Cloud insanity – the Shills come out of the woodwork

oWhen people read my posts and comments on other great blogs regarding my opinions about rating and certifying cloud hosts, SAAS, PAAS, they sometimes think that I am 100% against cloud based soltuions. This is patently incorrect, as I routinely recommend hosted SAAS for project management, small business, budget constrained start ups, etc. What I do not recommend is that mid market businesses that have CLOB (capital line of business) applications, hosted on their own racks, or managed by a conventional, stable vendor, change to a cloud solution until the PAAS and SAAS providers get industry rating and certifications. The SNA shops knew this, and went through the in house/ hosted rating travail. The result? An industry in which any business owner can get insurance for business continuity disruption that is caused by IT systems failures. If you are a mid sized business with an internal server rack, distributed multisite architecture, or a hosted AS400 or new IBM architecture, you can insure your operations. You can insure any Redhat, Microsoft, BEA, Websphere, whatever installation, managed and rated SAS70, or hosted in your unairconditooned broom closet, but it will cost a little more. A nice underwriter will come to your place or your managed host’s place, and write a policy.

Can’t do this with the current cloud offerings. Doesn’t mean that cloud computing ain’t here to stay, but some folks take issue with me saying anything regarding the unrated and uninsured nature of the especially thinly capitalized PAAS solutions. Oy! But now, a shout out to a hero I have never met, Jane Mcarty,  – yeah! yeah! You go girl!

Jane actually puts her hands on web hosted apps, asks and applies proof of feature performance criteria in much the same way that any good CIO or upper level staffer would do with a licensed server application. Jane uncovers such simple and basic things that one says, “the PAAS vendor didn’t know that?, huh?”. Good on you, Jane.

It was on Jane’s stellar bog that I spotted a comment thread a few days old, where a shill for the cloud industry says, in so many words, that the time to question the cloud hosted apps is over, they are established and able to deliver, and that self styled analysts, like me, have NO BID-NESS asking what if the service goes down, whaaaaaa! Self hosted solutions go down. And then commenter Russell says one of the most amazingly naive things I have ever seen in print, maybe in my entire life”: See the actual thread here.

Commenter Russell on Jane Mcarty’s blog thread”

“Many of the PaaS providers are in business with deep pockets (Force and Quickbase), well funded by professional investors (Bungee Labs), running with established management teams (Quickbase), or conservatively managed with established customer bases (WorkXpress).”

Ok, where do I begin to refuse this insanity? How about the deadpool? No? Lets start with a quote from Tref Laplante,, a principal at, who says:

WorkXpress is committed to its customers and the quality of its product.  To this end it is a privately held, revenue generating company that to date has not received venture capital funding, and therefore is not under pressure to behave in ways that run counter to its mission of customers and product.” (emphasis mine).

You can see my context on this piece of Mr. LaPlante’s unassailable logic here. But, I digress. And I wish nothing but good for

On the one hand, we have Russell the unknown commenter saying that VC funded PAAS platforms are an assurance and a bulwark against the vicissitudes of having a mission critical platform beyond one’s ultimate control; Partnership disputes, forced sales by the limited partners,   and raids of the venture’s bank account by coked out CEO? Pay no attention to the man behind the curtain. Ok, got it. VC funded PAAS, though unaudited and closed to inspection, and with unknown capital reserves, is safe because is overseen by, (wait for it now) professional investors. Gawd.

On the other hand, we have a principal of a popular, (and in my opinion one of the better) PAAS shops saying that because they are NOT VC funded, they are more trustworthy, due to the fact that they are, so to speak, master baiters of their own hosted hooks and fly rods

In either case we have no idea how much runway the venture has as far as operating capital is concerned. In the case of the giants (Amazon, Intuit, Google, Gogrid, Rackspace ), when they go down, it doesn’t matter because then it is bad and you will merely get an apology and a small refund.

If your business lines are damaged, taking crucial cash flow out of your pocket, and goads the potential for civil liability (in cases of service critical business), then you are truly screwed doubly, as there are no lines of underwriting that will insure a PAAS solution for anything but the actual costs of the outage.

You people are wearing me out.


