Category: Cloud Broker

Posted on

The Line in the Sand: Your RPO (Recovery Point Objective)

The Line in the Sand: Your RPO (Recovery Point Objective)

IMG_0108Businesses and individuals are increasingly more dependent upon the technology supporting their various activities, and the volume and velocity of information moving through these systems is increasing at astonishing rates.  With the growing reliance on information technology and electronic business data, you’d think that more businesses were paying close attention to protecting these assets. I recognize that there is a broad understanding of responsibilities as they pertain to system security, and businesses of all sizes and types are increasing their awareness of the variety of threats facing their systems and are taking steps to address them.  Yet there remains an aspect of business data protection that too few businesses are really zeroing in on, and that is the time and complexity of recovering or restoring business data in the event of an outage or loss – and the absolute line drawn in the sand which says that “here” is the tolerable loss we can experience: no more and no less.

This line in the sand is referred to as the RPO, or Recovery Point Objective. A recovery point objective is part of the business continuity plan (or should be!), and describes the maximum tolerable period of time for which data might be lost from a major IT service incident.  The necessity to establish this time frame – the RPO – exists whether the business is small or large.  In fact, small businesses have data protection needs quite similar to their enterprise counterparts.  In an article in SmallBusinessComputing.com, Kieran Maloney of Quantum Corporation is quoted as saying that “from a data protection standpoint, smaller businesses face challenges that are similar to those of larger enterprises; the amount, and the value, of their data is growing significantly while their budgets are not”.

What doesn’t seem to make sense is that businesses continue to view data backup as a necessary evil rather than a strategic element, and spending considerations for creating and meeting a realistic RPO remain low.  An article in TheStreet.com on the subject quotes Terry Cunningham, president and manager of EVault, saying “When largely preventable data loss conservatively costs businesses hundreds of millions of dollars annually, it is time to rethink your priorities”.  The author also writes that “while 95 percent of US IT decision makers said they have some type of disaster recovery plan in place, only 44 percent have remote, cloud-based recovery capabilities… More than twenty percent of IT organizations that manage between 2-7 TB of data suffered a data loss in the past year – in fact, more than half of this group suffered 2-3 data losses – each with an estimated average cost of 2-5 percent of total company revenues”.

Part of the continuity plan and a consideration in developing an approach which will meet the RPO timeframe should be the implementation of remote cloud based service, yet this has remained a low priority for many business owners.  Reliance upon more traditional data protection approaches, including tape backups and on-premises HDD solutions provides IT managers with a false sense of security and often cannot even reasonably address recovery from data loss due to hardware outages, much less for potentially catastrophic failures including loss of the location.

When considering the RPO – the minimum acceptable point for data recovery (or maximum tolerable point for loss) – businesses must look at their data management and backup strategies in order to address recovery approaches for various types of outages.  There are benefits and drawbacks associated with the different methods of backing up data, and the cost/benefit of employing any solution must factor in to the requirement to meet the stated RPO.  Daily backups may be the standard procedure, but is a potential loss of 24 hours of data acceptable to the business?  On the other hand, what is the potential cost of re-creating the data, if it can even be recreated?  Consider also that the timeframe for data recovery is not the point at which the last backup was completed; it is the point when the last backup was started.  This could result in a loss window greater than the established 24-hour boundary.

Many businesses would suggest that their tolerance for lost data – due to the cost of lost productivity and order activities – is far less than 24 hours, yet solutions employed to reduce the potential data losses often do not fully address the issue in any comprehensive manner.   IT personnel working with separate products to handle incremental data backups, machine recovery (bare metal) and snapshots of disk arrays often have a tough time trying to piece together the various pieces of the puzzle and often simply hope for the best in terms of outcome.

