of security to avoid the “weakest link syndrome”. Incidentally, this highlights one of the benefits of cloud computing – you can have the benefits of world-class security without the cost of building and the maintaining such infrastructure.
 
 
2.  Do they secure the transactional data as well as the data at rest?
 
Most vendors claim strong data encryption, but do they truly provide end-to-end encryption with security in place while the data is at rest or in storage. Also, cloud security should go beyond data encryption to include encryption key management, which is a vital part of any cloud security scheme and should not be overlooked.
 
Data Encryption
Most data centers don’t encrypt their data at rest, encrypt their backups or audit their data encryption process – but they should. A truly secure system would take these considerations into account. Data in backups will likely stick around much longer than the information that is currently on your servers. A mandate that provides strong guidance for data encryption is the Federal Information Processing Standards (FIPS)-140 security standard. This standard specifies the requirements for cryptology modules. Ask your vendor if they adhere to FIPS guidelines.
 
Key Security
How are encryption keys stored and secured? You can encrypt all of your data, but the encryption keys are the proverbial "keys to the kingdom". Best practices call for splitting the knowledge of each key between two or more individuals – hence, to re-construct an entire key, you need all those individuals present for authorization. 
 
Furthermore, where business practice requires that at least one person in the company has knowledge of the entire key (e.g., the CEO or CSO), then procedures and processes should be in place to ensure that those individuals with the knowledge cannot access the data (e.g., they may have the key but cannot get access to the lock to open it – hence, there’s still a degree of separation).
 
3.  Does the vendor follows secure development principles?
 
A truly secure cloud platform is built for security through and through. That means security starts from “ground zero” – the design phase of the application as well as the platform. It simply isn’t enough to operate your system with a security-centric mindset; you have to design your system using the same guiding principles, following an unbroken chain of secure procedures from conception in the lab to real-life implementation. This means that design reviews, development practices and quality assurance plans must be engineered using the same strict security guidelines you would use in a production data center.
 
4.  What are the vendor’s security certifications, audits and compliance mandates?
 
There are many regulations in the market, but the two most important ones covering cloud security and data protection are PCI DSS and SAS 70 Type II mandates.
 
Consider vendors that follow the industry standard PCI DSS guidelines, developed and governed by the Payment Card Industry Security Standards Council. It is a set of requirements for enhancing payment account data security. While created for the credit card and banking industries, it is relevant for any sector, as the goal is keeping data safe and personally identifiable information protected. 
 
Another major control mechanism is the Statement on Auditing Standards No. 70 (SAS 70) Type II. SAS 70 compliance means a service provider has been through an in-depth audit of their control objectives and activities. 
 
In addition to these certifications, there are a couple of other associations and groups the vendor should acknowledge and use as guidance in prioritizing data security issues. They are the Open Web Application Security Project (OWASP), which has a top ten list outlining the most dangerous current Web application security flaws along with the effective methods of dealing with them. And the Cloud Security Alliance (CSA), an industry group that advises best practices for data security in the cloud. 
 
In addition to third-party compliance, the cloud vendor should be engaging in their own annual security audits. Your vendor should have scheduled audits and include penetration tests using an independent third-party audit provider to evaluate the quality of the security provided with your cloud vendor. Although the PCI version 1.2 specifications only mandate annual security audits, find a vendor that goes above and beyond. There are vendors that perform quarterly audits, four times what is considered typical industry specifications.
 
5.  How does your vendor detect a compromise or intrusion?
 
Attempts by hackers to breach data security measures are becoming the norm in today’s high-tech computing environment. Whether you maintain your infrastructure and data on premise or in the cloud, the issues of securing your data are the same.
 
Your cloud vendor should include strong mechanisms for both intrusion prevention, or keeping your data safe from attack or a breach; and intrusion detection, which is the ability to monitor and know what’s happening with your data and if or when an intrusion happens. The vendor should be able to monitor, measure and react to any potential breach, particularly the ability to monitor access to its systems and detect any unauthorized changes to systems, policies or configuration files. 
 
Also, what does your vendor do when things go wrong and is that communicated to you? A good Service Level Agreement (SLA) would have an intrusion notification clause built-in. A great SLA provides some transparency into the vendor’s operations in the areas of audits and compliances, and how those processes are comparable to your own requirements.
 
6.  What are their disaster recovery plans and how does data security figure into those plans?
 
Your vendor’s security story needs to include their business continuity plan. First of all, they need to have a failover system or back-up data center. They should also be able to convincingly demonstrate to you that they can execute their backup plan. Many of the biggest cloud computing outages in recent memory were the result of a failure of disaster recovery processes.
 
Secondly, this secondary datacenter must have all of the same security processes and procedures applied to it as the primary one. It’s no good to have a second system in place, if you cannot operate securely in that environment.
 
Finally, if there were some sort of impending disaster, they need to notify you in advance. Keep in mind that you may not always know where your data is physically located, so the onus of reporting is on your provider.
 