Reblog this post [with Zemanta]

The Strategist: Mitigating Cloud Computing Client Services Risk via Trusted, Blind API Brokers – Part IV


The Strategist: Mitigating Cloud Computing Client Services Risk via Trusted, Blind API Brokers – Part IV

The plain truth: There will be no cloud computing industry initiative where competitors will agree to ‘blind pool’, and backstop each other’s failures and outages.There may eventually be great open standards to move VMs and apps off of your cloud, but no set of commercial continuity services will ever hearken back to the days of centralized SNA shops with real plans, proven market capitalization, and legitimate durability. Rather, I would expect the next few years to look like this:

  • When a really big utility cloud (AWS / Google) goes down – you will get an apology and a paltry credit. The only consolation will be that it won’t happen often, and you will not be able to exceed their up time by running your own servers. The house usually wins.
  • When a moderately well financed cloud provider starts to fumble, there will be ample warning, because folks will be watching and pinging. Have a plan, or get continuity coverage now, or when it really becomes specifically available for cloud users.  Don’t say I didn’t warn you.
  • When a small, under-financed but buzzed up PAAS, SAAS, Cloud, whatever….fails overnight, taking your operations with it – comfort yourself by thinking how much you saved while it was working those 5 months in 2009. Really, now, Consider having at least a local or S3 proxy dup your data. Get insurance. Think before you trust business operations to a startup.
  • If I was Andy Rooney from 60 Minutes: “Have you ever noticed that all of these hosting providers have a page on how great their hosting facilities are? Even the cut rate ones say, ‘we are a level 1000 bunker with a year of diesel backup power and armed guards, and multiple super network links?” I mean, did they all copy the same page to make us feel safe?”

There is no perfect state of reliability, and that even in the days of highly centralized data shops, continuity was planned. We are transitioning from this mercantile, Web Hosting mentality, to one of running business essential applications remotely. These services are splitting into ownership  categories of incumbent giants, and start ups that have a semi permanent ‘?’ on their forehead until they achieve operational liquidity. The former apologizes and credits your account, the later disappears int the night.

The vast majority of SAAS productivity app providers use existing utility compute services, in whole or in part. It’s a cost thing – perfect continuity in the cloud, on a per-client-per-use basis would be infinitely costly. There will, however, be no comprehensive industry clearing house offsetting failures –  not in the sense of a services for profit model.

There are some shared risk examples where pooled trusts for infrastructure failures exist (to the best of my knowledge, these were at least proposed in underwriting requirements):

1) Telecom, National data haulers , Carriers-Carriers, and submarine cable system operators sometimes negotiate emergency settlement and peering agreements as a prerequisite to satisfying underwriting requirements. Sometimes these agreements predate the insurer’s audit, and are just good business. Don’t confuse these contingency plans with standard settlements – they are negotiated for extraordinary outages and lock in fees and technical requirements. Only the very large carriers can enter into these agreements with true peers.

2) Municipal and State Gov. Emergency Radio communications networks, SMR, and certain common carriers (terrestrial radio specialty comms) sometimes have emergency coverage agreements that are mandated by statute.

3 )Interstate Nat Gas and Petroleum Pipelines. Etc.

The real message here is that underneath a pool of policies is a risk pricing model that is often further underwritten by a re insurer; risk pools come together faster if there are means to offset the preponderance of risk. Flood Zones are hard to mitigate, and pools are still formed, sometimes under the stentorian bark of a state regulator. But in the case of our beloved IT clouds, we have yet to get to a place where risk to an individual business that depends on a cloud service can be priced, mitigated against, and potential technical failures limited, in their worst instances.

You may now go read up on all the happy hoooha about, “the open cloud manifesto, cloud interoperability, etc.”, good luck with all that – I’m an optimist too.

We are talking here about commercially brokered services that are paid for by a pool of insurance companies, and that are funded by premiums. We don’t get there until the primary service providers are certified, rated, and as operationally good as they can be. At that crucial juncture, where a critical mass of SAAS and Cloud hosts agree to these ratings and certs, we can price the baseline risk of outages via standard actuarial methods. Subsequently, risk offsets that are purely technical in nature can be tested and put into production. Finally, when technical services are proven to be feasible, then we can look to the reinsurance market, and viola, we have a business.

Question #1): How many service providers and Insurers have to get on board, at least provisionally, to make a real retail or B2B market that multi-line agents and specialty carriers can sell into?

Answer #1): My research was cut short before I got that far. I felt that my client knew the answer and was testing to see if I came up with a verifying figure. My best guess is that at least 35% of the top 1000 SAAS and Cloud vendors and at least three major underwriters would be required to make a realistic market for policies and payouts that make any sense whatsoever.

Question #2): Other than the actual insurance underwriting and policy sales, is there a real business model here in operating the technical services pool of a blind trust API broker/ Data mirroring / continuity services for the insurance industry? How big ?

Answer #2) Oh yes, oh my G-d yes. I am writing this series because I got far enough in my work for the last client, that I did see the foggy future in a way that mature analysts sometimes do.

