Tech Trends Archives


selling serverless architecturesI hadn’t heard of serverless computing until I saw this post by storage maven Greg Schulz. Put simply, “serverless” reduces the need for conventional servers by off-loading functions such as authentication onto other systems, such as those in the cloud.

Even though he’s deeply technical, Greg cuts through the hype and provides a great road map for differentiating a technical solution by describing it clearly and focusing on the value your solution provides.  This is reprinted by kind permission of Greg’s Server and Storage IO Blog where you can find the full version with illustrations.

By Greg Schulz

A few years ago a popular industry buzzword term theme included server less and hardware less.

It turns out, serverless BS (SLBS) and hardware less are still trendy, and while some might view the cloud or software-defined data center (SDDC) virtualization, or IoT folks as the culprits, it is more widespread with plenty of bandwagon riders. SLBS can span from IoT to mobile, VDI and workspace clients (zero or similar), workstations, server, storage, networks. To me what’s ironic is that many purveyors of of SLBS also like to talk about hardware.

What’s the issue with SLBS?

Simple, on the one hand, there is no such thing as software that does not need hardware somewhere in the stack. Second, many purveyors of SLBS are solutions that in the past would have been called shrink-wrap. Thirdly IMHO SLBS tends to take away from the real benefit or story of some solutions that can also prompt questions or thoughts of if there are other FUD (fear uncertainty doubt) or MUD (marketing uncertainty doubt). Dare to be different, give some context about what your server less means as opposed to being lumped in with other SLBS followers.

Data Infrastructures (hardware, software, services, servers, storage, I/O and networks)

Moving beyond SLBS

Can we move beyond the SLBS and focus on what the software or solution does, enables, its value proposition vs. how it is dressed, packaged or wrapped?

IMHO it does not matter who or why SLBS appeared or even that it exists, rather clarifying what it means and what it does not mean, adding some context. For example, you can acquire (buy, rent, subscribe) software without a server (or hardware). Likewise, you can get the software that comes bundled prepackaged with hardware (e.g. tin-wrapped), or via a cloud or other service.

The software can be shrink wrapped, virtual wrapped or download to run on a bare metal physical machine, cloud, container or VMs. Key is the context of does the software come with, or without hardware. This is an important point in that the software can be serverless (e.g. does not come with, or depend on specific hardware), or, it can be bundled, converged (CI), hyper-converged (HCI) among other package options.

Software needs hardware, hardware need software, both get defined and wrapped

All software requires some hardware somewhere in the stack. Even virtual, container, cloud and yes, software-defined anything requires hardware. What’s different is how much hardware is needed, where it is located, how is it is used, consumed, paid for as well as what the software that it enables.

What’s the point?

There are applications, solutions and various software that use fewer servers, less hardware, or runs somewhere else where the hardware including servers are in the stack. Until the next truly industry revolutionary technology occurs, which IMHO will be software that no longer requires any hardware (or marketing-ware) in the stack, and hardware that no longer needs any software in the stack, hardware will continue to need software and vice versa.

This is where the marketing-ware (not to be confused with valueware) comes into play with a response along the lines of clouds and virtual servers or containers eliminate the need for hardware. That would be correct with some context in that clouds, virtual machines, containers and other software-defined entities still need some hardware somewhere in the stack. Sure there can be less hardware including servers at a given place. Hardware still news software, the software still needs hardware somewhere in the stack.

Show me some software that does not need any hardware anywhere in the stack, and I will either show you something truly industry unique, or, something that may be an addition to the SLBS list.

Add some context to what you are saying; some examples include that your software:

  • works with your existing hardware (or software)
  • does not need you to buy new or extra hardware
  • can run on the cloud, virtual, container or physical
  • requires fewer servers, less hardware, less cloud, container or virtual resources
  • is the focus being compatible with various data infrastructure resources
  • can be deployed and packaged as shrink-wrap, tin-wrapped or download
  • is packaged and marketed with less fud, or, fudless if you prefer

In other words, dare to be different, stand out, articulate your value proposition, and add some context instead of following behind the SLBS crowd.

Watch out for getting hung up on, or pulled into myths about serverless or hardware less, at least until hardware no longer needs software, and software no longer needs hardware somewhere in the stack. The other point is to look for solutions that enable more effective (not just efficient or utilization) use of hardware (as well as software license) resources. Effective meaning more productive, getting more value and benefit without introducing bottlenecks, errors or rework.