 
Your vendor’s plan for securing your data should be a like a well-choreographed dance with a strong beginning, middle and end. Their system needs to be protected at the network and application layers and begin with the development process. Access control policies should span the entire operation. The vendor needs to have a coherent plan that protects data at all times, whether in motion or at rest. They need to include robust compliance, auditing and reporting processes, to ensure the integrity of the overall security scheme. And, your vendor should have robust disaster recovery procedures in place, and be able to show you that they are capable of executing them. 
 
While cloud computing brings many benefits, all clouds are not created equal. Make sure your vendor provides the security you need to confidently move your data to the cloud. 

Cloud Computing: Google Chrome Web Store Expands to Nearly 3,000 Apps

By Clint Boulton

Google's Chrome Web Store won't be mistaken for Apple's App Store, which sports 300,000 applications. But the store, geared to provide Web-based software programs for notebooks based on Google's Chrome Operating System later this year, has grown from just 500 applications in December to nearly 3,000 applications through February. Users simply click a button, and the Web applications install in seconds. But that's not the best part.

The even better deal for consumers is that the majority of them are absolutely free. Some Chrome applications developers are enjoying their run with the Web Store as well.

LucidChart, which helps users draw flowcharts, mockups, mind maps and more, said some 30,000 users have installed LucidChart, making it both one of the top-paid and highest-rated applications in the Web Store.

This eWEEK slide show runs through a quick list of our Top 10 favorite Chrome Web Store applications.

More here

Apple on cloud-computing spree: North Carolina data center starts this spring

By Carl Bagh

http://img.ibtimes.com/www/data/images/middle/2010/11/10/51815-apple-to-launch-iad-in-japan-in-early-2011.jpgApple's ambitions to boost its cloud-computing prowess got a significant push as its $1 billion data center in North Carolina approaches its opening date this spring.

AppleInsider which was present at Apple's annual shareholders meeting reported that the North Carolina data center will be Apple's second data center. The new data center is five times the size of its existing data center in Newark. The North Carolina facility measures 500,000 square feet compared to Newark's 107,000 square feet.

Apple on cloud-computing spree: North Carolina data center starts this spring

Apple has released new update of iTunes (iTunes 10.1.2). Apple said iTunes 10.1.2 provides a number of important stability and performance improvements.

Gigaom reported that Apple COO Tim Cook confirmed that the North Carolina data center is intended to support its MobileMe and iTunes.

Earlier this month WSJ had reported that Apple is exploring a major revamp of its cloud storage offering MobileMe. The report suggested that Apple could make its MobileMe service free which could serve as a locker for multimedia files. Currently, MobileMe service has an annual subscription fee of $99.

North Carolina data center could also be integral to reported shift in Apple's strategy to offer a cheaper iPhone. Apple can offer a cheaper iPhone without sacrificing the computing power and storage by moving these elements to the cloud.

Since Tim Cook mentioned that the new data center will support iTunes, it has raised up the possibility that Apple could offer iTunes streaming subscription service. Apple offers streaming content service for its Apple TV currently. Expansion in its data center capacity can certainly augur such possibility.

Apple's competitors -- Google and Microsoft -- are ahead in the game, as they have leveraged on vast data centers to offer applications in the cloud. In fact, companies like Amazon have created new business models around their data centers like its cloud-based compute power service Amazon EC2.

Cloud-computing and Smartphones:

The potential locked in a smartphone can be exploited further through cloud-computing. Questions arise as to how a rich array of complex features like touch screen capabilities, voice recognition features, synchronization of documents and contacts and adoption of augmented reality applications can be handled with the limited processing power, or gaps in internal memory, battery life and screen's real-estate in a palm-held device. Essentially, these result in a mismatch between the magnitude of features offered and the availability of limited support systems that run these features.

The capacity of a smartphone has increased through cloud-computing. Running applications remotely allows smartphones to use the power installed in a data center and removes the limitations of the processing-power, memory, and battery-life in a hand-held physical device.

The premise behind the cloud is that the applications reside remotely and are processed remotely over the cloud using the processing abilities of the data center rather than the smartphone. This allows the smartphone makers to assign more complex tasks to the cloud while adding other value-added features to the device. Based on this model, smartphones will continue to evolve and become more powerful devices as the processing and storage features continue to migrate to the cloud.

Apple's Cloud Strategy:

While Apple's cloud strategy currently seems to be focused on leveraging on storage and streaming content, building data centers will allow Apple the flexibility to tap into resources, to augment its product features gradually.

Apple can also use cloud to lock customers in its fold and to migrate users to high-margin products. By using iTunes for management of data on Apple devices, users get accustomed to Apple's walled-garden environment. It offers the option of accessing information on iTunes through multiple access points or devices, thus, making migration of users to devices like iPad and Mac OS X devices like MacBook Pro easier.

Read more: http://www.ibtimes.com/articles/115838/20110224/apple-data-center-north-carolina-1-billion-itunes-mobileme-cheaper-iphone-ipad-mac-os-x-macbook-pro.htm#ixzz1Eswm487w

On a cloud with HP

THESE DAYS, people are used to getting information instantly, and this has led to more and more businesses adopting cloud computing in order to keep up with the increasing expectations of customers. One of the major players in developing cloud services for businesses is HP, which has created several platforms and products in order to help "harness the power of the cloud", says Chong Fook Hing (right, top), HP’s sales director for enterprise servers, storage and networking.

