Tag: application hosting

Posted on

Is it Cloud or is it Desktop?

Is it Cloud or is it Desktop?

There are a few realities that users of purely SaaS-based solutions are finding, and among them is that most web-based applications don’t readily integrate with the desktop – and the desktop is still where a lot of the real work gets done.  Yes, users are increasingly mobile and are using smartphones and tablets to create and access information via mobile applications and services, yet the PC desktop – whether it’s an actual desktop computer, laptop or full-featured tablet – remains as the workhorse for business.  Even the most popular SaaS applications continue to rely upon the desktop and locally installed applications to get some of the work done (note that many Salesforce.com users still find Excel to be their most effective reporting tool).  In an effort to deliver mobility for those applications traditionally tied to the desktop, software developers have adopted two main approaches: redevelop the application for the web (which usually means bringing functionality down to a lowest-common-denominator approach), or applying a traditional terminal server or virtualized application approach and calling it “cloud”.

desktop-apps

Neither option is awesome for the software maker – the time and cost of development certainly isn’t low, and the realities of hosting conventional desktop or LAN-based applications in shared infrastructure are pretty ugly at best.  What these software makers need is a way to allow businesses to continue to use their software for the desktop and LAN, enabling the user with software license use rights to access that software product and associated data on any of their “desktops”, regardless of where that desktop might be (or what device it is running on).  The model is cloud, but then it’s a desktop model too.

Independent software vendors are more frequently turning to platform providers (PaaS) to help deliver whatever “cloud” approach the company elects, and these ISVs are also feeling the bite of outsourced service fees and growing costs of delivery.  It is not just the direct customer questioning the cost of deploying resources in the cloud – software providers are questioning these costs, too, especially as they attempt to deliver resource-intensive solutions from hosted infrastructure that bills them based on resource utilization.  MyQuickCloud is proving that ISVs and their customers no longer have to bear large infrastructure costs in order to deliver complete user mobility. MyQuickCloud supports IaaS providers and their partner networks, allowing infrastructure-as-a-service offerings to include a simple and fast way to immediately make that infrastructure useful for desktop and application delivery.

The information technology industry has seen a lot of disruption in recent years, with complexity and risk in systems rising as users demand more functional mobile capability and software developers struggle to protect and preserve their assets (users included).  MyQuickCloud jumps right into the middle of it, delivering solutions for business customers, software developers and cloud providers alike, and answering the question of whether it’s cloud or desktop.  The answer is “yes”.

jmbunnyfeetMake Sense?

J

Posted on

Licensing the Cloud: Software Distribution and Use in a Remote Access World

Licensing the Cloud: Software Distribution and Use in a Remote Access World

Whether we like it or not, and whether we agree or not – software developers have a right to decide how and where their licensed products are run.  There have always been arguments in this area, where software license purchasers take the position that they should be able to do what they want with their licenses, and where commercial software developers believe they have the rights to dictate authorized usage.  Truly, when it comes down to the legalities of it all, the software companies will win because they have the legal footing to fall back on  – the EULA containing use rights and terms which licensed users have agreed to.

The problem has been ongoing, with software developers constantly and consistently seeking methods to reduce unauthorized software distribution and unsupported use, and users spending amazing amounts of time and resources finding ways to break the rule.  Copy protection, “phone home” license validation models and all sorts of approaches have been developed to prevent software theft and unauthorized distribution.  But it happens anyway – a lot – and the cloud is turning into a great facilitator.  Surprisingly, it’s an “in your face” approach, too, where the previous iteration of web-enabled software theft (unauthorized digital downloads and license cracking) was fairly quiet and tried to be secretive to stay out of the gun sights of the developer.  Today’s “flavor” is right out there, being marketed to any and all who care to view the ads.

With businesses more frequently turning to “cloud” server providers to run business applications, it is no wonder that the IaaS and PaaS companies would want to make their services easier and more valuable to acquire than the next guy’s.  Aside from a groovy control panel and great networking and VM pricing, the added value from these providers is in the applications they are able to service.  More frequently, hosting service providers are marketing their solutions in the context of the applications customers run on the service (which makes sense, because the application’s what really matters).  Leveraging the brand value and recognition of popular commercial software products makes sense, as it improves overall visibility and increases the potential of the “right” kind of prospect engaging and becoming a customer.

