The middleware and cloud applications that are now appearing at the edge of the network will of course, be further developed once high-speed broadband becomes available, but already they are having an enormous impact on the telecoms market. The new user experiences that can be obtainable through these applications will enrich fast broadband networks beyond recognition.

What we now have is, on the one hand, the Over-The-Top (OTT) applications that have conquered the world thanks to companies such as Google, Facebook, Amazon, Skype, Microsoft, Apple, Yahoo, YouTube and so on; and, on the other, the attempts by the telcos to develop these apps though their broadband and mobile portals.

By using the OTT route one can avoid many of the problems that the telco industry has been dealing with for decades. I remember as far back as the early 1990s, when both Telstra and Optus launched their impressive new billing reforms; but today, more than twenty years later, their billing and operational support systems (BSS/OSS) are as far from completion as they were in the 1990s. In fact it is likely that they are even further behind now, since many new applications have become available since that time—applications that are making those telco systems look like dinosaurs. In the mobile market we can also refer to decade old failed strategy of introducing IMS.

While fast broadband is the essential infrastructure of the digital economy the real action will take place on the layer above the infrastructure. This is where for many years I have envisaged the future of the telcos—facilitating the development of the digital economy, rather than concentrating on end-user products like telephone calls, mobile portals or broadband applications.

This is the world of value-added infrastructure, middleware and cloud services. However the old infrastructure with its legacy of BSS and OSS systems has failed to make the transition to the new Internet-based ICT infrastructure, let alone being able to facilitate Web 2.0 or Web 3.0 services.

In the meantime it is the new digital media companies that are building not national but international middleware networks. While telcos fail to service customer bases that consist of millions of users the digital media companies are able to serve hundreds of millions of customers.

Therefore NBNs could be a godsend, since this will, potentially at least, give telcos the opportunity to build a value-added layer on top of the infrastructure that will be capable of delivering Next Generation Network (NGN) service such as Web 3.0+ services.

However, while the digital media companies are progressing in this field on a monthly basis, telcos still measure their progress in years, so at present the gap is still growing, but not in favour of the telcos.

So the sooner the telcos start their transformation the better.

However, after well over a decade of calling for change time is now running out. They have now also lost the mobile portal battle against the apps market (that happened so fast they never knew what hit them). If the telcos miss this last opportunity it is indeed highly likely that they will be relegated to being basic infrastructure operators—and that market is also under threat as construction companies are better-positioned to do this job after most telcos went out of this business one or two decades ago.

On a more positive note, while customers might not like their dinosaur telcos they do, at the same time, trust them. They have built robust systems with enormous reliability and sound security based on proper standards and availability everywhere.

So the telcos could use this advantage to offer that same level of trust in an Internet world where it is becoming increasingly difficult to know who is trustworthy and who is not. I have made this argument for many years, trying to get the telcos to move. Again, the opportunity is still there—but for how long?

Banks are in a similar position, but they have far more valuable data they can use to help customers navigate the digital economy. So they could easily compete in this market as well. Customer knowledge is the key element of the digital economy.

However, more immediate competition is coming from the social media sites, which are quickly becoming the new powerhouses of the digital economy; also, they already have far more information about their customers and can use this to expand their services.

So it is two minutes to twelve for the telcos here as well.

Looking at some of those fantastic applications from Comverse we see a range of enriched voice and messaging services with superior user experience, complete with visualisation, personalisation, location, multi-channel applications and an openness to social networks, UGC-sites and RSS feeds.

I can see the digital media companies offering these communications applications immediately, but the telcos may not move so fast. This would hurt the telcos right at the very core of their communications business and I can now quite easily see these products being offered by companies other than the telcos.

Some of the mobile companies are better-positioned than the fixed operators; however if we look at the mobile portals market versus the applications market we see that the mobile operators also have largely failed to make the transition to the new open web-based world.

Perhaps the telcos should start looking more at OTT services themselves. There are great applications with unified communication applications in relation to social sites, location-based activities, etc. If the telcos were smart they could offer voice free and allow customers to choose from a whole range of value-added voice services and to make incremental changes to the applications they really value.

Over and again I have argued that, rather than concentrating on their retail customers, the telcos should supply their middleware and cloud services to the content and services providers. They should be the key providers to the organisations that are going to drive the digital economy.