The focus does not have to be eliminating hardware (or software), rather, how to get more value out of hardware costs (up front and recurring Maintenance) as well as software licenses (and their Maintenance among other fees). This also applies to cloud and service providers, how to get more value and benefit, removing complexity (and costs will follow) as opposed to simply cutting and compromising.

Next time somebody says serverless or hardware less, ask them if they mean fewer servers, less hardware, making more effective (and efficient) use of those resources, or if they mean no hardware or servers. If the latter, then ask them where their software will run. If they say cloud, virtual or container, no worries, at least then you know where the servers and hardware are located. Oh, and by the way, just for fun, watch for vendors who like to talk serverless or hardware less yet like to talk about hardware.

Ok, nuff said for now…

Greg Schulz – Microsoft MVP Cloud and Data Center Management, vSAN and VMware vExpert. Author Cloud and Virtual Data Storage Networking (CRC Press), The Green and Virtual Data Center (CRC Press) and Resilient Storage Networks (Elsevier) and twitter @storageio. Watch for the spring 2017 release of his new book “Software-Defined Data Infrastructure Essentials” (CRC Press).

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Three Ways to Lose a SaaS Customer


driving SaaS renewals A recent hack of my Web site led me to sign up with a security as a service (SaaS) vendor to monitor my site. A month in, they emailed to ask if I was pleased.

I don’t know, and that is bad. The updates they give me are so unclear, and their service so hard to navigate, I’m less sure about my security status than before.

When it comes time to renew my subscription, I’ll either cancel or find another SaaS provider whose value I can assess. If you’re a SaaS vendor, are you alienating your customers like this?

Dumb SaaS Mistakes

This provider seems to lack any understanding of my business. I make money by talking to clients, marketing myself, interviewing experts, and writing and revising marketing content. I lose money every hour I spend deciphering cryptic security messages, reading FAQ’s on arcane security topics or fiddling with complex WordPress files.

Whatever application or service you’re providing over the Web, your customers pay you to handle the IT plumbing so they can make money. Here’s what this vendor got it wrong, and what you should avoid with your customers.

Failed to properly set my expectations. Their Web site promised to “clean your site of malware with one click.” They may or may not have done this. But even after my site was supposedly clear of malware, it didn’t look and run right. It took many, many more hours and a lot of money with a designer fixing what the malware broke. A “one click” fix implies I’ll be good as new after that one click. If that isn’t so (and a customer will need other help beside yours to get back to business) tell them up front.

Bombarded me with jargon. This security provider tries to tell me what they’re doing, but fail miserably. Their weekly security alerts are full of techno-babble (see below) and provide “alerts” which turn out to be routine notifications I don’t need to take action on. This is a waste of my time and of theirs.

Error message one

Are hard to work with: Rather than ask questions or get help via email, I have to log into this provider’s Web site to create my own trouble ticket. The site is crammed with tiny type and technical jargon. The “trouble ticket” option is hidden under other buttons, and requires me to submit my FTP log-in info to proceed. (You do have your FTP log-in credentials on the tip of your tongue, right?)

How to Get My Business 

  • Build your service around on my needs, not your technical specialty. In the case of a security monitoring service, I’d love it if they partnered with WordPress experts to take ownership not just for cleaning my site, but returning it to its original look and feel.
  • Communicate effectively.  Only contact me when I need to take action. Don’t tell me about routine security updates or “alerts” about which I don’t need to or don’t know how to respond to. (One exception would be a clear weekly or monthly report telling me how many infections/attacks you stopped, and the effect they would have had on my business, to help me measure your value.)
  • Make everything easy. Large type, attractive icons and plain English terminology on Web sites, please. I work in email, not trouble tickets – let me ask questions and get help without logging into your site. And give me one or two click access to information about the most recent issue, without forcing me to go through a list of service requests. This is user interface 101.

I know security is devilishly complicated and requires safeguards and extra steps to work through customers’ Internet Service Providers and WordPress sites. But it’s comparatively easy to:

  • Not promise a “one click” fix if you can’t provide it.
  • Make it easy for me to understand what you’re doing, and most importantly…
  • Remember the problem I’m paying you to fix isn’t fixed until I’m back earning money.