The problem arises when these service providers sell hosting services for, or which support, applications they are not authorized or licensed to deliver, and this is where the argument comes full circle.  The hosting provider wants to host applications customers use, customers have licenses for those applications, but not a right to have them hosted.  The host deploys the application anyway, because that’s what the customer wants.  “What’s the risk?” they ask… “the customer has the software license”.

The risk is, unfortunately, greater for the service provider than for the customer.  Even if the customer has a license for the software product, that license may not actually be eligible to run on a hosted server.  “Businesses lease computer equipment all the time, and they can run the software on those systems” is the next argument generally offered by the service provider.  But, in the eyes of the software developer, there may be a big difference between leased equipment run in-house versus subscribed platform services deployed via a commercial hosting provider.  Even Microsoft recognizes the benefit and value of providing “mobility” of application licensing, and has specific licensing models to allow commercial hosts to deploy customer-owned licenses.  While many service providers understand and recognize the requirements to ensure that customer applications are properly licensed for hosted delivery, there are a great many who think the rules simply do not apply to them.  These folks are introducing a great deal of risk into their hosting businesses, even if they are not willing to recognize it.

When a customer runs their software in an unauthorized manner, they risk losing the rights and benefits associated with their software license.  When a commercial hosting company runs software on their servers that they have no right to install and run… they are potentially guilty of unauthorized software distribution and copyright theft.

Actions against facilitators of unauthorized content distribution – you can equate “software” with “content” – have received much press in past months, yet much of the discussion centers on music and video content (as in the Megaupload story).  Actions involving commercial software products tend to be somewhat less visible, probably due to reluctance by commercial developers to have what could be perceived as negative press flowing through social media venues.  It’s popular to protect music and videos, but hosting providers aren’t seeing the wisdom of preserving the integrity of a commercial software product license.  Instead, they’re relying on the customer to indemnify them (the customer has a license, remember?).   But the customer can’t protect the host; the host must protect the host – it’s the prudent business approach.

Infrastructure providers, platform providers and businesses operating as application hosting companies should pay close attention to the content living on their servers.  Taking a position that the customer has the right to do whatever they want with the system is not a viable position; the precedent has been set that the hosting provider is responsible for the content on their systems.  In the case of hosts offering service for small business applications like Microsoft Office and Intuit QuickBooks, for example, it is essential that a service model which conforms to and supports proper license usage be in place, and that any required authorizations are, too.

Software is just another form of content, and the cloud makes distribution of and access to content a lot easier, even when it shouldn’t be.

Make sense?

J

Posted on

Better QuickBooks Access, Management and Security – QuickBooks Licensing and Hosting Models

Whether hosted in-house or offsite, licensing models for hosting QuickBooks can be very confusing.

driving1-ANIMATIONThe demand for solutions to address user mobility, better collaboration and improved information security is increasing as connectivity improves and cloud services and threats evolve. Server-based computing models and application hosting are increasingly popular as businesses seek to embrace teleworking and telecommuting models for their entrenched applications and systems, creating a foundation for improved productivity and work/life balancing (or integration).  On the technical side, the benefits of centralizing applications and data include improved efficiency in managing, maintaining and securing systems. For many small businesses, this means centralizing the installation and maintenance of core business applications like Intuit QuickBooks Pro, Premier or Enterprise.

Whether it be offsite with a commercial hosting provider or on a co-located server somewhere, or an onsite installation on the in-house server, hosting Intuit QuickBooks licenses can be straightforward or complicated depending on what you are trying to do with them. Because QuickBooks was designed as a standalone single-user application, there are a number of challenges when it comes to preparing it for server-based use.  The primary issue is often simply understanding the QuickBooks licensing model, which is not particularly INTUITive (sorry).

Licensing hosted QuickBooks applications comes with two different sets of implementation issues: the technical implementation (the installation and setup) and the logical allocation of licenses to users (the licensing rules).

