Archive for November, 2014

AWS re:Invent Keynote Summaries

aws-reinventKeynote 1 – Andy Jassy

TL;DR summary:

Andy Jassy announced 8 new services in the opening keynote. The AWS SVP said “the new normal is that security and compliance are becoming reasons customers are moving to the cloud.” It used to be security and compliance were reasons to stay out of the cloud. Complete 180 in prior 5 years.

Theme: AWS has already won the hearts and minds of startups and ISVs

New focus… What does the “enterprise” need to embrace the cloud?

Day 1 Keynote revealed these 8 new enterprise focused features

  • Amazon Aurora

    • Super fast, resilient SQL as a service. $.29 cents an hour. This is an attack on Oracle. 11’9s reliable, 5x faster than existing MySQL on AWS.

  • AWS Key Management Service

    • Multi-faceted fully managed encryption key service with automatic key rotation, auditing, and compliance certifications.

  • AWS Config

    • Track and “scenarioize” config changes before implementing. Very important for enterprises which are accustomed to on-premises ITIL tools and need cloud equivalents.

  • AWS CodeDeploy, CodeCommit and CodePipelines & Apollo

    • A suite of internal tools AWS has been using for 19 years now available for free to help enterprise developers more efficiently adopt new innovation practices and increase agility. “Agility” was a theme mentioned over and over. Cloud is more than low cost, it’s an agility amplifier.

  • AWS ServiceCatalog

    • Enterprises want to publish internal catalogs of approved IT cloud services and want internal groups to be self-sufficient. This service helps in that area.

    • Think of this as the “corporate portal to cloud.”

  • Amazon / AWS  Core Values (a couple of the dozen) cited in keynote:

    • Work backward from customer… and really mean it… don’t pay lip service to this mantra

      • This also means basically ignore competitors, unless customers tell you they need something a competitor is already doing.

    • Pioneer & Invent new technologies for the long-term

      • Legacy IT vendors have lost their innovation gene… AWS fills the void.

Read more…

Is it time for “Installed” Software as a Service?


A 3 minute read.

“Installed Software as a Service” sounds like an oxymoron. But it’s actually starting to happen and will accelerate even more.

Most enterprises embrace Software as a Service as their preferred method to solve an IT problem. Whether archiving (Sonian), CRM (, marketing (Hubspot), customer service (Zendesk) or accounting (Netsuite) there is a SaaS offering for nearly every need. It seems only the largest or most security sensitive organizations are not using SaaS. “Installed” SaaS is a delivery method that will make everyone happy about SaaS.

SaaS architectures are designed around massive multi-tenant services with appropriate per tenant (i.e. a customer) security. Multi-tenancy is for economies of scale (we all love SaaS’ low pricing, right?), but less desirable for the customer since data is commingled. Customers desire the managed aspect of of SaaS, but also want to control their own data. Managed by others with data control was a feat too hard or too expensive to accomplish, until now. Technology and market demand are aligning to give customers what they want.

The next wave of SaaS will provide the cost efficiencies of multi-tenancy with the security posture of single tenant. SaaS vendors will offer customers to “install” the service into the customer’s own cloud account. The SaaS vendor will still manage the software, but the customer will have ultimate control over the data structures. Costs will be higher for this type of offering, but customers are willing to pay more for their own control, and will still cost less than traditional on-premises self-managed.

How is “Installed SaaS” possible?

Three emerging technology trends make installed SaaS possible.

The first is the significant amount of devops automation that has matured over the prior seven years. Small teams are using mature tools and processes to fully automate cloud provisioning and software installation to manage massive multi-tenant stacks. This same tooling can manage many single tenant stacks with similar efficiency. Not as efficient as fully multi-tenant, but pretty close.

The second is technologies such as Docker (and containers in general) as well as new cloud capabilities from Amazon Web Services (and others following quickly) such as VPC, Encryption Key Management, Identity and Access Manager & Cloud Native Directory Services. These are all the ingredients SaaS vendors need to “install” into a customer’s cloud account. And now with well documented information security boundaries. With this configuration customers can have a “master” kill switch to cut off external access to their data files. CIOs love this idea.

The third is a new breed of third-party services that can independently “audit” a cloud environment for compliance, security and access. Projects such as Conjur are working on this. Another innovative project is CloudHealth which can monitor cost efficiencies for many single tenant installations and provide automatic cloud infrastructure optimization.

SaaS vendors will need to modify their stack architectures to deliver “installed” SaaS, so there needs to be customer demand to justify the expense. Customers are just now starting to ask for this operating mode.

Read more…