Need more help selling cloud services? Check out this sample content plan you can adapt to your own needs.

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Pokémon Go: Why IT Marketers Should Care


Pokemon Go security When I was assigned a story on the security risks of Pokémon Go, I groaned. What could be interesting about a game where players chase comic book characters superimposed on the real world on their smart phone?

It turns out the enormous popularity of Pokémon Go IS the story. It’s so engrossing players are tumbling down hillsides and reportedly being lured into ambushes while glued to their screens. That means enterprises that can latch onto Pokémon Go (or create similar apps that go viral) can tap huge marketing opportunities – but face equally large security risks.

Let’s start with the downsides, as those were the focus of my reporting.

Risky Business

The initial security scare focused on reports that Pokémon Go vacuumed up too many details from the Google accounts of players. By all accounts, the developer and Google quickly fixed that, and the game may never have actually used all the information it asked for. But one source hinted darkly that even one-time access to email or other accounts could give a game developer valuable information they could use later. He also asked whether, as Niantic (the game’s developer) frantically ramped server capacity to meet demand, it could possibly put the proper security precautions in place to protect any user info it did gather.

Even if the legit game doesn’t snoop too much info from your phone, my sources described cleverly disguised malware variants that can. Another possible channel for malware are unofficial guides to games that help users improve their scores, or “hacks” that promise a short-cut to extra rewards. “jailbroken” or “rooted” devices, in which users bypass the manufacturer’s built-in security safeguards, are an especially prominent risk.

Then there are the broader (and even more story-worthy) societal concerns. If someone hacks your application and sends unwary players into traffic to chase a character, are you liable if they are it by a car? One source who does a lot of work for defense clients raised the specter of “crowd spying” in the form of a game that sends hundreds of players to catch a character the spy agency placed in front of a sensitive military base. Before authorities can chase the players away, their phones have already captured and transmitted images of the base from multiple angles.

Sound crazy? There Indonesian army has reportedly blocked service members from playing the game while on duty for just that reason. And how much of a leap is it to port such a game from ground-bound smartphones to drones, adding a new dimension (literally) to the privacy, security and liability questions?

The Upside 

The story angles don’t stop at the dark side. McDonald’s is reportedly first into the “monetization” game, sponsoring Pokémon Go play sites at its restaurants in Japan. But using games to draw foot traffic to a specific location is only a baby step.

Imagine a toy retailer creating an AR/VR game that lures kids into their stores and puts the most popular characters near the highest margin toys, giving them an instant discount as they “capture” the character with a tap on the screen? The next step, of course, is to combine real-time information about a player’s location with their past purchase history, credit worthiness or other factors to pop up real-time offers within the game. (This raises the challenge of securely combining corporate data with that from customers’ devices I tackled in my story.)

Senior Vice President Nagaraja Srivatsan at Cognizant Technology Solutions* has a whole raft of other ideas and examples.  They include restaurants giving diners a discount if they drop “lures” to get other customers to drop by, or offering “contextual” ads based on where a player is and what they are doing.

Finally, think of the opportunity to use AR/VR games to train or motivate employees. How about a Pokémon Go-type app that rewards hotel employees with bonuses or time off for finding and capturing not characters, but dust spots or trash in public areas? Or that gives field service reps points for sharing maintenance tips through an AR app on their smartphones? (In that case, how do you protect sensitive data about the failure rates of your components, or those from your competitors you see on your customer’s premises?)

 Get Pitching 

Any or all of these scenarios may, or may not, pan out. Pokémon Go itself will undoubtedly fade (maybe sooner than later) as just another fad.

But its blockbuster popularity, however short lived, shows that everyday consumers will download, play, and spend huge amounts of time with the right VR/AR app. And where eyeballs and interest go, money and opportunity follows. Pokémon Go is the tip of a lot of fascinating icebergs we’ll all be innovating around, writing about and pitching about for years.

Got any clients who are trying to ride the Pokémon Go bubble, or facing security threats as a result?————————————————————————————-

*Cognizant Technology Solutions is a client but did not reimburse me for this mention.

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Making Health Insurance “Digital”  


digital health insurance

Spring brings two painful ordeals. One is doing my taxes, where software can at least help ease the agony.  The other is choosing a health insurance plan, from a provider that seems never to have heard of the “digital” revolution.