Written by Paul Budde, Managing Director of Paul Budde Communication

Cloud environment provides compute power and storage. For web applications it also provides bandwidth allocation, both inside the data center and towards the end customers. Virtual servers are prone to performance degradation just like physical servers are, and when the load goes up, user experience goes down. An application Delivery Controller (ADC) can be very useful in such an environment bringing several benefits—It can offload the servers by handling TCP connections, compression and encryption, and it can save bandwidth by compressing the content that is sent to the end customers. The load on the servers and on the internal network can be further reduced by utilizing the caching mechanism in the ADC.

A Cloud Provider needs to support many applications at once. For a private cloud it could be several dozen enterprise applications, and for a public cloud it could mean thousands of web applications that are hosted in the data center. To add ADC capabilities for all these applications, he now has two choices: place an ADC device before each and every application (or at least those that would benefit from it), which can be a CAPEX and OPEX nightmare, or place just a few ADC devices and aggregate many applications on each, hoping that they all live happily together and don't disrupt each other by hogging ADC resources.

One way to tackle this problem is to have a virtual software ADC, running on a VM. This way there can be hundreds or even thousands of virtual ADCs, each serving one application and running under the same Hypervisor as the rest of the data center. I can spot three problems with this approach: one is that the performance of a software ADC is limited and un-predictable, the other is the challenge of managing hundreds and thousands of different instances and the third is the cost associated with running all these extra VMs.

A different approach would be to use a hardware ADC and virtualize it by creating many virtual ADC machines on it. To make it happen one needs to manage its resources in a way that one service does not affect another. There is also a need to afford the cloud provider clients with a way to view and configure their 'Virtual ADC' without knowing or interfering with other clients. Once these technical issues are met, the benefits of such a machine are its superior and predictable performance and its relative ease of management, leading to CAPEX and OPEX saving which are critical for hosting or cloud provider.

An ADC would obviously need to interact with the Hypervisor running the VMs. One direction is mandatory—the ADC needs to know when new VMs are made available so he can add them to his load balancing pool. The other direction is more interesting—when the ADC identifies a breach of SLA on one of the services, it can alert the Hypervisor that more VMs are required. And when the load diminishes, it can instruct the Hypervisor to take down VMs to conserve data center resources.

In summary clouds, both private and public are coming and with them a challenge of managing the load of thousands of web applications. An Application Delivery Controller can greatly help in alleviating these loads but it needs to evolve for this environment. Virtual software ADC and Virtualized hardware ADC are two possible solutions, with the latter probably being more optimized for the task.

Written by Amit Fridman, Vice President Engineering at Crescendo Networks

* * *

Project Title: Adopt-an-Haitian-Internet-technician-or-facility

Project Description: The project aims to collect money and telecom gear to provide mid-term financial aid to IT technicians that have been affected with their families during the January 12, 2010 earthquake. Money, telecoms gears, time, software, etc will serve to setup technology community centers to support schools, universities, vocational centers that have collapsed.

Begin Date
February 2010

End Date
August 2010

The Context: On the January 12, 2010, Haiti one of the poorest country in the world is hurt by a 7.3 Earthquake that caused major damage to Port-au-Prince, Jacmel, Leogane and other settlements around. Many notable landmark buildings were significantly damaged or destroyed, including schools, universities, vocational schools even the Port-au-Prince Cathedral, and the main jail. Among those killed are a lot of technicians, students, teachers.

Many countries responded to appeals for humanitarian aid, pledging funds and dispatching rescue and medical teams, engineers and support personnel. Communication systems, air, land, and sea transport facilities, hospitals, schools, universities, and electrical networks had been damaged by the earthquake, which hampered rescue and aid efforts; confusion over who was in charge, air traffic congestion, and problems with prioritization of flights further complicated early relief work. As rescues tailed off, supplies, medical care and sanitation become priorities. Among them we also need to address education on a mid term run. With a lot of destroyed schools and dead teachers e-learning can be a good way to overcome this problem.

Deliverables and criteria for close-out

The projects has 2 majors deliverables:

1. Providing financial support to at least 50 technicians whose houses have been destroyed during the seism. The idea is getting them a job so they don't have to worry about their family basic needs and keeping them on their workplace
2. Setup mobile IT community centers to provide IT services to schools and universities.
3. Contents production for e-learning

The project boundaries: This project aims to provide technical support to teachers helping them putting their courses online or on DVD and make it available for remote schools or schools whose teachers have been killed during the quake. Data Center in a box will facilitate access to those courses by the students. Project will be conducted in joint venture with the Ministry of Education that will define the priority based on must affected area and teacher availability.