The prudent move is to thoroughly consider the business disaster recovery and continuity plan, and establish the boundaries for tolerable loss.  No business wants to expect to lose valuable data assets, but expecting technology to perform flawlessly is unrealistic, not to mention the unexpected impacts from acts of nature or other forces majeure.  Architecting systems to withstand service outages and having a comprehensive plan for recovering from system outages in a timeframe survivable by the business is the essential element to making a continuity plan worthwhile.  Draw the line in the sand, and then develop the system protection and recovery plan that will help make sure you never have to step over it.

Make Sense?

J

Here are a few data loss statistics for your reading pleasure… Enjoy  🙂

(stats drawn from summary on BostonComputing.net.  They may be a bit dated, but the numbers have only increased since then.) http://www.bostoncomputing.net/consultation/databackup/statistics/

The following statistics were gathered from various sources:

  • 6% of all PCs will suffer an episode of data loss in any given year. Given the number of PCs used in US businesses in 1998, that translates to approximately 4.6 million data loss episodes. At a conservative estimate, data loss cost US businesses $11.8 billion in 1998. (The Cost Of Lost Data, David M. Smith)
  • 30% of all businesses that have a major fire go out of business within a year. 70% fail within five years. (Home Office Computing Magazine)
  • 31% of PC users have lost all of their files due to events beyond their control.
  • 34% of companies fail to test their tape backups, and of those that do, 77% have found tape back-up failures.
  • 60% of companies that lose their data will shut down within 6 months of the disaster.
  • 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. 50% of businesses that found themselves without data management for this same time period filed for bankruptcy immediately. (National Archives & Records Administration in Washington)
  • American business lost more than $7.6 billion as a result of viruses during first six months of 1999. (Research by Computer Economics)
  • Companies that aren’t able to resume operations within ten days (of a disaster hit) are not likely to survive. (Strategic Research Institute)
  • Every week 140,000 hard drives crash in the United States. (Mozy Online Backup)
  • Simple drive recovery can cost upwards of $7,500 and success is not guaranteed

 

Posted on

Licensing the Cloud: Software Distribution and Use in a Remote Access World

Licensing the Cloud: Software Distribution and Use in a Remote Access World

Whether we like it or not, and whether we agree or not – software developers have a right to decide how and where their licensed products are run.  There have always been arguments in this area, where software license purchasers take the position that they should be able to do what they want with their licenses, and where commercial software developers believe they have the rights to dictate authorized usage.  Truly, when it comes down to the legalities of it all, the software companies will win because they have the legal footing to fall back on  – the EULA containing use rights and terms which licensed users have agreed to.

The problem has been ongoing, with software developers constantly and consistently seeking methods to reduce unauthorized software distribution and unsupported use, and users spending amazing amounts of time and resources finding ways to break the rule.  Copy protection, “phone home” license validation models and all sorts of approaches have been developed to prevent software theft and unauthorized distribution.  But it happens anyway – a lot – and the cloud is turning into a great facilitator.  Surprisingly, it’s an “in your face” approach, too, where the previous iteration of web-enabled software theft (unauthorized digital downloads and license cracking) was fairly quiet and tried to be secretive to stay out of the gun sights of the developer.  Today’s “flavor” is right out there, being marketed to any and all who care to view the ads.

With businesses more frequently turning to “cloud” server providers to run business applications, it is no wonder that the IaaS and PaaS companies would want to make their services easier and more valuable to acquire than the next guy’s.  Aside from a groovy control panel and great networking and VM pricing, the added value from these providers is in the applications they are able to service.  More frequently, hosting service providers are marketing their solutions in the context of the applications customers run on the service (which makes sense, because the application’s what really matters).  Leveraging the brand value and recognition of popular commercial software products makes sense, as it improves overall visibility and increases the potential of the “right” kind of prospect engaging and becoming a customer.

The problem arises when these service providers sell hosting services for, or which support, applications they are not authorized or licensed to deliver, and this is where the argument comes full circle.  The hosting provider wants to host applications customers use, customers have licenses for those applications, but not a right to have them hosted.  The host deploys the application anyway, because that’s what the customer wants.  “What’s the risk?” they ask… “the customer has the software license”.