Among the many loose definitions I’ve seen of the “D” word in my work with clients are:

  • Putting the customer first
  • Making products and services easy, and even delightful, to buy and use.
  • Customizing products and services, using Big Data to understand and even anticipate each customer’s needs.
  • Being mobile-first, or at least mobile friendly.

So 1980s

Compared to this lofty vision, what do I get from my insurer every year? A thick wad of paper (not even an email notification it’s coming) full of dense charts, impenetrable jargon, and confusing pricing options. The only “personalization” is their recommendation of a replacement of my current plan, which is being discontinued.) The new plan is close to 20% pricier than my current plan, and is about the level of a modest mortgage. But there’s no guidance on what I’m getting for the extra money or how this compares to my current plan. There are several pages of “mapping” diagrams to compare the insurer’s former and current plans, but it’s a year since I’ve signed up and neither my insurance card nor my bill have the name of the specific plan I’m now enrolled in.

And despite the fact I have, for at least 15 years, purchased only individual plans, the insurer makes me sift through four pricing levels for each of their new plans: for an individual, a spouse, a child and a family. It’s just another level of confusion about a decision (“How sick or injured will I be in the next year?”) that I’m not very qualified to make.

It’s also not very insightful or customized, in an era when Netflix can track which Doc Martin re-run I last binge-watched, and Amazon recommends stuff for me to buy based not only on my purchases, but my browsing history, and the purchase and browsing history of millions of others.

This seems like a process, and an industry, ripe for takeover by someone that could harness Big Data, real-time customization and a friendly user interface to make health insurance comprehensible and truly customized. (Note to health care CEOs: I, and a lot of other folks, would probably pay a modest premium just for the peace of mind of knowing what we’re buying. Just think, also, what simplifying the process would do for your back-office administrative and customer service reps.

So what would a “digital” health insurance purchase process look like?

Personal, Customized, Easy

  • Make online the default, and easiest to use, channel for information about plans and the process of choosing one.
  • Provide instant chat with a rep who can view my account and medical history without endless authentication and approval processes.
  • Use Big Data analysis of individual purchase behavior and health, as well as of others in their cohort, to recommend a plan on each customer’s historic health care consumption and scenarios (low, medium and high probability) of care needed in the next year.
  • To make it even more customized and interactive, provide cost estimates reflecting the customer’s most recent activity. (“Based on our experience with patients with your age and symptoms, there’s a 20% chance that shoulder pain you saw us about last week will require surgery rather than ice and Tylenol. If so, here’s the projected out-of-pocket cost under each of our three recommended plans.)
  • Tailor benefits to each customer’s needs and histories. Don’t tout your smoking cessation programs if you know I haven’t smoked in 30 years, or offer me a low-cost health club membership if you just gave me a discount for installing a home gym.
  • Speaking of home gyms, why not give me a one-click option to link my smartphone pedometer to your fitness-tracking program and give me a monthly discount on my premium based on my exercise level?

In industry after industry, disruptors are blowing away old-school competitors by providing easier to use products and services that save customers money. As a totally disgruntled (can you tell?)  health insurance customer, I’m ripe for being disrupted right out of my current provider.

Any contenders out there?

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Digital Lessons From a Dying Industry


Hand in sea water asking for help. Failure and rescue concept.Yes, some people still read the print version of newspapers. So when the Boston Globe botched the move to a new delivery provider and left us paperless for the better part of a week, it caused a major disturbance in the force for my significant other.

Mistakes do happen, of course, although after 143 years you have to wonder what the Globe doesn’t know about home delivery. But it was its botched response to the delivery problems that holds lessons for anyone trying to succeed in this “digital” age (however you define it.)

Here are four digital must-haves I see my clients talking about, how the Globe failed to achieve each and some lessons for the rest of us.