"Today, people expect instant results," he explains, "so companies must adapt. They have to become more dynamic, with a faster response time (on the internet).

"Look at the example of a no-frills airline. They need to respond quickly to factors such as the rise of global oil prices, and their online booking system needs to reflect the increase in fuel surcharges.
"By going on the cloud, they can make changes to their website immediately."
HP refers to these companies as Instant-On Enterprises.
On the cloud-computing platform (far right), companies require IT environments that are flexible, automated and able to quickly adjust to changing demands.
However, while the benefits of going on the cloud system are numerous, there are concerns regarding security, availability and ease-of-integration.
"Businesses are expecting more and more, so we need the cloud to help broker and build a hybrid delivery service environment," says Chong.
In a hybrid cloud system, data is handled both on and off premises, with business owners being able to dictate their exact requirements for the service.
To better help potential customers understand how they can build their own hybrid cloud system, HP has organised the HP Cloud Discovery Workshop, aimed at informing customers of the various capabilities of a cloud and decide which applications best suit their business.
Kok Ee Mann (above), director, technology consulting, HP Technology Services, explains: "The workshop is a vital first step to help companies decide what they need. There, our experts offer consulting services to plan, design and implement the cloud, based on our customers’ requirements."
HP also offers many different products and platforms to help customers build their eventual cloud.
"For example, we have something called HP CloudStart," says Kok. "Like its name indicates, it helps build a cloud in 30 days. The companies that are best targets for going on the cloud system would be large corporations and government departments, who deal with huge flows of data daily."
While most end-users might not immediately recognise the effects of a cloud computing system, both Chong and Kok say that should be the ideal situation.
"What we want is a seamless integration of the system, so that the public doesn’t even notice the difference," says Chong. "What people will see is that the new system is more user-friendly and that it responds faster."
– Anansa Jacob

2011 Top 10 IaaS Cloud Predictions For I&O Leaders

IaaS is undoubtedly one of your top priorities, but will you craft a plan for success?

Many enterprises are headed toward a number of cloud pitfalls, such as misunderstanding the makeup, benefits, true users, and economics of cloud computing.

But those with the most cloud experience know best how to gain from it, know the value of infrastructure-as-a-service (IaaS) inside and outside their walls, and can empower their companies with this knowledge.

The Battle of the Cloud: A Winner is Still Up in the Air

This paper focuses on cloud document creating, sharing, and managing, specifically looking at Microsoft 365, Google Apps, and Basecamp.

As the cloud gains popularity, the IT industry should shift their focus to include more cloud-based applications in business workflows.

Application Infrastructure Strategies Affirm A Need For Greater Flexibility

Application Infrastructure Strategies Affirm A Need For Greater Flexibility

Cloud Orchestration Models

Cloud Orchestration Models

You can now order the Dell & Ubuntu cloud starter pack

Build Your Private Cloud — With Confidence

When you’re building a private cloud, you need to be assured that your software and hardware components will work well together and they are backed by expert service and support. You also want the assurance that you will be able to protect the security and privacy of information in your cloud.

You get all these with Ubuntu® Enterprise Cloud (UEC) on Dell Servers, Standard Edition (SE), from Canonical® and Dell. This solution delivers an infrastructure-as-a-service (IaaS) developer cloud that leverages UEC, powered by Eucalyptus, on Dell hardware.

Perfect for testing and development, UEC on Dell Servers, SE, gives you a quick and easy way to get your private cloud up and running. With the unrivaled combination of Dell PowerEdge™ C servers, Canonical’s UEC, a detailed implementation guide and unmatched support, you’ll be able to test the IaaS concept in an easy-to-deploy environment.

Once you set up the SE of UEC on Dell Servers, you’ll be able to deploy workloads, get them running immediately and grow or shrink computing capacity to meet the needs of your application.

Realize Compelling Benefits

UEC on Dell Servers, SE, delivers the advantages of open source software in a ready-to-use cloud solution that is fully supported by Dell on the hardware side and Canonical on the software side.

UEC on Dell Servers, SE, enables your organization to:
      Install with confidence. A predefined and tested architecture helps you set up your private cloud right way, the first time. We've taken the guesswork out of installing UEC on Dell PowerEdge C servers, so that you get your cloud up and running without tedious reworking. Reduce provisioning hassles. With UEC on Dell Servers, your users can define the virtual machines they need and you can deliver services in a matter of seconds. These capabilities reduce provisioning costs and increase user satisfaction. Limit your risks. With public cloud solutions, your data security relies on your cloud hosting provider. Putting a cloud inside your firewall helps to keep your information protected by your existing security infrastructure. Enable a hybrid cloud solution. UEC on Dell Servers is designed to be compatible with Amazon Elastic Compute Cloud (Amazon EC2®). This gives you the option of starting with a private cloud solution and then expanding your environment to incorporate public cloud services for certain functions.
more here

Desktop as a Service at Rackspace

The offering at Rackspace is provided by Desktone.

www.desktone.com

They offer desktops with RDP and for more money with RGS.