The risk is, unfortunately, greater for the service provider than for the customer.  Even if the customer has a license for the software product, that license may not actually be eligible to run on a hosted server.  “Businesses lease computer equipment all the time, and they can run the software on those systems” is the next argument generally offered by the service provider.  But, in the eyes of the software developer, there may be a big difference between leased equipment run in-house versus subscribed platform services deployed via a commercial hosting provider.  Even Microsoft recognizes the benefit and value of providing “mobility” of application licensing, and has specific licensing models to allow commercial hosts to deploy customer-owned licenses.  While many service providers understand and recognize the requirements to ensure that customer applications are properly licensed for hosted delivery, there are a great many who think the rules simply do not apply to them.  These folks are introducing a great deal of risk into their hosting businesses, even if they are not willing to recognize it.

When a customer runs their software in an unauthorized manner, they risk losing the rights and benefits associated with their software license.  When a commercial hosting company runs software on their servers that they have no right to install and run… they are potentially guilty of unauthorized software distribution and copyright theft.

Actions against facilitators of unauthorized content distribution – you can equate “software” with “content” – have received much press in past months, yet much of the discussion centers on music and video content (as in the Megaupload story).  Actions involving commercial software products tend to be somewhat less visible, probably due to reluctance by commercial developers to have what could be perceived as negative press flowing through social media venues.  It’s popular to protect music and videos, but hosting providers aren’t seeing the wisdom of preserving the integrity of a commercial software product license.  Instead, they’re relying on the customer to indemnify them (the customer has a license, remember?).   But the customer can’t protect the host; the host must protect the host – it’s the prudent business approach.

Infrastructure providers, platform providers and businesses operating as application hosting companies should pay close attention to the content living on their servers.  Taking a position that the customer has the right to do whatever they want with the system is not a viable position; the precedent has been set that the hosting provider is responsible for the content on their systems.  In the case of hosts offering service for small business applications like Microsoft Office and Intuit QuickBooks, for example, it is essential that a service model which conforms to and supports proper license usage be in place, and that any required authorizations are, too.

Software is just another form of content, and the cloud makes distribution of and access to content a lot easier, even when it shouldn’t be.

Make sense?

J

Posted on

CIO, CFO, IT and Procuring the Cloud | buildingUp.biz

CIO, CFO, IT and Procuring the Cloud

For as long as there has been high technology use in business, there has been a struggle between the enterprise CFO and CIO for the power to make IT purchase decisions.   It isn’t rocket science… the reasons for the challenge are fairly straightforward.  The CFO wants to know what the expected return on the investment will be.  The CIO, on the other hand, recognizes that there is rarely a straight line to be drawn between IT expenditures and near-term positive business outcomes.  Sometimes it takes a while to fully realize the benefits of an IT project… and sometimes it’s necessary to spend the money just to maintain status quo.

While there may be indicators that the CFO’s influence in the enterprise is extending into areas where the CIO traditionally ruled (due – at least in part – to SaaS and the Cloud) there are also indicators that the role of the CIO is evolving rather than losing relevance.

A survey performed in 2011 by Gartner and Financial Executives International revealed a number of interesting results which indicated that the balance of IT procurement power was shifting within the enterprise.  344 senior financial executives were surveyed, and they revealed that:

  • in 45% of organizations, the CFO makes or leads IT investment strategy
  • about 75% of surveyed CFOs said they have little confidence in their own IT departments

A CFO.com article on the subject also mentioned a KPMG study from April 2011, in which it was reported that “73% of CFOs identified IT as the greatest risk to finance meeting its objectives”.

With the emergence of “cloud” computing solutions and the plethora of application and service options now available to businesses, some businesses have concluded that “the CFO is better equipped for the cloud world”.  The belief is that the CFO is more attuned to the processes of vendor management and contract term and condition negotiations, which are primary areas of focus when looking to obtain outsourced IT and application services.  The process of comparing pricing and service level agreements is more of a business process than a technology process, placing it squarely in the realm of the CFO.