The main risks: The main risk of this project is not having enough funds to address all the needs in supporting the schools in producing online courses because it's a well-known fact that in schools in Haiti adopted their own curriculum ignoring sometimes the official one. The second concern

Stakeholders:

Client(sponsor): Ministry of Education

Project Manager: Reynold Guerrier

Project Team: Reynold Guerrier, Max Larson Henry,

Steering committee: Reynold Guerrier, Stéphane Bruno, Sergey Gaillard, Roque Gagliano, Max Larson Henry

Other Stakeholders: Local ISP, LACNIC, ISOC, IDB

Budget and resources: ($, people, equipment, facilities, software, etc.)

• 100,000.00 USD for salaries to support technicians and their family to get them back on track
• 5 contents production units
• Production software
• Management software
• 10 data center in a box

Milestones
Date Key deliverables

In the list of topics (tags here at CircleID) there is nothing for serious failure, natural or the result of human agency.

* * *

Feb-March 2010: Financial support to technicians and families
March 2010: Data center in a box
March-August 2010: Implementation period

Bank Account Info:
Bank: SOGEBANK
Bank Address: Route de Delmas, Delmas 29, Port-au-Prince, HAITI
Account Number: 130212988

Swift code: SOGHHTPP
Beneficiary: Association Haïtienne pour le Développement des Technologies de l'Information et de la Communication
Beneficiary Address: 18, rue Moise, Pétion-Ville, HAITI

Written by Eric Brunner-Williams, Mathematician, CTO, CORE

Most of the cases I am aware of have actually been inside jobs. Data has been stolen either by employees or by subcontractors that had access to it and then sold to spammers. There are steps that companies can take to prevent leaks and identify the source when or if they do happen.

1. Limit employee and subcontractor access to data. Keep data machines separate from other machines and limit employee access to those who must have access.
2. Subcontractors who must have access to data should be under contract and under NDA. Make it very clear that data leaks will be treated seriously and may result in legal action.
3. If employee or business issues mean that employees will be terminated, remove access to data sources before the employee is notified of termination. Some employees who would not consider stealing data from a company they work for will take data after they are terminated.
4. Institute secure audit trails for access to data. Track every time an employee accesses data from a console, web interface or client.
5. Prevent, as much as possible, the ability for anyone to download data. If there are reasons someone needs to download email addresses, remove @ signs and replace with another symbol to make it less likely that trojans on employee laptops will steal the addresses.
6. Prohibit employees from storing customer data on laptops or downloading over wireless.
7. When providing data to subcontractors seed addresses in the lists. This way, if the list is leaked or sold, then you will know when that happens. Provide unique seeds to each subcontractor in order to identify which subcontractor is responsible for the leak.
8. Occasionally search all machines on your network for the seeded addresses to identify places where data may unexpectedly end up internally.
9. Occasionally punch seed addresses into search engines (Google or Bing) to see where address lists may have leaked.
10. Run current and up to date anti-virus software on all machines. Use hardware firewall and VPN software to limit external access.
11. Block outbound port 25 across the network. Ban any peer to peer software on any machine that has access to address lists, including employee laptops.
12. Securely store and/or encrypt any backup tapes to prevent employees from walking off with them.
13. Don't put email lists or log files within a webserver directory; htaccess protection is not sufficient to prevent access.
14. If you are shipping files around with email addresses, use good encryption to prevent unauthorized users from having access.

None of these things will guarantee data will not be stolen or leaked. But limiting access to the data, and having a clear audit trail and consequences will make anyone think twice before stealing it.

Written by Laura Atkins, Founding partner of anti-spam consultancy & software firm Word to the Wise

Just when you thought Nexus One was the biggest thing coming out of Google this week, we now get word about Google Energy. Well, Nexus One is a big deal, but I say that wearing my telecom analyst hat. Switching to my smart grid hat, Google Energy is something else altogether. It's easy to see where Google is going with mobile devices—no surprise there—and for once, someone managed to steal Apple's thunder at CES.