How big? I believe that operating the Trusted Services Pool will be worth about 60 – 120 million annually when it hits it stride. There may be ancillary channels and opportunities along the way that could lift revenues to 250M. So, it’s not going to be a Cisco or an HP, but a specialty business funded by the small insurance premiums paid by Small and Medium Businesses that make cloud computing or SAAS a critical part of their operations. (Much of my work product was projecting these numbers).

As a matter of fact, the industry as a whole may become hamstrung if these risk offsetting services are not brought online.

Maybe someone will read this very long and not too interesting series of articles (would you rather not  be reading some romance novel?), and put me back to work researching and creating the product road map, lassoing potential insurance industry partners, and start making this a reality (all that work!).

The services offered to offset cloud computing risk is a modest challenge to provision, and is really just another cloud service with special sauces for monitoring, security, and trust. That’s it.

You were expecting nuclear fusion? The goal of these pooled services is to cap the worst losses that imply risks to the majority of small and medium business that may encounter inoperative remote services – thus  mitigating the top tier of policy payouts. The insurers pay for and pool these services with the premiums collected from the insured businesses.
Blind Trusted Services:

The Trusted Services Pool has to have all the attributes of trust to be established. Fiduciaries and controllers, technical management, and operations staff have to be checked out. The capitalization has to be audited, and its own operational contingencies have to be assured. Do you see what is happening here? The insurer’s technical services pool has to be as good or better than the hosting providers that it is backstopping.

Technical Services:

The goal is to offset the worst risk cases for data loss and continuity losses to operations. This does not mean an up time guarantee. A certain major percentage of the insured population’s data and transactions has to be preserved for a reasonable premium. To support a menu of insurance coverage levels, the following technical services will probably have to be supported over time: ( I am avoiding an exhaustive technical discussion, who has time?).

  1. Transaction Log Mirroring and ReplicationThe most basic, non data heavy service for small business is to maintain transaction logs. These logs can be shipped and ready-replayed to reestablish and reconstruct business transactions if a cloud provider goes down or out. Especially for POS and counter top retail business that are making the move from a distributed server based system, half the battle is capturing the transactions.
  2. Data Storage ProxyIn addition to table-based transactions, businesses that store document images or objects may require a backup proxy to alternative cloud storage. No big hurdle here, other than the assurance and credibility.
  3. VM machine image ready standbyIf and when (some say now) a set of elastic services cane be frozen and placed on near-line stand-by, this a service that was discussed in my research. In meetings with several VM vendors, including some heavy hitters from IBM’s superserver division, it became apparent that many instances of ready standby could be held in stasis, and re-synchronized to transaction logs in fairly short order, especially if we are catering to small and medium businesses, and not say, City Bank.I guess this is where the open cloud initiatives are going. It seems that many of the VM vendors are leading the way. For the purpose of the trusted pool, I felt after a period of study that this is possible and actually in practical use in limited cases.
  4. API call brokerage for live services uptake.There are already existing services that broker web API’s. These services provide scaling, monitoring, billing, etc. Trusted services for the insured pool would maintain a similar brokered pool of API’s that would either pass through the 1st level of calls directly to the provider, or would be cut in as an alternate route if a timeout exceeds a predetermined limit.There are a few issues here that need massaging, as it not the business of the trusted services pool to provide transaction level assurance when your cloud or SAAS provider times out for a few minutes. Rather, a trusted API brokerage really makes the preceding items more elegant to provision. Even competitors can backstop each other’s outages if the Trusted Services are blind to the parties and payments settled by the trusted pool.

The up sells beyond trusted services might cover all of the value-added items provided in the course of selling business continuity services, such as records management, facilities, and telecommunications. These would add revenue lines, and complement the agencies commission incentives.

The technical services discussion could be covered in much more depth, and I may take that on after I clear my desk. However, I wanted to close this series and show that some folks, including my former insurance industry client, are seriously looking at the business of providing indemnification services and underwriting to cloud computing clients.

Reblog this post [with Zemanta]

Microsoft Buys Yahoo Search biz – Why is this a good idea?

I dont get it, maybe Im not the smartest guy, but some questions arise:

1) how will Microsoft retain the brand image of Yahoo search – I mean it is almost a sure thing that no matter what they buy will devolve into another MS Live-Blah misbranded product? no?

2) what will Yahoo do with the missing search revenue? Just replace it with Google. I thought that Yahoo has sunk almost a billion into its search platform R&D, – isnt this an admission that they have failed? If so, why would MS want it?