The real issue here isn’t a struggle for power and influence; it’s a change in business priorities fueled by changes in technology and service models.  IT and the role of the CIO must focus on innovation and improvement of processes and profitability through efficiencies gained with technology, not on defragging hard drives and running software updates.  Brocade.com discusses this evolution of roles and focus with enterprise CIOs and CFOs in the release entitled The CIO Is Dead. Long Live the CIO. The Cloud Redefines the Role of the CIO

“ … the CIO role will evolve and policy enforcement, technology evangelism and mediation between business units and their services providers will become the key responsibilities for the CIO by 2020…. And rather than being replaced by the CFO in this shift in IT provisioning, two-thirds of respondents predicted that the roles of COO and CIO will merge as technology continues to become more operationally vital. http://newsroom.brocade.com/press-releases/the-cio-is-dead-long-live-the-cio-the-cloud-rede-nasdaq-brcd-977455

Who understands better than the internal IT department the time-consuming and frustrating nature of maintaining user environments and applications?  Who in the organization has the technical understanding, coupled with a direct business understanding, sufficient to explore new ways of approaching various process or workflow problems? I think most business IT managers would agree that addressing issues that have a potential to radically improve the way a business operates is much more challenging and interesting than selecting the right make and model of server.

via CIO, CFO, IT and Procuring the Cloud | buildingUp.biz.

Posted on

The Cloud for Your Firm: 3 Initial Considerations for Cloud Enabling Accounting and Bookkeeping Firms Working With Small Businesses

The Cloud for Your Firm

3 Initial Considerations for Cloud Enabling Accounting and Bookkeeping Firms Working With Small Businesses

dscn0903.jpgThe potential benefits of a real-time, lean collaborative working model are too great to argue with.  Accounting professionals, bookkeepers and their small business clients are all hearing about the value of working together in the cloud, and how cloud technologies and solutions can reduce cost and improve efficiency.  There is a great deal of truth in these statements, just as there was a truth in the value of implementing computers, networks and other technologies in business.  What is not clear is exactly what businesses need “in the cloud”, and how they should approach this shift from local IT to outsourced managed service.  Initially, there are 3 issues which warrant consideration, if not deep discussion, prior to making any significant move to relocate internal IT and shift business applications to the cloud: internal use systems, client interaction, and operational support for both.

With all the discussion about cloud computing and remote access, it would seem that all the applications and solutions businesses need are now available online and paid for in low monthly subscription fees.  Anyone working with small businesses, however, comes to understand that the vast majority of these businesses are still using more traditional modes of information management and computing.   For the most part, these businesses are using PCs and local networks, possibly with a little hosted email thrown in.  Almost certainly they have a website and maybe even a fairly sophisticated e-commerce system that allows them to sell products online.  But when it comes to general office functions, and particularly back-office functions like bookkeeping and accounting, the software and the data generally reside on the office PC and server.

Accounting and bookkeeping professionals who work with small businesses are often in the same position as their business clients when it comes to information technology.  Since so much of the work involved requires the same programs and data formats as those used by the client, service providers find that they spend as much in management of software licensing and systems to support working with client data as they do on systems intended for internal use only – sometimes more.  Many of these service providers are also small businesses, and it becomes challenging to find a way to handle internal IT needs while at the same time trying to address those of the client. Where e-commerce solutions are readily available to handle operational aspects of product based businesses, the best tool set for a professional accounting firm or bookkeeping business working with small business clients may not be so easily defined.

The solution for many providers has been revealed through cloud computing and hosted application models.  With Cloud Servers, Remote Desktops, and Virtual Desktop Infrastructure now widely available as affordable alternatives to capital-intensive implementations of locally installed products, businesses are finding new abilities to manage applications and data, provide mobility and enhance collaboration.  The additional benefit is in how accounting service providers may engage with their clients in more efficient and effective ways, without the burdens of replicating data or trying to share access to a single machine or application resource.