As big as that is—and will be—Google Energy has all kinds of implications for smart grid. For starters, I should say that Google has not issued any public announcements, and you can see for yourself by scanning their website. No doubt that will change in time, and for now, most of the reporting has come from news sites like CNET.

I'm sure this is by design, and in keeping with their "do no evil" mantra, Google would rather keep our attention focused on Android, where we want to find them. Pushing into energy is a much bigger leap, and when Google makes a move like this, everyone in that space takes cautious notice. Companies like Google are very good at managing entries into new markets, and the cynic in me would say that doing this just after Nexus One is a calculated way to keep a low profile for a sector we don't normally associate them with.

There are many facets to this move, and I'm just going to touch on two of them here. First, a lot of attention has focused on Google's publicly-stated goal of reducing their carbon footprint. In this regard, Google Energy puts them in a good light, especially following the Copenhagen conference last month. This can only be positive, and while their intentions are to be applauded, I think there are bigger forces at play.

Not only is it desirable for them to become a carbon-neutral energy user, but this is a business opportunity in its own right for Google. I'm thinking here about PowerMeter, which gives Google a legitimate entry point for the Smart Home market. No doubt, PowerMeter has the potential to help reduce the carbon footprints in our homes, but surely you can see how this sets the stage for Google to provide all kinds of other services and applications that have nothing to do with making the world green.

We've explored PowerMeter before, and will continue in 2010 as we think it has a large role to play in smart home. For now, though, I want to move on to the second aspect of Google Energy. At first glance, Google's move into energy seems like an abrupt right turn. What does energy have to do with search? Or mobility? Or maps? Or browsers? Don't they make enough money already? How can they make money in the energy business? These are all valid questions, and the answer to me is simple—vertical integration. Google may well be the ultimate Web 2.0 company, but even they have hard assets that drive their business.

Just about everything Google does is software and web-based, but the real leverage comes from their massive server farms that power everything else. As the web continues to permeate every aspect of modern life, there is an exponential need for Google to expand its server capacity. I may be oversimplifying things, but energy is a hugely important cost factor that impacts Google's operations. Data centers are major energy users, and there are two critical variables that Google would like more control over—cheap power and reliable sources of energy.

Like any other business, Google wants as much vertical integration as possible. It's the best way to control costs, ensure quality, and keep barriers to entry high. In this regard, Google Energy makes perfect sense. It's too early to tell whether they will enter the retail market and try to compete head on with utilities - I don't think that's the plan here. Rather, this entry is a strategy to ensure Google gets access to power on their terms to optimize the performance of all those servers. This may sound rather self-serving, but I'd probably do the same thing if I had their resources and ambitions.

Putting my telecom analyst hat back on again, I can't help but notice what this is really saying about the state of the energy business. Cheap, reliable power may be more important to Google than any other company in America, and their move into energy speaks to the very essence of what smart grid is about. Simply put, Google cannot rely on existing power sources to sustain their growth - the costs are too variable, and the supply is too unreliable. That's exactly what smart grid is trying to address. Fortunately, for those of us in this space, most energy users don't have the luxury of starting their own operation like Google has. Google will get what it needs, and the rest of us will figure it out on our own.

That said, back to telecom, Google Energy is yet another example of an outsider disrupting the status quo—much the way Apple has changed the balance of power in the mobile market—practically overnight. It's actually less surprising to see this happening with Google Energy in that the utility market remains highly regulated and is not really a hotbed of innovation. How utilities will respond is a different question, and we'll address that in due time.

I must add there's an important sidebar to this story—renewable energy. For all my cautionary comments, this is the virtuous side to Google Energy. They have long supported and invested in renewable energy—especially solar—and I believe the end game goes beyond vertical integration. For both selfless and selfish reasons, Google embraces renewable energy, and I think it will become an important aspect of this new venture. Again, we'll explore that when the dust settles a bit.

Finally, I have to circle back to the Android reference at the top of the article. I mentioned that Nexus One was a big story this week, but there was another notable Android item from CES that brings us back to our portal. Let me explain. On Tuesday, MIPS Technologies announced a demonstration of the first Android-based set top box. This may have nothing to do with Smart Grid, but everything to do with Smart Home. Think about the possibilities of communicating with your home media system via a mobile device, both of which run on Android. As Google deepens its reach into the home via the Android platform, it's not hard to see how this could easily extend to energy management applications. Interesting, no?