Another desktop as a service solution is provided by www.tucloud.com using technology from Kaviza.

Google Apps boss says cloud computing is your destiny

'Everybody' will move to the heavens

Interview It was a Google ad. But not the kind you've come to expect. Last month, inside The Economist, a magazine in the old fashioned, physical sense of the word, Google ran a four-page ad touting its own Google Apps suite, that all-web-all-the-time challenger to Microsoft Office. "Each day, over 3,000 businesses go Google," the ad read, hailing the more than three million outfits who have adopted the suite since its debut in 2007, and listing more than a dozen by name.
"We believe that 100% web is the future of the cloud computing model, and brings substantial benefits for companies that no other IT model can provide in terms of simplicity, cost, security, flexibility, and pace of innovation," read a signed missive from David Girouard, the president of Google's Enterprise business. That "100% web is the future of cloud computing" bit isn't quite the tautology it might seem. It's a swipe at Microsoft's new Office, which famously straddles desktop and web.
Google's empire is built on web advertising. In 2010, ninety-six per cent of its $29bn in revenue came from online ads. But Google Apps is different. Google sells subscriptions to enterprises, applying its web know-how to a market traditionally controlled by a very different kind of software company. And it's actually using print ads – not to mention billboards – in an effort to shove its way past likes of Microsoft and IBM.
Mountain View has purchased print ads trumpeting the Google Apps suite in other magazines, on other occasions, but the Economist ad – all four pages of it – is part of a renewed push. In November, Google actually sued the US Department of the Interior, claiming the government agency didn't give Google a fair chance to win the $49.3 million contract it awarded to Microsoft Office. And last month, it removed a clause from the Google Apps terms of service that allowed for scheduled downtime – an unprecedented move meant to show that the suite is more reliable than the traditional competition.
In a recent interview with The Register, David Girouard acknowledged that the company has turned up the volume of late. "It's not that we haven't been promoting [Google Apps] all along," he said. "But we also have been cognizant that the product needed to mature. We've been in the market with our cloud apps for almost four years now, and the products are maturing and getting better, and I think that over the course of 2010, we got the confidence that these products really worked.
"Our renewal rates were extraordinarily high, and our customer satisfaction went up. You don't want to turn on too much of the gas, too much of the messaging, until you're really confident. Through the course of 2010, we really got it there."
He admitted the suite still has its flaws. He gave his own company a "B" on customer support, for instance, and he acknowledged there's an interface "trade-off" when you switch from a traditional desktop suite, meaning the interface can't quite match what you get from a local app. But he argued there are many areas where Google Apps is superior to the competition, citing not only limited downtime but security, and in an echo of that Economist ad, he was quick to point out that the suite is already in wide use.
"A lot of the world doesn't appreciate that this stuff is here for real," he said. "We're trying to make sure people see that the cloud – these cloud applications – aren't conceptual things of the future. It's happening at a large scale."
 David Girouard, president of Google's Enterprise businessDavid Girouard
How large? He wouldn't exactly say. According to that ad, 3,000 business are moving to the suite each day, and over three million have moved since its debut in 2007. But it's unclear how much revenue Google is generating from subscriptions. All we know is that it's under $1bn a year, less than four per cent of the company's overall revenue. The aim, however, is to create a multi-billion-dollar business – in the near term. "Not a decade from now," Girouard said, "but within a few years."
Eventually, he said, "everybody" will adopt so-called cloud applications – though this will require a sea change in the way many view the web. "You have to build confidence over time," Girouard said. "The reality is that everybody will be doing it. It's like using a telephone. You don't think twice about using a telephone for business purposes now, but it used to be considered strange."

more here from the source theregister.co.uk

White House CIO Vivek Kundra on Cloud

At this weeks RSA conference at the Cloud Security Alliance seminar, Vivek Kundra said he is all in and expecting to save big.

Here’s the paper that his office has published on the subject:

Designing Secure Multi-Tenancy into Virtualized Data Centers - A Cisco / VmWare / NetApp White Paper

Designing Secure Multi-Tenancy into Virtualized Data Centers - A Cisco / VmWare / NetApp White Paper

Use Cases and Functional Requirements for Inter-Cloud Computing

A Good reference here:


RSA pushes single sign-on into the clouds

Just the one dear

By John Leyden


RSA has launched a set of services designed to foster trust between business and cloud service providers.

Cloud Trust Authority from the security division of EMC is designed to tap into the growing market for cloud computing with a roster of technologies and services, the first of which is an Identity Service. Partially based on VMWare's virtualisation tech, the service will allow businesses to "secure user access and user provisioning to multiple cloud providers via federated single sign-on and directory synchronisation".

Single Sign-On offers the benefits of minimising password management headaches for firms. RSA has taken this idea and applied it to cloud services, such as email. Secure logins to these services will be facilitated via RSA SecurID technology in much the same way as the technology has long been applied to remote access.

A second service, Compliance Profiling Service, will allow businesses to benchmark whether cloud service providers are meeting industry best practice, as defined by industry organisations such as the Cloud Security Alliance.

