The web new sites and blogoshpere are full of it, the “titanic” battle between Microsoft and Google for the business Cloud. Google have recently ticked a security box by becoming FISMA approved for their Google Apps suite, but have struggled to meet timelines for implementation and adoption in LA. Microsoft are banging the BPOS / MOS drum pretty loud and ensure us that they are “All in” the Cloud but they seem to have some gaps in their product set and overall delivery strategy. It’s interesting times.

One of the really interesting things is the positioning of Microsoft’s Office Web App suite. This suite brings versions of Word, Excel, PowerPoint and OneNote to the web for general consumption, for free, by anyone who signs up for a SkyDrive account. And it’s pretty good too! I use a lot of Live stuff, including SkyDrive, Sync, Messenger and the web versions of the products are perfectly adequate for the majority of the work most people will need to do. This then, should be the answer to the Google Apps surely? Microsoft have the Office brand to leverage and can pitch Web Apps as the perfect business answer along with BPOS for those wanting to move their investment away from on-site IT real estate and onto “Cloud” services.

The answer of course is no. Of course any individual can sign up to SkyDrive and get Office Web Apps for free, but which corporate IT manager is going to adopt that model. Use of Office Web Apps by a Business requires that the business has already licensed Office 2010 through a volume licensing agreement and then it’s only available as an installation into an internal SharePoint system.

So where does this leave businesses who’s IT spending does not warrant having a Volume Licence Agreement in place? Well simply it leaves them either buying Office 2010 for local installation, not upgrading, or moving to one of the other on-line services and there’s more than one. Google Apps is the nom-de-jour but another service worth a mention is ZOHO and this one is interesting in a couple of ways – it integrates with Google Apps and it supports links to SharePoint.

I like Microsoft Office, I really do, there are some applications in the suite which I simply can’t work properly without, but the idea that I HAVE to make a significant investment in local licensing of the suite the suite to get the benefits of the Webb Applications, only the have those then limited to being installed in-house, well I do wonder who’s being protected in all of this.

But with every issue, comes an opportunity. I wonder who will be the first hoster to market offering an Office Web App platform for Enterprise customers with Volume licensing in place.

As hosters it’s very easy to be mildly (or even agressively) paranoid. Historically everyone out there was trying to take your customers away from you and it was important that you provided everything that they, your customers, needed so that their eyes didn’t stray.

Today’s Internet / Web landscape is very different though. There are far more services available than any one hoster – even if you’re a Google – can effectively deliver and the key to keeping your customer happy is not to give them everything, but to give them access to it. The difference is slight but the effect is major.

Don't limit your customers or they may not be!

I was flitting around doing some research this week and twice I came across web-applications which allowed me to authenticate using 3rd party sources. Now I’m using the term ‘sources’ here for two reasons, firstly because it grammatically correct but secondly – and more importantly – because there were indeed multiple options to choose from on each occasion. Now it’d be easy to dismiss this as simply coincidence following the premise that “if you look for something hard enough, you will eventually find it” but I was simply pinging across my network of sites and interests and bang! there they were, two totally different environments and both using some of the same external authentication sources.

Well 3rd party authentication isn’t new of course, Microsoft had a good go at it with the Passport (now Live ID) and it was picked up by quite a few externals, but it now seems to be predominantly an MS exclusive authenticator – I used to use Passport to log into Expedia for example, but they dropped it in favour of a local system. But it now seems that other platforms are becoming de-rigueur for user identification and authentication purposes and I think it’s obvious why.

Take a system like Facebook – one of the options on both of my ‘hits’ – there’s a platform with millions of registered and highly active users, each knowing their account and password and are happy. Why then clutter up their lives with yet another user-name and password? As  a supplier of a different service – let’s say one which allows you to organise all of your travel plans and manage them in one place – why would you not enable your customers to use the Facebook authentication service? Your customers only have the one user-name and password to remember and that makes them happy and a happy user is more likely to not only stay, but recommend the service to all of the ‘freinds’ on Facebook! Plus you can then leverage that account information to deliver your service directly INTO their Facebook account. It’s win-win!

Microsoft’s Passport came too soon and was face-backwards in it’s approach. They said “Create a single authentication account and sites may let you use it to access their services” a solution waiting for a problem, action with no immediate reward. Of course Live as a brand is now delivering some pretty good services and my Live ID(s) get a daily thumping for sure, but twice now I’ve used my Facebook account to authenticate me as a user of services. Sure there are going to be those who throw their hand up in horror and shout about commercial organisations, security, data-sales and all of that guff but if you’re careful about what you put out there, I can’t see any real harm.

The bottom line? If you are bringing a service to market, don’t place requirements on your users (or potential users) which may put them off. The option to use Facebook, Google, Google Apps (yes there are two.. I don’t know why), or Live ID for authentication purposes may be the single tipping point which turns a <click – next> into a sale.

Two articles caught my eye over the last couple of days, for different reasons.

Cloud Is More Secure

Denis Martin wrote a very good article about how it is possible, using layered techniques, to build an enviroment using Cloud technologies which is more secure that would be possible in-house. Here’s the summary:

Cloud Is More Secure
— Cloud Infrastructure as a Service (IaaS) provides compelling cost and strategic benefits. These include scalability with reduced capital expenditure, more efficient use of IT resources, and the ability for an organization to focus on their enterprise’s core competency. Despite fears to the contrary, many well-established security technologies and procedures can be applied cloud computing and provide enterprise-class security. In many cases the cloud vendor may even provide better security in a virtualized environment than the individual enterprise can achieve in a purely physical architecture.[1]
The most effective security is a comprehensive, layered defense based on a framework. A cloud platform can leverage specialized tools to protect the integrity of virtual machines and Internet communications. Virtualization creates logical abstraction layers that allow for multi-tier security policies in order to provide true defense in depth. Enterprises with limited IT resources may not be able to afford the same security measures as a cloud provider and remain competitive. Deploying cloud-based IaaS represents an opportunity for the enterprise to build in security from the ground up.

Carbon Neutral On-line Service Provider

One of the ways I’ve been talking to hosters about how to position their On-live Services (“Cloud”) platforms is the reduction in energy costs to run a virtualised platform over physical ‘room heaters’ running at 5-10% capacity. Last week, CloudSigma announced that it was “Carbon neutral” as an organisation and was therefore offering the most environmentally friendly services available claiming that it’s “carbon neutral cloud services are the first of their kind in the industry.”

Of course running a datacenter isn’t the only aspect which consumed energy and leaves the dreaded ‘Carbon footprint’ but the independent organisation which evaluated CloudSigma, myclimate, have concluded that the organisations approach of “avoid, reduce and offset” has worked. OK, Switzerland does have one of the ‘greenest’ electricity supplies in the world available to it so they had a bit of a head-stert there, but it shows that this IS something to be taken seriously and it will become a factor in the decision =making processes of environmentally aware businesses and organisations.

It used to be the case that hosters and providers of online services provided their products in neatly defined buckets. They called them “Product options” but in reality it was simply a way of defining price points and keeping up with (or overtaking) the competition who were all doing the same thing.

With “Cloud” or online service consumption becoming more mainstream and business focused, this approach is now coming to be seen as a limitation to customer adoption. If someone needs a RAM heavy but CPU light environment, the chances are that the ‘bucket shops’ don’t offer such a beast, again in history this would have been a “bespoke build” and a premium charge would have been applied for the privilege.
Read the rest of this entry »