When it comes to the technical implementation, many an experienced engineer has beaten their head against the wall trying to get QuickBooks to work properly in a workspace or session-based system (e.g., terminal server), all because they expect the product to implement like a “normal” client/server application. While QuickBooks may use the Sybase database manager guts to handle multi-user access to QuickBooks data files (I think it is still Sybase), the architecture required to properly service a networked QuickBooks installation does not necessarily mimic what would be used with, for example, a .NET desktop client application with an MS SQL back-end.   First, the QuickBooks data files cannot be remote to the application, meaning that both the client and the database manager (which is actually working as an adjunct to the client) must exist on the local network; it will not work over a WAN connection, which is why so many folks get frustrated when they put their server “in the cloud” and attempt to connect from a local client using a VPN.  It just won’t work that way with QuickBooks; it all has to be on the local network – client, server, data… all of it.

It is notable that many businesses use Dropbox and other file sync solutions because they want to be able to get to their data from multiple locations, but the data they’re getting must be “local” to the apps that use it.  It doesn’t allow for simultaneous multi-user access, but it can be an effective way to share a file.  The caveat is that the file (at least in the case of a QuickBooks file, or Outlook PST file, etc.) should not actually be used from the sync folder.  Sync folder should contain copies of data files that users wish to sync or share with other devices.  But I digress…

With a server-based implementation of QuickBooks, technicians will install the QuickBooks desktop software on the server, and will determine whether or not that same machine will also handle the company data files.  The QuickBooks DB manager is part of the installation of QuickBooks, and the file system and drive where the QB files are to be managed must be recognized as a local drive on the server running the QBDB manager.  The overhead used by the database manager isn’t huge, but it can impact the performance of users on the server.  For this reason, some techs will decide to implement a separate file server to manage the QB data files, taking that load off the app server.

  • The QuickBooks software uses the database manager to “host” access to company files.  This simply means that a single server with the data on it is providing managed access to remote-desktop-sessionsQuickBooks application users.
  • When QuickBooks application software and data is installed and centrally managed on a server (instead of QuickBooks being installed on individual PCs), that means QuickBooks application is being “hosted” on that server.
  • When a 3rd party provider supplies the server, the QuickBooks installation, data storage, and your way of connecting to it all,  that provider is a “host” providing hosting services for your QuickBooks.

In a dedicated hosting environment, the data is often stored on the same server as the applications, whereas in a shared hosting environment, the data is often stored on central file servers which serve multiple customers. This is why, in some shared hosting situations, one bad data file can take down the database manager services for all the customers using that same file server.

Users open the QuickBooks application on the server instead of having the application installed on individual PCs.  The single server-based installation of the software is able to be used concurrently by all users logging in to that computer. With the database manager running, the file is essentially “hosted” on that machine, and the file may then be opened in multi-user mode.  OK so far.  The problem generally comes about when a second user on the same computer/server wants to open the same QB data file as the first user.

Because the QB database manager is looking at the license of the client application accessing the data file, it will recognize when two different users/sessions with the same license key attempt to open the company data file.  If that license key is a single-user key, then the database manager knows it should allow only 1 concurrent user in the file.  QuickBooks doesn’t get installed for each user on a computer or server; it is installed one time on the machine and each user on that machine runs from that single shared installation. Any particular version of the QuickBooks application may be installed only once on a single computer, but it is possible to install multiple editions, year versions, and “flavors” of QuickBooks on a single machine (cannot be more than one installation of each unique product). There will be more than a few annoyances when running a variety of QBs on the same computer, but it is technically possible.

In order to allow multiple users to simultaneously access the same data file from a central installation of QuickBooks, the license key installed on the computer must be a multi-user key.  QuickBooks Pro, for example, can be keyed to 3 concurrent users, meaning that the license will allow up to 3 users with that same license key to simultaneously access the same company file.  Technically (but not lawfully) this installation of QuickBooks on the machine could allow a virtually unlimited number of users to launch the QuickBooks application simultaneously, limited only by machine resources.  This is where the logical allocation of licensing comes in.. the rule of licensing QuickBooks.