The two services are collectively designed to give businesses greater confidence in running key enterprise services from the cloud, while giving service providers the opportunity to deliver applications that might otherwise be kept in-house due to either security or compliance concerns.

A beta of RSA Cloud Trust Authority, including both the Identity and Compliance services, will be available in the second half of 2011.

RSA's announcement of the services was one of a slew of announcements of cloud security products and services made at the RSA Conference in San Francisco this week.

For example, IBM launched an intrusion prevention appliance rated to work at 20Gbps. The GX7800 is aimed at cloud service providers as well as enterprises. Meanwhile, Symantec said it is making greater use of cloud-based reputation technology in Symantec Endpoint Protection 12, the latest edition of its security client for corporate desktops.

Using cloud-based community intelligence to whitelist known benign apps can reduce the performance overhead of anti-virus scanning by as much as 70 per cent, the security giant claims.

via http://www.theregister.co.uk/2011/02/16/rsa_cloud_security_push/

NIST Tackles Security Concerns on the Cloud

Study includes recommendations for securely configuring and using full computing virtualization technologies.

By Peter Alpern


By almost any measure, cloud computing is a marketing triumph. Software as a service off the Internet "cloud" was once initially merely a promise of the future. Today in the infinite present, it's the ceaseless rage.

But, more than other industries, questions abound as to whether the cloud has a fit in the industrial world.

Many large-scale manufacturers are intrigued by the concept of using virtualized servers within the plant, yet use is still in its infancy. Even more unclear are questions concerning security.

On this front, the National Institute of Standards and Technology hopes to bring more clarity. Recently, the technology organization set out to definitively lay out clear security requirements for web-based computing applications and services.

U.S. chief information officer Vivek Kundra tasked NIST with speeding up the process of forming security guidelines for federal adoption of the cloud. Kundra has been among the nation's most vocal proponents of wiring federal agencies into the cloud.

NIST laid out a series of proposals in its "Guidelines on Security and Privacy in Public Cloud Computing," which highlights security and privacy challenges related to public cloud computing as well as what steps an organization should take when it begins its migration.

Though the suggestions are focused on public adoption, they reveal significant obstacles that remain for private clouds as well.

More here

Skytap Adds Secure Connections For Hybrid Cloud Computing

By Charles Babcock

Skytap, a supplier of self-service cloud systems, is offering secure, two-way networking between an enterprise data center and a Skytap data center as a way to implement hybrid cloud computing.

The Skytap Hbyrid Cloud announced Feb. 14 gives IT developers or administrators a point-and-click interface for setting IPsec VPN connections between their data center and a virtual data center that they build in a Skytap cloud processing center. The connection may be allowed to connect to various subnetworks at the destination, or be prohibited from touching certain subnets. Role-based privileges can be assigned to users.

At the same time developers or administrators may create via self service a virtual private data center of multiple virtual machines in the cloud. A user is given a search box with which to seek software components. He might, for example, ask for Linux-based virtual machines with four CPUs and four gigabytes of RAM. One might be designated to run Oracle 11g and be tied to another over a secure network connection. Certain insecure virtual machine configurations would be specifically prohibited from connecting to the database system.

The server templates provided by Skytap now have secure network connections built for operation between public and private facilities.

The goal, Sundar Raghavan, chief marketing officer, said in an interview, is to produce a hybrid cloud operation between two data centers in which IT management can have confidence. "We have taken the time to figure out how to make the process as simple and seamless as possible," Raghavan said.

Skytap previously offered infrastructure as a service from its own publicly accessible data centers, along with a self-provisioning system for private clouds in enterprise data centers. It's trying to tie the two together by allowing self-provisioning inside its public data centers, making virtual servers there an extension of its customer's own data center.

The management console it supplies can also be used to manage virtual machines in Amazon Web Services' EC2 and Google’' App Engine as well as Skytap's own data center.

Skytap supports virtual machines created under VMware's ESX Server or Citrix Systems' XenServer. It has said previously that it plans to add Microsoft's Hyper-V, but no reference to Hyper-V was included in the Feb. 14 announcement.

Skytap claims 125 customers, with 25 added in the previous quarter. Some 40% of its customers use its self-provisioning system for development and testing; 25% use it for training users on complex software applications, giving each trainee his own virtual machine; and the remainder use it for IT operations and new product demonstrations by sales teams.

The Skytap Hybrid Cloud will become part of Skytap’s core system, which includes Skytap Virtual Private Cloud. The self-provisioning system also provides for hourly billing and charge-back, based on number and sized of server resources created.

An example of a Skytap monthly subscription allows 20-25 users using 20-25 virtual servers to compute for 1,000 hours or enough usage "to meet business needs" for $1,000 per month. A subscriptions for fewer users starts at $500 a month.

Skytap is a startup that was spun out of the University of Washington’s computer science department in Seattle in 2006. In January, it received $10 million in a C series funding from a new venture partner, Open View Partners, and previous participating venture capital firms Ignition Partners, Madrona Venture Group, and the Washington Research Foundation.

source: InformationWeek

TCS targets $1 billion revenue from cloud computing services

NEW DELHI: IT major Tata Consultancy Services (TCS) today commercially launched cloud computing services and said they could generate $1 billion in revenue over five years from the small and medium business segment.