There are a number of elements to consider before taking the file server to the parking lot and running it over with a truck.  Moving to the cloud is not a one-step process, and it is important to do a little research and collect some important information before making the final decision on how to proceed.

Internal Use Systems

Among the first of the questions to ask when considering a change in IT management approaches is “which software do we need”?  Implementing an outsourced IT arrangement, which is really what “cloud” is about”, does not necessarily mean throwing away all the existing software and starting with new.  The software in use within the firm may be exactly what it needs right now and adding full IT management, fault tolerance, and remote or mobile access could be the main scope of the requirement.  Moving from locally installed solutions to hosted solutions provides quite a number of benefits while removing many of the direct costs and frustrations of IT management and administration. The greatest benefit of this type of approach is the ability to preserve the “body of knowledge” existing in the business, knowledge invested in the people and processes already developed.

On the other hand, there may be new tools or services only available as “cloud” service, and it makes sense to explore how they may benefit the business more than the in-use applications.  The important element is to remember that the solution must address real business problems, and whether it runs in the cloud or not isn’t the first or most important thing to ask.  For example, a discussion about whether QuickBooks Online might be a better choice than QuickBooks Pro, Premier or Enterprise should be focused on the functionality provided by the applications and not which servers they are running on.  With application hosting for QuickBooks now being an available option, there is a managed IT and remote access capability for both solutions, rendering the fact that QBO is a SaaS solution almost irrelevant in terms of being a differentiator.

Client Interaction

An important aspect of adopting new technologies or working models is the consideration of how the firm and the client businesses will work together, and whether or not there is (or could be) a standardized approach that might work for most clients.  Certainly, it makes sense to standardize as much as possible.  Treating every issue or engagement as a singular event – a one-off – is the least efficient way to do business.  The key to profitability is in the firm’s ability to produce high quality work consistently and in a timely fashion.  This requires that the business be well-structured in terms of the standard processes and methods which will be used to work with client information.  When the firm and the client can work seamlessly together as and when required, and when each is responsible for their own systems and data, it is a best-case scenario. The questions relating to client interactions focus on how the firm works with clients and which tools or solutions are required to improve that situation.

It is likely that the firm will need to be able to address working relationships with various client and engagement types – where clients do some of the work, where the bookkeeper does the work, or where the participants work collaboratively together in the same systems.  While it may seem that the best way to create a dependency on your services with the client is to keep them out of the systems, empowering the client is really the key to a close and long-standing engagement.  This means that the client needs to have their own solutions and approach to cloud-enabled IT, and the accounting or bookkeeping service provider should be able to access and work within that environment.

It is rare that a small business can effectively operate without computers and software to manage information and support operations, so it makes sense that the business should have its own accounting and financial systems, too.  For the accounting service provider, it is essential that a level of understanding be gained around the use of today’s available remote and mobile access technologies, as it is with these solutions and tools that participation in client systems will be enabled.  When the client accounting solution sits on their office PC, there are limited options for working together in any real collaborative form.  Connecting to their PC via remote control is a widely recognized means of gaining access to client systems, but if the bookkeeper is on the system when there is a problem of some sort, all eyes go directly to that remote user as the likely cause of the problem.

The considerations relating to remote access to client systems focus not just on enabling a collaborative working environment, but also on mitigating risk and improving client perception.  The risk issue comes in when the accounting service provider is exposed to systems and information not relevant to their task, and the perception issue becomes material when the accounting professional becomes the software or IT service provider.  It makes sense for the accounting professional to make recommendations or suggestions about software and IT service which might benefit the business, but not to necessarily be the reseller or direct provider of the product or service.  The moment the accounting professional attempts to sell the client a software product or IT service, the relationship is changed and the client is more likely to view their accounting pro as another vendor rather than a trusted advisor.  It’s also not necessarily a great move to start a new client engagement by telling the client they have to switch accounting products to allow the accountant to work closer.  Rather, professionals need to help their clients position those products for more efficient use, which may include enabling remote or mobile access granted via deployment in the cloud.

