Last week I attended Softletter's SaaS University in Washington, D.C.  It was a great event aimed at helping SaaS companies learn how to better market, sell and deliver their cloud computing solutions using the Software-as-a-Service model.  BlueLock was asked to deliver a session on the infrastructure choices that SaaS companies face when deciding how to host their application. 

The numbers from the 2010 Softletter SaaS Survey revealed that SaaS companies have many infrastructure choices to make, from highly virtualized (Cloud) server farms to highly managed service systems and many variants in between. My session analyzed the choices available to SaaS providers and and gave some realistic numbers, checklists, and scenarios that hopefully helped them make the best choice for their operations and peace of mind.  Infrastructure As A Service offerings can be a great benefits to SaaS companies in that they can help them move opex expenses to capex expenses, lower their overall costs, align their expenses with revenues, improve their speed-to-market and provide a competitive advantage.

Here's a link to the PPT and the presentation on SlideShare.

BlueLock's healthcare-related client base seems to continue to grow - and they each have one specific need in common: security.

Recently, BlueLock produced a case study with Pathagility in regards to their Software-as-a-Service (SaaS) application which facilitates the generation, management and reporting of clinical data between healthcare providers and healthcare institutions.  Early on in the company's life, they realized that it made more business sense to forge a relationship with a provider who could secure and manage their IT infrastructure environment rather than spending capital on purchasing, implementing and managing their own.  At BlueLock, they were especially happy with the ability to scale and pay as they grew in a secure and SAS 70 compliant cloud hosting environment.  Pathagility's success was dependent on their ability to focus on the development of their SaaS solution and get to market quickly rather than directing their talent towards the day-to-day IT operations.

A very similar story unfolds with a new client, AmeriVeri CR. AmeriVeri CR is an in-depth , fully automated method for verifying the coding accuracy of healthcare claims. The company saves their clients an average of 4% in healthcare claims simply by identifying coding errors. They also needed a highly secure and SAS 70 compliant cloud hosting solution. The company just got its official start in January of 2010, but after quickly receiving funding and attracting great interest from clients and prospects, the comany needed to be able to expand its offering quickly.  Enter BlueLock.

These are just two of many healthcare-related clients BlueLock currently has running in its Enterprise Cloud platform, but each tells a similar story and proves that yes, the cloud is secure.

OK – time to take it home.  Hopefully you've already read my first and second post for SaaS CEOs, and now I’d like to finish up the final five tips for taking your applications to the cloud. 

I'd also like to ask you for feedback on what you think and whether you think I’m on the right track.  Please feel free to challenge and question me in the comments field below.


Tip #11:  Set financial penalties for downtime:  I agree, there should definitely be some financial incentive for the Cloud provider to perform for a couple reasons:  

Tip #12:  It takes time to see ROI on SaaS development:  Sage advice from Adam on this one – it’s going to take time and a concerted effort to make Software-as-a-Service (SaaS) pay off for you.  His comments make me think about focus.  Our experience is that many SaaS companies have little to no experience running a hosted infrastructure – so that skill must either be hired or acquired.  Hiring people is hard, so I might argue (because this is our business) that SaaS companies can get further, faster by focusing on writing the code and driving demand, while leaving the hosting to experts like BlueLock.  That’s exactly what SaaS company Right On Interactive did – they focused on writing better code and allowed us to help them get further, faster by managing their infrastructure.  Check out their cloud computing case study.

Tip #13:  Savings are not in the cloud, but in headcount:  Oh man, I wish I could make this tip #1!!  Adam hit the nail on the head.  I’ve presented an infrastructure choices presentation to Rick Chapman’s Softletter SaaS University conferences several times and I tell the Software CEOs in the room that one of BlueLock’s key value propositions is about people.  I even take them through a little back of the napkin math around the difference in cost of 5-10 servers doing it on your own, doing it at Amazon or hosting it with BlueLock.  BlueLock wins and I tell the crowd that you could substitute BlueLock for another managed cloud provider because it’s not about my ability to pay my people less, it’s about my ability to “fractionalize” our labor cost, where they must have a full time equivalent (FTE) or 2 (if that person wants to take a vacation) or 3 (if you want 24x7 coverage and let someone take a vacation or get sick).  So the software company that has dedicated staff to “manage” their cloud environment at Amazon is, in the end more expensive, than allowing me to manage their environment for them at BlueLock.  If you’d like to see the analysis – send me a note at bwolff at bluelock.com and I’d be happy to share the slide and take you through my logic. 