Cloud computing helps users get access to hardware and software from companies like TCS on pay-per-use basis, without having to set up their own IT infrastructure.

"We have been running pilot of our cloud computing services since last one year. Today we announce to launch it commercially. These services have been built by SMBs for SMBs," said TCS MD and CEO N Chandrasekaran.

"The contribution of SMB segment in our revenue is negligible but in next five years time we expect to garner USD 1 billion from this segment by help of these services," he added.

TCS has observed that worldwide spending of SMBs on information and communication technology has been growing at three times the pace compared to large companies.

As per a TCS study, Indian SMBs spent USD 11.9 billion in 2010 on IT and it is expected to grow to USD 48.5 billion by 2015.

Chandrasekaran said TCS has designed these services based on the feedback of Indian SMBs.

TCS had been running pilots of cloud computing services for one year with 130 clients. These clients have now turned in to commercial cloud computing user of TCS.

TCS will provide everything to its customers right from the level of hardware, software and even network solution, which will include devices and services for enabling connectivity of its customers with cloud platform.

"Our customer will not have to invest any money separately for any hardware or software. We will provide end-to-end solution," Chandrasekaran said.

The services will be offered on pay-per-use model. Chandrsekaran said that the final price of offering will evolve period of time and will depend on the requirement of the client.

One Cloud Fits All

The mobile communications industry is likely be the chief beneficiary of cloud technology

Information is being democratized like never before thanks to cloud computing, and the advantages for businesses and consumers alike of accessing it through their phones are seemingly endless.

Today's smartphone users can perform a bewildering array of tasks using applications downloaded to their handset from an online store. Whether they want to manage their personal finances, count calories or view details of houses for sale in their local area, "there's an app for that," to borrow from Apple Inc.'s iPhone marketing slogan. Once installed, these so-called "native" applications are able to take advantage of the powerful processors and abundant memory contained in devices such as the iPhone, Blackberry or handset running Google Inc.'s Android operating system.
But these downloadable, native applications may soon face stiff competition from a daunting new class of rival—applications residing in the mobile cloud. Instead of purchasing individual applications and downloading them to their phones, users will have the option to access applications via their handset's Web browser, from a cloud-based location, where the data involved is processed and stored on a system hosted by a third-party provider.
John Weber
There are several reasons why they might wish to do so. For a start, smartphones are notoriously hungry for battery power and native applications sap their energies quickly. Cloud-based mobile applications, by contrast, are not limited to the battery life offered by the handheld device, or its storage capacity or processing abilities. Instead, they have all the power of a server-based computing infrastructure behind them.
That means that not only do they use fewer handset resources, but they can also perform a wider range of richer functions. As a result, predicts Mark Beccue, an analyst with IT market-research company ABI Research, "cloud computing will bring unprecedented sophistication to mobile applications."
But more importantly still, mobile applications in the cloud can be accessed not just by the latest smartphones, but by any phone capable of running a Web browser. This will allow owners of lower-cost phones to tap into the same applications that, right now, are confined to more advanced handsets.
These are early days for mobile cloud applications, although a few are already well known. Google's Gmail and Google Voice for iPhone, for example, can both be launched via iPhone home-screen shortcuts and appear to behave like a native application. The difference is that all the processing power is going on at the back end, on Google's own systems.
But many industry watchers are predicting that the number of mobile-phone users accessing applications via the cloud is set to grow exponentially. Mr. Beccue, for example, predicts that their ranks will swell from some 42.8 million subscribers in 2008 (or approximately 1.1% of all mobile subscribers) to almost 1 billion in 2014 (or almost 19%).
In the process, he says, these kinds of applications will surpass their downloadable, native equivalents in popularity (see chart). "By 2014, mobile cloud computing will become the leading mobile application development and deployment strategy, displacing today's native and downloadable mobile applications," he says.
This could be great news for application developers who, today, are forced to write a different version of an application for every mobile phone platform on which they want it to run, says Chris Hazelton, an analyst with 451 Group, an IT market research company. "Over the next 12 months, we'll start to see companies building applications for mobile workers on cloud-based platforms that are capable of delivering those apps to any device," he predicts.
iPass
Evan Kaplan, chief executive of enterprise mobility specialist iPass
It's better news still for mobile- phone users, who will be able to use any device they choose to access the same functions and data, says Evan Kaplan, chief executive of enterprise mobility specialist iPass Inc. That's important, he says, because today's users carry a number of different devices, including laptops, smartphones, and increasingly, tablet computers such as the Apple iPad.
In 2010, Mr. Kaplan's company surveyed 1,200 mobile workers across Europe, the U.S. and Asia-Pacific, and found that 97% carried two mobile devices and 50% carried three devices when they were travelling on business. In many cases, that is because each device represents their only access point to a particular application. When they can start to access a mobile application that resides in a central location in the cloud by their choice of device, he says, everything changes.
"It's not the device that matters, it's the person using it: One person, with one account, on many devices," he says. "No matter what people have in their briefcase, pocket or purse, they want to be treated as one person, and this is where we see the real impact of cloud computing—platform independence."
Mobile cloud is good news, too, for companies that want to equip employees in the field with access to the applications they need to do their jobs. Corporate IT teams won't need to develop, host or manage these systems, or the server computers that run them. Instead, they will be able to rent them on a scalable, pay-per-use basis from third-party providers.
"For chief investment officers, that means buying into a pre-existing service that can be up and running very quickly, rather than going to all the effort involved in provisioning the systems and software they need to service mobile workers," says Rupert Chapman, a cloud specialist at management consulting firm PA Consulting.
Plus, mobile workers will be able to use the devices they personally prefer to work with—a trend often referred to as the "consumerization" of corporate IT—with no risk to corporate data if that device is lost or stolen, because it is held and controlled centrally, says Rikke Helms, managing director of EMEA at mobile applications vendor Antenna Software Inc. "When a corporate user upgrades to a new handset, they will simply log into those services from their new device in order to resume activities," she explains.
[MOBILE]
It's an interesting proposition for Peter Ransom, chief investment officer at development charity Oxfam. Many of the organization's staff work in locations in Africa and Asia where conditions are harsh, mature computing infrastructures often nonexistent, but mobile coverage is, in relative terms, good.
"So we're looking to see what more we could potentially do with mobile phones for accessing applications relating to health care, disaster relief logistics and so on," he says. "Today, the usability of even simpler applications on a mobile device is pretty limited, and network coverage is still a challenge, so substantial investment would be needed, but we're keeping a watching brief on mobile cloud."
Much needs to happen, however, before the mobile cloud can reach its true potential. Mobile network operators are already scrambling to accommodate burgeoning volumes of data traffic alongside traditional voice and text communications.