  • Anticipate, don’t just meet, customer expectations: Proactively apologize for failures, tell the customer what compensation (if any) they’ll receive, but most importantly tell them when their problem will be resolved. It took four days for the Globe to even tell us we’d get a credit for the undelivered papers, and no word on a solution except that delivery problems should ease “within the next few weeks.”
  • Provide a seamless, personalized experience across service channels such as phone, Web and mobile apps. Nothing screams “clueless” like endless waits on customer service lines and Web sites that crash under the flood of complaints. When Netflix can instantly stream video to my phone, why couldn’t the Globe buy a bunch of cloud capacity to keep its customer service site up? The Globe showed it’s neither effective in its old business model (delivering physical papers) nor its new online, digital model.
  • Provide a personalized customer experience that puts the customer’s needs, not what you want to sell them, at the center. The service rep I finally got on the phone not only couldn’t tell me when delivery to my street would resume, she didn’t seem to hear my question.  How about a Web site showing, in green, yellow and red, what areas will see their papers the fastest? Or even better, email or text alerts with updates on when service will resume to a subscriber’s street?
  • Recognize the customer is in charge and act accordingly. With its late and clueless communication, the Globe seems to have forgotten its customers even exist, much less understanding and meeting their needs. Fixing this doesn’t require sophisticated Big Data social media analytics, but just common sense and putting yourself in the customer’s shoes. For example, if you were a subscriber to a daily newspaper would you be satisfied hearing  that delivery will resume sometime in the next few weeks?

I say all this more from sadness than anger, having admired the Globe for most of my life. It takes strong, healthy news outlets to do investigative reporting like the Globe’s uncovering of sexual abuse in the Catholic Church as portrayed in the movie Spotlight.) Having already been crippled by the Web, the last thing the Globe needs is to finish the job off through its own incompetence.

For the rest of us, it’s a shot across the bow and a heads-up to put the systems and processes in place to respond like a true digital organization when – not if – we have big and unexpected customer service issues.

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Do We Need An Edward Snowden for Security?


hackerSome people are grateful to former National Security Agency contractor Edward Snowden for revealing massive detail about our government’s intelligence activities. Others think he’s a traitor who’s harmed our national security.

One thing you have to admit: He’s gotten us all thinking about the proper balance between privacy and national security. He’s also changed behavior and attitudes, judging by recent Congressional moves to curtail (for the first time since the 2001 terror attacks) the government’s ability to monitor citizens’ phone records.

Snowden changed the game by fearlessly (or recklessly, depending on your viewpoint) tearing away the veils of secrecy to reveal something he felt was endangering his fellow citizens. Do we also need an Edward Snowden to expose the number, and severity, of security breaches to finally force CEOs and CIOs to make security a top priority?

Denial on Denial

One argument in favor is the tendency of corporate management to focus on security in the wake of a highly publicized attack, but then quickly lapse back into complacency.

It’s easy to shrug this off as clueless C-level executives. But software developers and network administrators who should know better are equally to blame. A chief technology officer at a global IT services firm recently told me programmers still routinely fail to build in protections against common attacks such as buffer overflows.

Security experts routinely say 40 percent or more of successful attacks exploited security vulnerabilities that have been known about for years, and could have been prevented by following known, straightforward processes such as patching software and turning off unused services. Even when security officers or vendors quantify the risk vs. the cost of security, management will often vote for “I’ll accept the risk” rather than pay more for security.

Needed: Harsh Light of Disclosure?

In an era when software controls critical infrastructure such as power plants and dams, medical devices such as medical pumps, and aircraft (one of which was brought down by incorrectly installed software recently) this lax attitude towards security could cost lives.

While an event such as fires in the batteries in Boeing’s 787 prompts the FAA to ground the planes until the problem is solved, one security expert I spoke with recently complained there is no “Federal Power Security Authority” to force action if the national power grid were hacked. And in the absence of an outside authority, any company or government agency will always have more to lose than gain by fessing up to a dumb programming or network management mistake.

Such a government agency would, like the National Transportation Safety Board for aviation and rail accidents, be responsible for an impartial review and disclosure of all the facts to tell the public about the risks they face and what is being done to resolve them. After all, a dam that floods a river or two trains that collide due to a software failure kills people just as effectively as an airplane crash caused by a mechanical failure. The hidden dangers will only increase as billions of devices, ranging from self-driving cars to autonomous valves in oil pipelines, join the Internet of Things.

Given our tendency to act only after a disaster, creating such an outside “security review” agency (whether governmental or run by private industry) will probably require a horrific event. Could we get there more quickly if one or more Edward Snowden spills the beans, hurting companies and agencies in the short run but helping us all in the long-term by showing us how vulnerable we are and forcing corrective action?