I have a good friend who was invited to “jury” for Yahoo’s senior search team. That is the only way he could describe it – A Ph D. style juried dissertation taking place over 4 days. This man is a senior computational scientist with credentials in the pharma, life sciences, and trading tech market, and he is one sharp blade; I worked with him at FT R&D. He did not, ultimately get the job at Yahoo, but he had this to say (and I will wrap up why I think this is relevant to MS-Yahoo): read post  jump for his impressions Continue reading

Consultants: Mess Up Totally while being 100% Right!

Consultants: Mess Up Totally while being 100% Right!

Don’t go against the money; what say, you say? Consultants, don’t go against the opinion of the people funding a venture, or their management proxies – you will not get contracts, you will have your early termination clauses invoked, and you will be forced out the valley. Of course, you will also not be able to provide any services of value, but it seems that the valley is chock full of closed end product management hires that are basically yes-men and gals for the management. So why did they hire you?

First, some background about what a good product strategist does -people are confused until they really need a guy like me. I built my reputation by being honest and never pulling punches, all while providing action oriented, sane product / channel re-jiggering.

People who label as ‘Strategists’ take a lot of heat; where do you get the nerve? Well, first of all, there are two types of strategists: Corporate capital ‘S’ strategists, and product channel specialty small ‘s’ strategists. I am a small ‘s’ strategist specializing in technical, industrial, and vertical markets. Without this specialization, I should be rebuffed; with no MBA, no degree from any institution of higher learning, I need my tool belt of practical industry experience to underwrite my credibility, and to speak with authority regarding the markets that I swim in, on behalf of my clients.(visit)

When a client calls me, via a referral or via my blog articles, they have a bone to pick. Often this bone is an internal conflict over the direction of a product’s channelization, or a strategic (small ‘s’, product features and industry targeting strategy) issues that is causing division or insurrection in the ranks.

I can often be a balm to these conflagrations; it doesn’t always get to the point of emotional entanglement, either. I have had a good career acting as an honest broker for the best interests of the product and the user community. This obtains in cases when the particular user community is already in place, or needs to be freshly recruited.

There are so many great Web 2.0 tools and services that have steered down the path of fremium and ad-supported subscription models. Many of these great, small companies will never see the revenue sufficient to turn a profit, and therefore wait for the buyout that may or may not come.

All the while, there are any number of technical and skilled trades markets that are dying for specialized instances of messaging, social networking, and mobile applications that can help their constituencies work more effectively. However, these vertical markets are never going to be evangelized by non-specialists, and their revenue models require a fine-tuned balance between ads (and these industry specific ads can have hight CPC and CPM) and subscriber paid accounts.

That’s my job, to use my skills as an advocate on behalf of the Web application provider, to swim in the vertical and fine tune the delivery of these services, and to help make a payment model that works for the product sector, and the developers.

More on this topic, and in depth, soon.

Related articles

Technical Product Service Demands Social Networks

Technical Product Service is a fancy name for anything that requires a skilled technician or engineer to effect a product repair. In the grand old days of consumer electronics, when the Hi-Fidelity system was the center of home entertainment, skilled, lab-coated technicians would troubleshoot your amplifier, receiver, or tape deck (!) to the component level. I was one such skilled technical servicer. I have come to the conclusion, based on my past experience as a professional trainer of technical specialists, and in my current experience as an IT industry product strategy sector analyst, that the current upheaval and innovation in Social Networking may be poised to have a huge impact on the way professionals get things fixed, how they apply their trade, and how laypeople get complex issues resolved.

In those days, as fast as technology was changing in the late 1970’s, even the most advanced and innovative new technologies, such as the VCR, were based on discreet components. Even the first, very expensive CD Audio players had only a modicum of customized integrated circuitry. It was very much the case that any repair one might effect, from that time in to the mid 1980’s, was a case study of one’s education and skill as a technical journeyman.

I used to teach national service classes for thousands of consumer and commercial electronic technicians; the stakes were high, as productivity depended on fast and accurate diagnostics. This was before the advent of the internet, and collective knowledge was typically dispensed via bulletins, national convocations, and the very nascent electronic pre=PC era BBS systems. But we are getting ahead of ourselves.

All of my instruction during those years always included basic tracks on electronics, as revealed by the Horowitz and Hill reference book for electronic education, “The Art of Electronics”. Many of my colleagues subtly berated me for wasting precious time in regional and national trade events, as to my covering remedial ground. I always pointed out that I was not merely reviewing the standard syllabus, but I was gathering a body of collective mythology that often permeates complicated subjects, like electronics and its applied science, troubleshooting.

What does this have to do with today’s sexy, topical issue, i.e., Social Media and Social Networking? If you will bear with me and read on for one more minute, please. Continue reading