Operational Support

When businesses outsource their IT management and administration, there is often an initial belief that all responsibilities in these areas will be handled by the IT service provider.  What is often overlooked is the reality that the firm still needs to have people attending to IT related tasks, just doing different levels of work with the technology. It is important to recognize that someone in the firm will end up dealing with various IT and process support issues, and it still makes sense to have personnel dedicated to these tasks (*Note: here’s where I suggest that the cloud changes the focus of internal IT personnel, but it doesn’t eliminate the need for them).  The service provider and solution evaluation and selection process, as well as the actual deployment and administration of services, will take valuable time away from actually performing client accounting or bookkeeping work, and there should be people attending to these issues while the business continues operating.

Where an internal IT department or contract technicians may once have supported internal systems, an operational role within the business is still required to manage outsourced IT activities, including and particularly those where clients are involved with the firm systems.  Delivering new benefits with a minimum of business disruption is the goal, and can be achieved through proper planning and coordination with team members and clients alike.

Closing Thoughts

“The Cloud” is just another way to run software and implement computing resources.  It still takes servers and software, it uses processors and storage and networking, just like more “traditional” computing models.  The difference is in how these resources are purchased and provisioned, and the impact is a change in how businesses of all types can benefit from technologies which enable collaboration, lean process, and mobilityThe Cloud for Your Firm addresses your internal business requirements, lends itself to client collaboration, and has internal operational support to ensure the firm is fully leveraging the available benefits to improve business performance and profitability.

Make sense?

J

Read more about Accountants and Bookkeepers Working With QuickBooks Clients: App Hosting Approaches That Work

technorati-top-100-small-business-blog

Posted on

IT Security and Engaging Users to Reduce Vulnerability

IT Security and Engaging Users to Reduce Vulnerability

There is a lot of discussion going on about security in the cloud.  With numerous advancements in technologies of various sorts intended to secure our information and identities on the Web, how is it that security continues to be a growing problem?  The answer is in the Big Data the Web collects (read about the Internet of Things – IoT), the large silos of data now handily available in the cloud, and users who continue to provide access for all sorts of bad guys and malicious attackers simply due to not understanding that they – the users – remain as the biggest vulnerability of all.  It is educating this user and finding a way to get them to recognize their potential as a critical element in enhancing system security and reducing vulnerability that has become the larger challenge.

People are nothing more than another operating system, says Lance Spitzner, training director for the Securing The Human Program at SANS Institute.  “Computers store, process and transfer information, and people store, process and transfer information,”  How Hackers Fool Your Employees

Social engineering and finding ways to earn user trust has become a widely recognized means for gaining access to systems and information.  Any experienced computer security consultant recognizes that Microsoft Outlook is among the best applications to place in front of users to test system security, as emails with malicious attachments (spearphishing) represent a majority of targeted attacks.  And hackers aren’t resting on their laurels while users figure out that opening email from unfamiliar sources isn’t a good idea.  Nope, not for a minute.  Today’s flavor is “conversational” phishing, where it is made to appear as though a real person is at the other end of the conversation.  Hackers are patient, and they are willing to take the time to find a way in.  Users, on the other hand, still tend to be somewhat complacent when it comes to security, and often operate under the belief that the IT security products and the IT department have it all under control.   And no matter how many times they’re told to not click on strange email attachments, to change passwords frequently, not to reuse passwords, and to make passwords hard to guess… getting users to comply continues to challenge system administrators.

most-valuable-security-practices

Communicating with users about the importance of adhering to password management and other security standards often falls on deaf ears for two reasons:  users believe that system security is the job of the IT department, and users are made to feel stupid by being chastised and punished by the IT department that’s supposed to be helping them.   Rather than helping to educate users and find innovative ways to get users to participate in helping to improve system security, IT administrators and security teams generally view users as part of the problem rather than part of the system of solving it.