The logical allocation of unique licenses for each QuickBooks user is a little easier to understand than the technical implementation.  The rule is simply that each user of QuickBooks is required to have a valid registered/activated license. That valid license is a license purchased and activated for that business.

total-businessMaking QuickBooks desktop editions more useful by adding secure remote access and centralized management makes a lot of sense.  For companies who rely on the functionality and features of the desktop products (QuickBooks Pro, Premier and Enterprise), a hosted approach is the only way to really address mobility and multi-location requirements.  Remember that hosting doesn’t necessarily mean offsite, although that could make sense for the business, too.

Centrally-managing QuickBooks applications and data creates greater efficiency and improves overall IT management capability for the business.  At the same time, a centralized model introduces a better strategy for mobilizing the workforce and connecting remote users and offices. The struggles of understanding and implementing proper QuickBooks licensing begin to seem very small when compared to the benefits of deploying a centralized system that’s easier to access, manage and secure.

Make sense?

J

Posted on

Many Companies Are Negligent About SAP Security, Researchers Say – CIO.com

Is your hosting service provider helping to keep your critical business applications secure?  It is not enough to simply harden machine images and develop policy-driven access; application hosting providers need to understand the vulnerabilities introduced by each and every application in the environment.  Otherwise, the system could be exposed to threats directed specifically at the application environment and opportunities it presents.

Many hosting providers will offer customers service for any business application they have, and often provide those services with no significant experience or expertise in dealing with configuration or security issues specific to those applications or environments.  Consider the following report from IDC which indicates that numerous SAP deployments remain vulnerable to attack or intrusion, even though SAP has improved security of the products. The problem rests not exclusively with the SAP applications, but also with the approach to implementation of systems and security around those applications.  Understanding the various vulnerabilities introduced with SAP products is the first step to securing them.  Certainly a skilled IT solution provider is likely to offer a high level of service and capability, but there may be issues presented by various products (like SAP) which introduce additional or unique considerations, and it is important for the service provider to be aware of and address them.

Joanie Mann Bunny FeetMake Sense?

J

IDG News Service — SAP has significantly improved the security of its products over the past few years but many of its customers are negligent with their deployments, which exposes them to potential attacks that could cripple their businesses, according to security researchers.

The biggest issue is that companies expose insecure SAP services to the Internet — not only HTTP services, but also critical administrative interfaces, Alexander Polyakov, chief technology officer at ERPScan, a developer of security monitoring products for SAP systems, said Tuesday.

Between 5 percent and 10 percent of companies that use SAP products expose critical services to the Internet that shouldn’t be publicly accessible, Polyakov said. This happens because they want to enable remote management or because of improper configurations, he said.

Most of the services have vulnerabilities that can be easily attacked, Polyakov said.

Publicly available exploits exist for many SAP vulnerabilities, including some that are part of Metasploit, a popular security testing tool.

The percentage of companies with exposed SAP services differs from country to country. The situation is better in North America and Europe and worse in the Asia-Pacific region, Africa and Latin America, Polyakov said. However, even 5 percent translates to a very large number of companies, he said.

via Many Companies Are Negligent About SAP Security, Researchers Say – CIO.com.

Posted on

Moving Your Systems to the Cloud

The IT industry is promoting Software as a Service and online applications as the new normal for computing, and unless you’ve been living under a rock for the past few years you have heard how it is supposed to make our computing lives ever so much better.  Hiding under that rock might also have spared you from reading about the various failures and outages which impact users, forcing them to make do without the online applications and data they have become so reliant upon.  It’s surprising, but not unimaginable, that businesses rely so heavily on applications and services that didn’t even exist a few short years ago.

The potential benefits of a SaaS model are many, but the risks are equally significant and should not be minimized.  This assessment should center on a review of the application software in use, considering whether or not it is meeting the needs of the business.  Where and how the software runs is much less of an issue than the functionality and process support it provides – most “legacy” applications can be run in a cloud server environment, making remote access and managed service part of the service model.

There is risk in changing business applications – risk of data loss, changed or broken data relationships, lost productivity, and more.  Many businesses would benefit by running their applications in a cloud model while continuing to utilize the software solutions their operation relies on.