Here's what's even more interesting. One of the partners in this announcement is Home Jinni, a startup run by my ICP partner, Shidan Gouran. On a personal note, this news is great to hear, and for all of us, we can look forward to hearing more about how Android will impact the Smart Home first hand from Shidan as these demos become commercialized down the line.

Written by Jon Arnold, Principal, J Arnold & Associates

Read full story: Computerworld

Top 10 Featured Blogs in 2009:

1. Yahoo, Gmail, Hotmail Compromised - But How?
   by Terry Zink - Oct 08, 2009
2. A Closer Look at Iran's State of Internet, Strange Transit Changes in Wake of Controversial Election
   by Jim Cowie - Jun 14, 2009
3. WiMAX vs. LTE
   by Paul Budde - Mar 10, 2009
4. China's "Green Dam Youth Escort" Software
   by Rebecca MacKinnon - Jun 08, 2009
5. Verizon Mandates IPv6 Support for Next-Gen Cell Phones
   by Derek Morr - Jun 09, 2009
6. Cloud Computing Types: Public Cloud, Hybrid Cloud, Private Cloud
   by Sam Johnston - Mar 06, 2009
7. Can't Connect… Won't Connect
   by Bill Thompson - May 13, 2009
8. The Cybersecurity Act of 2009
   by Steven Bellovin - Apr 13, 2009
9. Google AdSense Asks Publishers to Change Their Websites' Privacy Policy
   by Dhaval Doshi - Mar 13, 2009
10. YouTube's Fine - Analysts Don't Understand Internet Peering
    by Brough Turner - Apr 16, 2009

Top 10 News in 2009:

1. Network Solutions Under Large Scale DDoS Attack, Millions of Websites Potentially Unreachable
   Jan 23, 2009
2. U.S. General Reserves Right to Use Physical Force, Even Nuclear, in Response to Cyberattack
   May 13, 2009
3. Google Cloud Storage Coming Within Weeks
   May 20, 2009
4. Finland First Country to Make Broadband a Legal Right
   Oct 14, 2009
5. SPECIAL: Updates from the ICANN Meetings in Sydney
   Jun 26, 2009
6. Google Rolling Out Its Services Over IPv6
   Jan 08, 2009
7. ICANN's President and CEO Announces Resignation
   Mar 02, 2009
8. Iran's Internet Censorship Most Sophisticated in the World
   Jun 19, 2009
9. Comcast Unleashes Trial DNS Redirection in Select States
   Jul 09, 2009
10. Latest Cybersquatting Stats from WIPO
    Mar 16, 2009

Top 10 Industry News in 2009 by sponsored posts*:

1. Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware
   by MarkMonitor - Apr 30, 2009
2. .ORG First Open Top-Level Domain to be Signed with DNSSEC
   by PIR - Jun 02, 2009
3. Perspectives from a Nonprofit Domain Name Registry on Navigating the Social Media Frontier
   by PIR - Apr 24, 2009
4. Expanding Internet Access Driving Software Piracy, Study Says
   by MarkMonitor - May 22, 2009
5. A Seemingly Overwhelming Number of Important Documents Released by ICANN
   by MarkMonitor - Jun 02, 2009
6. MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities
   by MarkMonitor - Mar 23, 2009
7. DNSstuff.com Offers Trusteer Rapport Product to Help Users Boost Their Defenses Against Online Fraud
   by DNSstuff - Mar 23, 2009
8. dotMobi Names AutoTrader.mobi as Millionth Site Tested by Acclaimed mobiReady Tool
   by dotMobi - May 20, 2009
9. IP Rights in Digital Environment Key Element of Proposed Treaty
   by MarkMonitor - Apr 15, 2009
10. COCC Partners with MarkMonitor for Anti-Phishing Services
    by MarkMonitor - Mar 18, 2009

* Featured news updates from CircleID's industry participants by more information here - see 'Dedicated Marketing Channel' section

Written by CircleID Reporter

Hostway's shared SAN is an easily upgradeable solution that lowers the cost of storage, because the high performance, enterprise class array is shared among multiple customers, eliminating upfront capital expenditures. The SAN is fully managed and maintained by Hostway, freeing customers to focus on running their businesses. Storage can be acquired on a demand basis, enabling capacity to be ramped up and down without penalty as needs change.