It’s a heated debate that can upset people on opposing sides.  For instance, one RSA conference presenter conducted a class on “how to patch stupidity,” Spitzner says.  “He explained why people are stupid, how they’re stupid and how to fix stupid.  It was a very emotional talk for me, because how can you sit there and insult the very people who can end up helping us?…  How Hackers Fool Your Employees

In order to build strong security which is better-suited to protect businesses from today’s variety of threats, IT security professionals and system administrators should engage in positive internal marketing for better system security, deliver improved education to build awareness with users, and actually engage users in the process of threat identification and detection.  These users don’t have to be geeks or IT people; they can be average users who simply keep their eyes open to things that just don’t seem right.  “People can become a detection system to improve organizational resilience.”

jmbunnyfeetMake Sense?

J

Posted on

via Accounting and Business Technologies | QuickBooks Pro and Premier as Software-as-a-Service

QuickBooks Pro and Premier as Software-as-a-Service

Running business applications online was once considered a fad, but has now become a mainstream approach to implementing technology. Businesses large and small are finding that turning technology investments into a predictable expense allows them to focus on their business operations and not the IT budget. For some, the ability to bring remote locations or mobile team members closer to the systems that support the business is the biggest benefit. For others, the security of having business continuity and disaster recovery built into the system is the key. Regardless of the motivating factors, business owners are finding that online application services can make a positive impact to their bottom line.

The market has clearly identified online technologies and application services as something beneficial. This is demonstrated by the rapid adoption and growth of business solutions that leverage the Internet as network. Further, online applications and services are being used as a way to augment systems that were once exclusively LAN or PC based. An example of this is the extension of Intuit’s QuickBooks products to incorporate online payroll services and online payment processing solutions.

With the move to online application services being one of the biggest shifts in technology seen in years, it only makes sense that the applications that have become “standards” in business shift to an online model, as well. The opportunity is great, but the responsibility is greater.

Many software companies are facing a number of problems with respect to the unauthorized hosting of their desktop applications. Because of the technology employed for desktop application hosting is very costly, many service providers feel compelled to “leverage” application licensing and other system features to increase their value proposition and in order to compete. Customers who utilize these unauthorized application services are putting their businesses at potential risk. This risk may come in the form of substandard services resulting in lost or corrupted data; risk may come in the form of unauthorized access to confidential business or personal information due to poor system security; risk may come in the form of exposure due to the unauthorized use of software licenses.

While the market has clearly demonstrated the value and benefit of application hosting services, the lack of protections, consistency and support make it a venture fraught with peril for many. The volume of “grey market” activity and instances of license piracy have undoubtedly increased dramatically, as the cost of service delivery is high and the margins for the service provider are narrow. Manipulating the cost of service by leveraging the application licensing is sometimes the only way some service providers can create profitability in their offerings. But with the prior lack of oversight in terms of service pricing, licensing, quality assurance, or service orientation, it had become the “wild west” for service providers, and the perceived value of the service declined while the number of and variety of deliveries increased.

The answer to the problem, or at least as it exists around the Intuit QuickBooks products, is in the ability for Intuit-Authorized QuickBooks hosting providers to offer subscription access to QuickBooks Pro and Premier licenses when they are hosted. Customers no longer need worry about purchasing their QuickBooks software before engaging with the hosting company, and can avoid the annual cost of upgrading their application software. With the QuickBooks license delivered under a subscription program, customers are able to work with the most current version of the software, and know that their systems are protected and their data is secure. Intuit-authorized QuickBooks Hosting providers can supply, manage, and maintain hosted QuickBooks implementations for businesses of virtually any size and type – all with an Intuit-supported license.

via Accounting and Business Technologies | Joanie Mann: QuickBooks Pro and Premier as Software-as-a-Service.