MOBILE_Rigaldo
Orange Business Services
Alex Rigaldo, head of cloud services at Orange Business Services
Considerable investment will be needed, says Alex Rigaldo, head of cloud services at Orange Business Services. "Data has already had a massive impact on our network—volumes more than doubled between 2008 and 2009," he says. Mr. Rigaldo estimates that there are around 400 million smartphones in use in the world today, and that these are already using more capacity than the 6 billion standard mobile phones already in use.
That shift in traffic types is already being reflected in changes to data tariffs among operators. At the same time, many are positioning themselves as mobile cloud providers to their enterprise customers, offering to host and manage mobile cloud applications on their behalf.
"If you want a provider that really understands the importance of data availability and data security for mobile workers, then your mobile network provider is the best place to start," says Mr. Rigaldo.
Regardless of who hosts mobile applications, however, the pressure from users—both consumers and mobile employees—is seemingly relentless. With mobile phones set to overtake PCs as the most common Web access device world-wide by 2013, according to analysts at IT research firm Gartner Inc., the world of mobile cloud applications looks ready to explode.

Ms. Twentyman is a writer based in London. She can be reached at reports@wsj.com.

via http://online.wsj.com/article/SB10001424052748704739504576067900865394550.html

Perspectives on Cloud Computing for Enterprises

Cloud computing cannot solve every information and communications technology need, but it offers benefits to enterprises that have a practical understanding of its risks and how to manage those risks. The benefits of cloud computing done right include: * Easier, quicker and cheaper implementations;
* Faster transitions to new technology (due to shorter time-to-launch);
* Lower total usage costs when the right pricing tiers are selected (because the customer does not have to buy and deploy infrastructure to cover peak demand and expected growth);
* Improved resource elasticity and scalability, which allows customers to scale up or dial down services quickly in response to changes in business demand;
* Improved availability of enterprise applications like unified communications and collaboration services to mobile/remote workers;
* More efficient and effective management of technology resources by vendors with specialized skills; and
* Fewer technology management, maintenance and upgrade headaches (freeing internal IT teams to focus on more strategic initiatives).

Just What is Cloud Computing?
The definition of cloud computing is hazy, in part because many traditional IT vendors are positioning their products in the cloud. To qualify as cloud computing, a service should be:
* Hosted and managed by the vendor at its (or its supplier’s) facilities;
* Made available to customers remotely via an IP-based network (such as the Internet);
* Designed on a shared services/multi-tenant platform;
* Designed to provision resources dynamically and quickly in response to service requests submitted directly by users via automated, online tools;
* Set up to monitor and report usage in near real time; and
* Priced on a subscription basis where actual monitored usage is the dominant pricing variable.
Defining cloud computing is not just an academic exercise. Many of its benefits are available only when all of the characteristics listed above are present. There are three cloud computing service delivery models.
Software as a service ("SaaS")--end users access a standard vendor-developed and managed suite of software applications via a Web browser (e.g., Salesforce.com, WebEx, RightNow);
Platform as a service ("PaaS")--customer application specialists and programmers use a preconfigured computing platform to build and run custom applications within the cloud ecosystem (e.g., Force.com, Microsoft Azure); and
Infrastructure as a service ("IaaS")--customer network engineers obtain commoditized computing resources from the cloud in a manner that allows the customer to install, configure and run customer-provided software applications on the vendor’s infrastructure (e.g., Verizon CaaS, AT&T Synaptic Services, Amazon Web Services, RackSpace, GoGrid).
When enterprises decide to purchase cloud computing services, they face many business, legal and technical challenges. Some of these are common to other technology transactions, but several take on heightened significance in a cloud environment.
Standards
Investments in cloud computing have to be as future-proof as the IT world permits. To do that, enterprise buyers need to minimize dependence on proprietary vendor technology and buy services and systems that are open-standards-based, will operate with other systems they may adopt in the future, and will grow (in capacity and complexity) with the customer's needs. When possible, customers should avoid investing in an extensive set of application program interfaces ("APIs") for critical systems that work with only one cloud vendor's services--that strangles flexibility by tying the customer to a specific vendor.