"The new Shared SAN solution solves a significant problem for our customers" said Todd Benjamin, director of Enterprise Hosting. "Now server customers can access high performance, reliable, and virtually unlimited storage on a service basis as the needs of their businesses dictate."

Server Load Balancing. When a web site exceeds the capacity of a single server, the obvious solution is to share the load among several servers. This used to be done by DNS load balancing where client’s request to resolve a host name would be rotated among several servers. There are two issues with this method; First is that the clients don’t resolve a host name for every transaction – actually with DNS caching they rarely do. This leads to severe imbalance on the servers. Another problem is that the actual load on the servers is not known to the DNS load balancer, resulting again in imbalance. The solution was a new family of products known as Server Load Balancers. An appliance would front several (perhaps even hundreds) of servers and balance the load across them.  All incoming traffic would pass through the device and get routed to the ‘most appropriate’ server according to the algorithms employed by the SLB device. The IT manager has a simple strategy now – the more traffic needs to be handled, the more servers I add, up to the capacity of the SLB device.

The world is changing. Over the last decade, web data centers experienced a significant growth in load. This can be attributed to many factors, among them the proliferation of web based applications and the move from LAN based local IT infrastructure to a global WAN based infrastructure. Instead of growing linearly, the load on the web servers grows exponentially, forcing IT managers to deploy ever-increasing number of servers in their farms. This situation led to a new class of products – one that not only load balances but also offloads the servers. These new machines, called Application Delivery Controllers (ADC), take huge burden off the servers – concentrating on areas that are peripheral to server’s main function of delivering web and application content. In addition, ADC’s employ several acceleration functions aimed at reducing the amount of traffic over the WAN. By employing an Application Delivery Controller it is possible to avoid the exponential growth in server numbers (and perhaps even lower the server count) while improving end user experience.

What’s in an ADC? As a new product, the definition continues to evolve, but these elements exist in most products on the market:

• SLB -Since the appliance replaces a traditional load balancer, it has to take its basic functionality of load balancing among several servers. This is neither offload nor acceleration but is required as a legacy feature.
• TCP connection management and multiplexing—Even a strong server can be brought to its knees by making it deal with tens of thousands of TCP connections opening and closing rapidly. By handling all the myriad TCP issues on the client side and multiplexing the client requests into few well behaved TCP connections towards the server, a significant offload is achieved.
• Compression - Compressing web content is an established way of reducing bandwidth and reducing response time. Doing compression on the ADC offloads this task from the server.
• SSL - Secure Socket Layer is widely used for content encryption. Being computationally intensive, offloading it to the ADC can free up server resources.
• L7 advanced features - An advanced ADC allows the enforcement of policies such as traffic and content control based on L7 information. This allows complex data center behavior without burdening the servers.
• Caching - Most ADC’s consolidate a web caching feature in the device. This reduces load at the servers as cached content is served directly from the ADC.
• GSLB - Global Server Load Balancing allows balancing geographically separated sites based on their load.

What’s the secret sauce? How can a single device offload dozens or even hundreds of servers? There is more than one answer but most products fall into one of two categories:

1. Standard server architecture using streamlined standard OS or completely rewritten OS optimized for ADC functionality. Such architecture promotes rapid feature development but suffers from inherent bottlenecks, especially when several features are turned on simultaneously.
2. A mix of standard processors with dedicated hardware. The mix ratio can range from mostly General Purpose (GP) to mostly hardware based solution. The development cycle may be longer but feature concurrency is maintained.

To summarize, modern web data centers experience exponential growth in server load, requiring a non-linear solution. In these environments, IT managers migrate from legacy SLB solutions to ADC products offering offload and acceleration on top of load-balancing.

Written by Amit Fridman, Vice President Engineering at Crescendo Networks

Hostway Enterprise Services already offers dedicated servers and managed services, colocation, cloud technologies, and other enterprise class hosted solutions. The new services will further enhance Hostway's ability to provide end-to-end, customized solutions to corporations, government agencies and utilities, software-as-a-service (SaaS) providers, and other online application companies.

We're excited about the potential of the new team and the implications for our existing enterprise offerings," said Todd Benjamin, director of Hostway Enterprise Services. "As more enterprise applications move to the cloud, offering our customers an end-to-end managed solution for hosted computing and bandwidth infrastructure will enhance those customers' ability to increase performance, reliability, and affordability of their hosted applications."