Application hosting models where desktop applications are delivered on cloud servers is  often overlooked when businesses go looking for cloud software because they are shopping for software and not the platform.

With Software as a Service (SaaS), the software and the platform are combined and together represent the solution. With application hosting on a cloud server, the software is the same software a business would traditionally run on PCs and servers, but the they are installed and managed on the cloud server rather than the local computers.

The big benefit is the agility of the platform and the user mobility it allows.  The unspoken benefit is that you can still “take your ball and go home” if the service doesn’t work out.

Removing the barriers for adopting an online working model allows the business to experience the benefits attached to cloud computing without introducing unnecessary risk through unneeded changes in software and applications.

Make sense?

J

 

Posted on

Hosting All My Applications in the Cloud

Many business owners will recall when their first in-house computer networks were installed.  When the PCs were networked together in an office, it made file sharing and collaboration among team members easier and more efficient.  Installing additional applications on the PC was a relatively simple process, and when the new application came with the ability to integrate with another app already on the PC, it was often a fairly simple process to get the two “talking” together.  But installing and integrating applications on your personal computer is a bit different from getting multiple applications installed and integrated with a cloud hosting service provider.

In almost all cases, integrating multiple desktop software solutions requires installing those solutions on the same computer so that they can share certain program elements or, at least, share .ini or data files.  Application integration is important because it allows different software solutions to work together, communicating data from one application to the other so the information may be used in different ways or for different purposes.

An example of this might be a Microsoft Office integration with QuickBooks, which allows the user to perform a one-click export of QB financial data to an Excel spreadsheet.  Another example is the integration between QuickBooks and Fishbowl Inventory, which synchronizes information from the Fishbowl inventory system into the QuickBooks financial software.

In nearly every case where a software program has a software-based integration with another solution, the integration must be installed in the same system as the core solution.  In the QuickBooks world, this means that the programs which integrate with QuickBooks must be installed on the same computer as QuickBooks.

In a conventional PC network, the necessity of installing the various software solutions on the same machine is not a big problem as PC software and integrations have been implemented in this manner for years.  On the other hand, when the business is considering the option of moving desktop applications to the cloud, it is important to make sure the provider and service will allow all of your products to be hosted.  In most cases, this requirement highlights the main difference between a shared service versus a dedicated or server-based solution.

With shared services, the servers are generally configured to offer a strict and limited set of applications to be hosted.  The applications on the servers are used by subscribers of the service, and users are limited to accessing only those applications available in the environment.  The shared approach is popular with some application hosting providers as it creates an economy of scale which helps providers to earn more revenue on their infrastructure.    The trade-off is that a shared hosting solution only works well for businesses with a limited application requirement, and is generally fairly expensive when more users are added to the service.

The need for diversity in hosted application choices, coupled with the need for businesses to keep costs down even as the number of business users increases, are the primary drivers for adoption of dedicated and server-based cloud hosting solutions.  When the solution is managed as an entire environment rather than on an exclusively per-user basis, an economy of scale is developed within the organizational IT infrastructure.  As the business grows and adds more users and applications, the incremental costs to bring each user or application onto the platform is often far less than a user subscription in a shared solution.

For any business planning to migrate their server and systems to the cloud, the first step is to have a thorough understanding of the applications and integrations the business needs in the host environment, and then to find a hosting provider that can deliver the infrastructure and baseline system administration required.  It is unreasonable to expect a hosting provider to be an expert with every software product available, but skilled and experienced hosting providers understand how to generally install and implement most standard business applications and will rise to meet the customer demand.

While no business can guess what their future software needs may be, decisions can be reasonably made based on the solutions currently in use.  Finding a provider with a service to meet immediate needs is useful, but businesses change and therefore business requirements change, and it is good to know that the hosting infrastructure and IT services supporting the business can adjust to those changing needs.  After all, cloud hosting of applications and data just means the servers and infrastructure are with the service provider and not in the office, but it doesn’t mean businesses can’t have the feature-rich and functional applications their businesses have come to rely on.

Make sense?

J