Performance
From a customer’s perspective, solid service-level guarantees ("SLAs") are essential. Depending on the type of cloud service, key SLAs include those addressing:
* system availability/uptime;
* configuration change timeliness (including availability of newly ordered resources)--particularly for IaaS;
* application response time and transaction throughput--for SaaS;
* management portal/tools availability/uptime;
* incident response and problem-resolution times;
* service desk performance--particularly for end user adoption and satisfaction for SaaS;
* back up data success rate, and data restoration times where the vendor will host the customer’s production data; and
* customer satisfaction (and its importance increases as the deployment in the enterprise widens).
Meaningful SLAs should trigger material service credits when the vendor misses its performance thresholds. And the customer should not have to ask for credits--the vendor should proactively monitor its performance and automatically issue SLA credits when due. Solid SLAs can also be undermined by overly broad exclusions, including procedural hurdles and liability limits hidden in the fine print.
SLA best practices include escalating credits based on the severity, duration and frequency of service failures, and processes like the following to limit the recurrence of service level failures:
* requiring the vendor to conduct a root-cause analysis of service problems and to implement a corrective action plan at no additional cost to the customer;
* requiring the vendor to escalate chronic or critical service-level problems to its own and the customer’s senior management; and
* giving the customer the right to terminate the agreement for cause (or shorten the term) when performance failures reach defined levels.
Security
For good reason, security is often cited as the primary concern for customers considering cloud computing. The vendor’s security management approach and tools should be evaluated closely. Security vulnerabilities in the cloud can be the result of design defects, poor patch/update management, ineffectual authentication controls, storing and/or transmitting sensitive data without encryption, and inadequate procedures for security incident monitoring, reporting and mitigation.
When evaluating security, consider:
(1) how the vendor addressed security in its design; (2) customer references;
(3) the vendor’s track record;
(4) the vendor's physical and logical security practices, processes and management approaches;
(5) the vendor’s commitment to continuously improve security; and
(6) the vendor's compliance (validated by independent third party audits) with recognized information security standards. Negotiate the right to conduct periodic security assessments and to assign responsibility for security incident detection, reporting, response and mitigation, and include a defined path for management escalation of unresolved security problems.

It is also important to be practical. Demanding levels of security that are not justified by actual risks or that far exceed the customer's own internal capabilities will get you little and lead to poor decisions. Data Governance
If the vendor will handle enterprise data, it should also demonstrate its data protection, disaster recovery and business continuity capabilities. The service agreement must clearly describe the vendor's obligations to protect the customer's data during its entire lifecycle, and the vendor should be liable for failure to do so. Contract clauses that support mature data governance include provisions that:
* Obligate the vendor to comply with the customer's vendor-facing privacy policies;
* State that the customer owns its data, has access to that data at its discretion, and will receive the data upon the expiration or termination of the agreement in a usable/standard format and medium;
* Identify the vendor's data extraction tools, and include the customer's use of them as part of the base scope of services;
* Describe the parties' responsibilities and liabilities for recovering lost or corrupted data;
* Define the countries where the vendor may (or may not) send or house the customer's data; and
* Require the cloud vendor to encrypt sensitive application data while in transit and at rest.

Technical, legal, and business issues face enterprises that want to use public cloud computing. Those that want to enjoy the cloud's benefits with minimum risk address provider lock in, service performance, security and privacy risks by selecting the appropriate service delivery model for each use case and negotiating service agreements (with capable providers) that get them the protections they need.
Joaquin Gamboa (jgamboa@lb3law.com) and Marc Lindsey (mlindsey@lb3law.com) are partners in the law firm of Levine, Blaszak, Block & Boothby, LLP. Joaquin will lead a session on Managed/Hosted UC at Enterprise Connect on Monday, February 28.

via http://www.nojitter.com/feature/229218628?pgno=2

Build Your Cloud:

Simple. Cost Effective. Open Source. Software that transforms your datacenter into a cloud at lightning speed.

Cloud.com CloudStack is an open source software product that enables the deployment, management, and configuration of multi-tier and multi-tenant infrastructure cloud services by enterprises and service providers. Start empowering your users to become more agile and efficient in how they consume IT resources.

A Free trial Here