Tip #15:  Let the cloud lead you to new innovations:  This last tip takes the previous tip and Lincoln’s presentation to the next level.  Companies that choose to deliver their software via SaaS (in the cloud) open up many new opportunities for revenue and value creation. The first step toward opening up new horizons for your software company is to migrate to SaaS and let the users take you to a better place.  The cloud will only continue to get better, and SaaS companies taking advantage of the benefits of cloud computing will be leaps and bounds ahead of their competition in terms of cost efficiency and flexibility.

Thanks for reading this post – if you’d like to learn more about how BlueLock is helping enable other SaaS companies just like yours, drop me a note at bwolff at bluelock.com or visit our website to find out more about our cloud hosting services. 

I would also love to hear what you think about my take and if you think I’m on track or “off in left field”.

--Brian

BlueLock has been named to Nine Lives Media Inc.’s third-annual MSPmentor 100, a
distinguished research report identifying the world’s most progressive managed service providers.

“We are honored to be recognized by MSPmentor as one of the world’s most progressive managed service providers," said John Qualls, President and CEO, BlueLock. “We believe our selection is recognition of our continued company growth over the past year and further validates our business plan and the market’s need for different classes of managed IT and cloud hosting services. Three years of cloud experience has allowed us to deliver true cloud computing services that enable developers to Fortune 500 enterprises to deploy and operate their applications on a highly available and scalable platform that is tailored to the
needs of their apps.”

The free MSPmentor 100 report, available at www.MSPmentor.net, is based on data from MSPmentor’s global online survey, conducted October through December 2009. The MSPmentor 100 report recognizes managed service providers based on a range of revenue and management metrics.

Founded three years ago, BlueLock was one of the country’s first providers of Infrastructure-as-a-Service (IaaS), enabling companies to provision and manage their technology infrastructures more efficiently and cost-effectively. Delivering pre-configured, secure and resilient virtual IT environments which scale ondemand,

“Despite the challenging economy, MSPmentor 100 companies generated more than $700 million in combined recurring revenue and managed services revenue, up 31 percent from the companies’ combined results in 2008,” said Joe Panettieri, editorial director, MSPmentor. “Our report also reveals how MSPs are already profiting from SaaS and cloud services.”

MSPmentor, produced by Nine Lives Media Inc., is the ultimate guide to managed services. MSPmentor features the industry’s top-ranked blog, research, Webcasts, and FastChat videos. It is the number one online media destination for managed service providers in the world.

Adam Stone over at Software CEO wrote a very timely article compiling the opinions of several respected industry experts into 15 tips for understanding cloud computing. 
I thought Adam’s article highlighted several ways that BlueLock thinks about the cloud differently (or the same in some instances).  I plan to break the 15 tips down into three blog posts providing my perspective on each point he makes.

Tip #1:  Be Careful how you use the term. 

Adam’s point is that “cloud is not cloud is not cloud” – so it’s best to think about what you need most for your applications and then look for cloud computing service(s) that solve those specific needs.  For example, if you need a better CRM system – you’re probably looking for a SaaS (software as a service) application.  If your developers are spending way too much time writing code for functionality that is not core to your software package – you’re probably looking for a PaaS (platform as a service) – an opportunity to use someone else’s code to extend your core software’s functionality (billing comes to mind).  If your developers or infrastructure team are spending too much time managing failed servers, network or patching OS’, or if they can’t keep up with the growth of your very successful company – you’re probably looking for IaaS (Infrastructure as a Service).

Tip #2:  Make the Trendy Pitch. 