Hostway Network Services will be available immediately on Hostway's fully redundant global backbone network, with points of presence (PoPs) in New York, Miami, Tampa, Atlanta, Chicago, Seattle, Austin, London, and Amsterdam. Additional services and PoPs will be rolled out to meet the evolving needs of companies leveraging internet based technologies.

For more information, contact Hostway Network Services at network.sales@hostwayenterprise.com, or visit our website at www.hostwayenterprise.com/network-services.html.

There's plenty of theories as to what went wrong—the most credible being that a SAN upgrade was botched, possibly by a large outsourcing contractor, and that no backups were taken despite space being available (though presumably not on the same SAN!). Note that while most cloud services exceed the capacity/cost ceiling of SANs and therefore employ cheaper horizontal scaling options (like the Google File System) this is, or should I say was, a relatively small amount of data. As such there is no excuse whatsoever for not having reliable, off-line backups—particularly given Danger is owned by Microsoft (previously considered one of the "big 4" cloud companies even by myself). It was a paid-for service too (~$20/month or $240/year?) which makes even the most expensive cloud offerings like Apple's MobileMe look like a bargain (though if it's any consolation the fact that the service was paid for rather than free may well come back to bite them by way of the inevitable class action lawsuits).

"Real" cloud storage systems transparently ensure that multiple copies of data are automatically maintained on different nodes, at least one of which is ideally geographically independent. That is to say, the fact I see the term "SAN" appearing in the conversation suggests that this was a legacy architecture far more likely to fail. This is in the same way that today's aircraft are far safer than yesterday's and today's electricity grids far more reliable than earlier ones (Sidekick apparently predates Android & iPhone by some years after all). It's hard to say with any real authority what is and what is not cloud computing though, beyond saying that "I know it when I see it, and this ain't it".

Whatever the root cause the result is the same—users who were given no choice but to store their contacts, calendars and other essential day-to-day data on Microsoft's servers look like having irretrievably lost it. Friends, family, acquaintances and loved ones—even (especially?) the boy/girl you met at the bar last night—may be gone for good. People will miss appointments, lose business deals and in the most extreme cases could face extreme hardship as a result (for example, I'm guessing parole officers don't take kindly to missed appointments with no contact!). The cost of this failure will (at least initially) be borne by the users, and yet there was nothing they could have done to prevent it short of choosing another service or manually transcribing their details.

The last hope for them is that Microsoft can somehow reverse the caching process in order to remotely retrieve copies from the devices (which are effectively dumb terminals) before they lose power; good luck with that. While synchronisation is hard to get right, having a single cloud-based "master" and a local cache on the device (as opposed to a full, first-class citizen copy) is a poor design decision. I have an iPhone (actually I have a 1G, 3G, 3GS and an iPod Touch) and they're all synchronised together via two MacBooks and in turn to both a Time Machine backup and Mozy online backup. As if that's not enough all my contacts are in sync with Google Apps' Gmail over the air too so I can take your number and pretty much immediately drop it in a beer without concern for data loss. Even this proprietary system protects me from such failures.

The moral of the story is that externalised risk is a real problem for cloud computing. Most providers [try to] avoid responsibility by way of terms of service that strip away users' rights but it's a difficult problem to solve though because enforcing liability for anything but gross negligence can exclude smaller players from the market. That is why users absolutely must have control over their data and be encouraged if not forced to take responsibility for it.

Open Cloud simply requires open formats and open APIs—that is to say, users must have access to their data in a transparent format. Even if it doesn't make sense to maintain a local copy on the users' computer, there's nothing stopping providers from pushing it to a third party storage service like Amazon S3. In fact it makes a lot of sense for applications to be separated from storage entirely. We don't expect our operating system to provide all the functionality we'll ever need (or indeed, any of it) so we install third party applications which use the operating system to store data. What's to stop us doing the same in the cloud, for example having Google Apps and Zoho both saving back to a common Amazon S3 store which is in turn replicated locally or to another cloud-based service like Rackspace Cloud Files?

In any case perhaps it's time for us to dust off and revisit the Cloud Computing Bill of Rights?

Written by Sam Johnston, Strategic Consultant Specializing in Cloud Computing