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Content Cookbook #4: Containers


content sequence containers Over the last ten years or so, virtualization has taken over the world of X86-based servers. Creating pools of “virtual” servers on single physical machines slashed capital and operating costs for in-house data centers. It also let newcomers like Amazon Web Services rent out slices of their ginormous compute, storage and network resources to anyone over the Web, slashing computing costs and creating multiple species of cloud computing.

Today’s emerging buzzword is “containers,” which you can think of “virtualization light.” Rather than using a hypervisor to control complete virtual operating systems on the same CPU, containers run only the components of the operating system needed to run an application. That promises to cut costs even further, speed deployment and enhance security by allowing greater isolation among applications.

Docker has the biggest container (if you will) of mind share, with support from big names such as Google, Amazon and Microsoft, but is facing challenges from newer competitors like  CoreOS. Even as Docker builds out its own management and orchestration services, partners like Google with Kubernetes and Amazon with its EC2 Container service are building their own “platform” of container tools.

The container movement is a classic emerging market where customers are begging to be educated – and, in the process, let you shape the terms of the conversation. What content do you need to inform them, judge their interest and nurture them for a possible sale?

Step 1: Awareness/education

Assume the reader has never heard of containers and provide a concise, “why should I care” explanation. Compare containers to virtualization, highlighting the benefits (greater reliability, lower overhead) as well as the costs and possible risks (the need for new skills, fast-changing marketplace, unproven vendors.)

Provide a high-level or summary overview of how easy or hard it is to implement containers on various operating systems, such as Microsoft vs. Linux. Show your expertise and thought leadership by “framing” the container conversation. Are they the next big thing? Hopelessly overrated? A raw technology that needs to settle down before committing to it? What unique insights can you provide your prospects based on their size, vertical market, installed technology base, or tolerance for risk?

Offer this ungated (no registration) form and promote it aggressively through social media, paid adwords, and SEO. End it with a link to the second piece, for those ready to look at specific container products and services.

Step 2: Consideration

Drill further into the different flavors of containers from various vendors. Compare Docker’s “platform” approach to CoreOS’ focus on “just the container, m’aam.” Discuss specific implementation scenarios (say, hybrid cloud, or a mix of Microsoft Azure and Rackspace clouds) and what it takes to deploy and manage containers from various vendors on each of them. Discuss in detail whether, when and why containers plus virtualization does or does not provide better security than virtualization alone.

Your aim is to equip the reader to issue an RFP, or at least ask killer questions as they evaluate products.  How, for example, does a vendor provide for backup and restore? How does each platform isolate sensitive applications in a multi-tenant environment, where multiple customers share the same hardware, storage and networks? What are the “must-have’s” vs. “nice to haves” to look for management tools? What new skills will the customer need to handle containers?

Again, the more you focus this piece on the needs of your specific prospects the better. Sure, talk about the stuff you happen to do well but focus on being even-handed and knowledgeable. End with a gated tease to your third story, focused on those ready to buy.

Step 3: Evaluation/Implementation

Here’s where you show you’ve thought through the deployment and use of containers so thoroughly the reader absolutely, positively has to consider you.  Get wicked tactical and detailed. Tailor this very specifically to your prospects’ specific concerns, such as complexity and cost (if they’re small) to security and compliance (if they’re a bank) to scalability and management (if they’re a cloud provider.)

If in doubt, drum up some lists based on your real-world experience:

  • “Top seven mistakes our customers made with containers.”
  • “Eight questions to ask about your current environment before choosing a container platform.”
  • “Our five favorite open-source container management utilities.”
  • “Five easy ways to enhance container security.”

Consider rolling in case studies with specifics of your customers’ before and after environments, the time and cost required to implement containers, and of course the business benefits. Gate this with a request for basic contact info (if you haven’t already) or ask for more detail if you’re into progressive profiling.

If you have a marketing automation platform, you can of course score readers based on which of these pieces they read. Any or all of these can also of course be “re-purposed” into Webinars, videos or podcasts, or split into blog posts and Tweets.

Let me know what you’re doing content wise to promote containers, or what other technologies or services you’d like to see a sample template for.

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.