The din of people talking about Cloud Computing is deafening, even Dilbert has gotten into the act.  No doubt, your CEO and CFO have even been thinking about the proposed advantages of cloud computing and how they might help the business.  There are ways for almost every company to leverage cloud computing.  There are most likely servers or processes in your company that could be improved by a provider of SaaS, PaaS or IaaS, so take a look around, find a business need and explore ways that a cloud provider might be able to help cut costs and increase efficiencies - this should make your CEO and CFO happy.

Tip #3: Take One Step at a Time. 

One misconception/mistake that I see over and over again is that companies evaluate sending their most mission critical systems to the cloud first.  You should think about your IT environments and applications plotted on a graph of concentric circles with your most critical environments/applications in the middle.  As the number of users goes down or the criticality of the applications or the amount of attention an application receives from your IT staff goes down, move those applications to the outer circles.  The applications in the outer rings should be the ones that are evaluated for cloud first.  There’s less risk, less integration (maybe) and a higher chance for success with these environments.  We’ve built a very crude tool (that will be refined over time) to help you evaluate your applications and where they fit on the “circle of risk."

Tip #4: Keep Your Eyes Wide Open. 

I agree, due diligence on the provider is key.  As the gold rush continues, there are many companies rushing into the space to claim their fortune.  Many will come up with sand and dirt when they realize there’s a huge difference between running a data center and running an entire infrastructure with many, many clients.  In addition to all the points that Adam made about the questions to ask, my experience tells me that time in the market as a cloud provider (not just a co-location provider) is one of the best indicators of stability and staying power.  You’ll want to choose a provider with minimum of three years of success as a cloud hosting provider.  It was around the 2-year mark when we really started to hit our stride around managing the scale of our cloud environment, stabilized implementation and refined the management of our capital effectively, proving we could run a profitable business in the cloud.

Tip #5:  Make sure to get live support.

We’re a live support kind of company – because it’s relationships with our clients that matter, however, I would take a slightly different angle on this.  This is where I’m back to the criticality of the environments/applications.  If you’ve chosen a system that is less critical to the business, it might be perfectly acceptable to use chat, email or other means to get support from your cloud vendor.  Of course, they have to be responsive, that goes without saying.  But if you’ve chosen wisely, you may not need to talk to someone in order to get your problem resolved.  One caveat of course is that if you’re going to run mission critical applications in the cloud – then live support is a must.

So that’s the first five points around understanding cloud computing – stay tuned for the next five.  If you’re interested in learning more about how we do things at BlueLock  - send us a note here.

Coming in future posts:

Tip #6:  To avoid vendor lock-in, stick to open standards
Tip #7:  Location, location, location
Tip #8:  Consider using a middleman
Tip #9:  Monitoring uptime isn’t enough, you need an action plan
Tip #10:  A clause may look good in the contract, but be useless in the real world
Tip #11:  Set financial penalties for downtime
Tip #12:  It takes time to see ROI on SaaS development
Tip #13:  Savings are not in the cloud, but in headcount
Tip #14:  Follow the cloud into new markets
Tip #15:  Let the cloud lead you to new innovations

*If you’d like to read the original post by Adam Stone go here.

A recent email industry survey shows how businesses are reacting to email infrastructure being migrated to the cloud.  Osterman Research found that security-related email functions are dominating the software as a service market today and that the functions most likely to be outsourced in the future, if not already, include anti-spam, bulk email, anti-virus an anti-malware.

What factors are holding companies back from migrating to the cloud?  Findings show that more companies haven’t migrated to the cloud because of privacy concerns, data retrieval concerns (will they be able to grab that data back once it’s in the cloud?), because of regulatory compliance issues and because some companies are just plain scared of losing control.  However, upon a closer glance at cloud computing - a full-fledged look at what cloud hosting can do would show that cloud computing advantages include more choices, agility, control and protection than what a standard IT infrastructure environment can provide, which is why more than 20% of the users surveyed have outsourced their email functions to the cloud already.

Here are some of the results of the survey:

• 40% of companies surveyed are outsourcing some or part of their email infrastructure
• Anti-spam (64%) and bulk email (46%) are being outsourced by most companies
• Today:
  •  20% of users are served by a SaaS solution
  • 22% of email servers run as virtual servers
• In two years:
  •     38% of users will be served by a SaaS Solution
  •     49% of email servers will run as virtual servers

I think the two year projections are somewhat low, but the general growth towards using cloud hosting for email functions and/or using virtual servers is evident.  At BlueLock we’ve seen great success in migrating email to the cloud.  For many companies it makes the most sense to get email off of their machines freeing up space for them internally and getting their IT people working on more strategic applications.  Contact us today to learn more about migrating email to the cloud. 

Read the original post about the survey.

As the various branches of the Federal government have begun investigating and adopting different “cloud computing” and cloud-like applications, they like the private sector have struggle with the definition of ‘what is cloud computing’.  To provide clarity and a common platform for discussion, a draft definition by Peter Mell and Tim Grance at the National Institute of Standards and Technology (NIST) was presented at a federal CIO summit last week. 


Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is comprised of five key characteristics, three delivery models, and four deployment models.

Key Characteristics:
On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed without requiring human interaction with each service’s provider.

Ubiquitous network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).

Location independent resource pooling. The provider’s computing resources are pooled to serve all consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The customer generally has no control or knowledge over the exact location of the provided resources. Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.

Rapid elasticity. Capabilities can be rapidly and elastically provisioned to quickly scale up and rapidly released to quickly scale down. To the consumer, the capabilities available for rent often appear to be infinite and can be purchased in any quantity at any time.

Pay per use. Capabilities are charged using a metered, fee-for-service, or advertising based billing model to promote optimization of resource use. Examples are measuring the storage, bandwidth, and computing resources consumed and charging for the number of active user accounts per month. Clouds within an organization accrue cost between business units and may or may not use actual currency.

Note: Cloud software takes full advantage of the cloud paradigm by being service oriented with a focus on statelessness, low coupling, modularity, and semantic interoperability.

Delivery Models:
Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure and accessible from various client devices through a thin client interface such as a Web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created applications using programming languages and tools supported by the provider (e.g., java, python, .Net). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, or storage, but the consumer has control over the deployed applications and possibly application hosting environment configurations.

Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to rent processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly select networking components (e.g., firewalls, load balancers).

Deployment Models:
Private cloud. The cloud infrastructure is owned or leased by a single organization and is operated solely for that organization.

Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).

Public cloud. The cloud infrastructure is owned by an organization selling cloud services to the general public or to a large industry group.

Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (internal, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting).

Each deployment model instance has one of two types: internal or external. Internal clouds reside within an organizations network security perimeter and external clouds reside outside the same perimeter.

SearchSecurity.com just released an article about a recent Forrester report.  The report advises a cautious approach to cloud computing or cloud-based services.  The study found that early adopters ran into some roadblocks such as not knowing where their data is located or what happens to the data if they want to change services and even not knowing specifically how the service provider protects customer privacy.

Forrester advises that companies who are considering cloud-based services gain a clear understanding of security, privacy and legal consequences of contracting with a service provider.  At BlueLock, we like to make it as easy for you as possible to learn about our practices and procedures and match those up against other cloud computing providers.  In our opinion, the last thing we want is to have clients come in and sign on unaware of how their security, privacy and data will be handled.

In regards to security, Forrester recommends that organizations create a checklist of data security and compliance priorities.  This is great advice.  The more you can elaborate on your needs, the better able BlueLock is to provide you exactly what you need.

We’ve had lots of requests for highly compliant IT environments.  The beauty of cloud computing is that BlueLock is able to build your company a compliant environment at a fraction of the cost of building an entire IT system and infrastructure on your own.  Right On Interactive chose BlueLock as their SaaS hosting provider for that precise reason.  Their 5Buckets solution (integrated marketing automation software) needed to be highly compliant in order to be able to integrate with companies such as ExactTarget (email marketing) and SalesForce.com. 

They turned to BlueLock, laid out their needs and wants in regards to security and compliance, decided where they wanted their data stored (Indianapolis facility) and off BlueLock went designing a VMware virtualized IT environment.  They now pay for IT infrastructure as a monthly operational expense; their compliant and secure environment can scale on demand and its environment if fully managed by virtualization experts 24/7/365.  What more could a growing software company ask for?