Would You Trust Your Directory to the Cloud?


directory as a serviceIn the mad rush to the cloud we’ve already got SaaS (software, security or storage as a service), PaaS (platform as a service,) IaaS (Infrastructure as a Service), CaaS (communications as a service) NaaS (network as a service), Maas (monitoring as a service) and even “XaaS” (everything and anything as a service.)

What’s next? Directories, those cumbersome-but-necessary databases of users, hardware and other network resources companies use to manage who gets access to which corporate services. At least that’s the vision of JumpCloud, which is extending its cloud-based data center management capabilities with a Directory As a Service (Daas.)

JumpCloud’s pitch is that it’s way too expensive and complicated to host and manage directories in-house, especially Microsoft’s Active Directory (AD). The rival Lightweight Directory Access Protocol has its own complexities, says Rajat Bhargava, JumpCloud’s President and CEO, requiring extensive knowledge of the Linux kernel and finding tools for point-and-click management.

Why not, JumpCloud argues, outsource directory services to JumpCloud, using what it claims are its simpler management tools and its links between on-premise AD or LDAP directories and infrastructure as a service providers such as Amazon?

The pricing is certainly attractive, at $10 per user per month (with the first ten users free forever.) Chief Product Officer Greg Keller says JumpCloud makes it easier to extend user accounts to the cloud through its ability to mirror AD data to managed hosting services. It also offers agent-based authentication on devices to reduce the IT management load, “while enabling the customer to authenticate and authorize users with cloud infrastructure, IT applications and multiple devices types,” the company said.

Another target audience, it says, are companies that have ditched the Microsoft Exchange in favor of Gmail, but must still use AD to manage their users, devices and applications.

Onwards the Federation  

In the background is the promise of federated identity, in which companies an easily manage user identities whether they’re accessing apps and data in an internal data center or in the cloud. JumpCloud’s aim is not to provide such federated identity as a service but to provide ”One directory to rule them all,” a single authoritative source of information that replaces, or at least augments, either AD or LDAP, feeding identity credentials to other components within the enterprise infrastructure.

While JumpCloud’s directory is proprietary, it uses industry-standard interfaces to connect to a wide range of directories and other IT infrastructure. Because it allows AD to be hosted in the cloud rather than a corporate data center, it promises to provide the anywhere, anytime access users require, and remove the complexity of mirroring AD data to a directory server at each corporate location. If a user is out of Internet range, JumpCloud’s local agent stores encrypted credentials so the user can log onto their own device, and access any of the apps or data stored on it.

JumpCloud also claims to solve an even nastier problem: Tracking increasingly popular Apple devices like iPads and MacBook within the Windows-based AD without the need for expensive third party software.  It also allows companies to manage their growing clouds of Linux servers through “a single pane of glass” without complex scripts and processes it says are needed with continuous integration and deployment tools such as Puppet and Chef.

Nervous Nellies

What’s not to like? Well, last time I checked security was still the number one fear organizations have about the cloud, and directory data is in some ways the key to the kingdom. “Our company is probably going to do security better than yours, “claims Keller, since many of its engineers and managers are veterans of security-focused startups with skills from authentication and authorization to vulnerability assessment and security research. And since it can spread security spending across customers, he adds, it can make “investments in both technologies and time that would be cost prohibitive for our customers.”

JumpCloud relies primarily on Amazon Web Services for hosting, which Keller says is fully compliant with the highest level of the PCI DSS credit card security standards, HIPAA, SOC 1 type II and is ISO 27001 certified, among others. But with high-profile breaches, even among those who supposedly meet standards such as PCI DSS, I’m guessing security is still a big fear factor.

Second is the need, as when posting any critical data in the cloud, to get the data back in case something horrible happened to JumpCloud or AWS. The company says they’re in the process of developing such export tools, but I’ll bet a lot of customers will want that capability in the bag before signing.

The third challenge is that larger competitors will see the opportunity and out-execute JumpCloud on sales, marketing, operations or any other front.

So let the DaaS wars begin. But first, would you trust your directory to the cloud – and if so, what assurances would you demand of that cloud provider?

Author: Bob Scheier
Visit Bob's Website - Email Bob
I'm a veteran IT trade press reporter and editor with a passion for clear writing that explains how technology can help businesses. To learn more about my content marketing services, email or call me at 508 725-7258.
 Page 1 of 5  1  2  3  4  5 »