SaaS full of Application

For all of us consuming technology, we know that SaaS (Software as a Service) application are here to stay. Be it the New York Times on your iPad with your morning coffee or your stock trading account to watching movies on Netflix. All these are now associated with SaaS based apps that are now consumed from multiple devices. Thus creating a “saas full of applications” to manage and maintain.

For a typical enterprise, it is now getting very common to use a plethora of these SaaS apps for Customer Relationship Management (SalesForce.com), Human Capital Management and Human Resource Information System (Workday),Expense accounting (Concur), Web based presentation(WebEx) and many others.

Most of these application walked into the enterprise, sponsored by a business user as an easy way of streamlining processes and getting work done without getting corporate IT involved. However at some point internal IT was commissioned to take over management of user accounts and customization if any. Now for IT, the big headache was to manage access to these systems. It was challenged to do this without using their central user database of LDAP which usually is Active Directory. As each of the SaaS apps maintained its own proprietary access management control thus an employee user account was created across all the different SaaS apps that were getting used.

To add to this real world problem of Single Sign On (SSO), most companies, for regulatory compliance purpose, need to maintain an user management system in place that can be audited and verified. These accounts should be available only to approved users and access should be removed when that approval is rescinded due to termination or change in job profile.

With this we have seen a revolution in Identity Management (IdM) with explosion of SaaS application in the enterprise space. Identity Management is defined as the management of individual identities, their authentication, authorization, roles, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.

For a more detailed information on Identity Access Management refer to IAM

Identity Management and Identity Access Management are interchangeably used and are now becoming an explosive market. As per IDC and Forrester, the IAM market will be anything between $5.1 billion to $12.3 billion by the year 2014. This has resulted a rush of players trying to get a piece of the action some which are known players and are getting through acquisitions. Between IBM,CA,Oracle and Symantec(Verisign) have approxmately 50% of the market. Rest of it is pretty fragmented and there is a great article addressing this at Fragmented IAM market. There is also very strong products from the open source world specially for OpenID which has now been supported by Facebook, Yahoo, Google and many other online and social media sites.

We will obviously see some consolidation in this market and also update in technology as we see more data consumed through mobile devices. As the complexity of SaaS applications grows, we will have more automation to manage users and user accounts with advanced level of workflow. The cesspool of application in the SaaS world will get clearer !

Cloudy with a Chance of Application failure


“Cloudy with a chance of meatballs” is a hilarious animation movie released in 2009. It was based on a picture book published in 1978, written by Judi Barett and illustrated by Ron Barett. The main protagonist, Flint Lockwood, is an aspiring scientist living in a town called Swallow Falls. After multiple failed attempts at making gadgets and devices, he finally succeeds in creating “Flint Lockwood’s Diatonic Super Mutating Dynamic Food Replicator” (FLDSMDFR). This machine uses microwave radiation to mutate water into food and with some uncanny methods, Flint launches FLDSMDFR into the stratosphere. With the help of all those moisture soaked nimbus clouds, FLDSMDFR starts raining food – cheeseburgers, soups, mashed potatoes and even ice cream on the aptly re-named city of Chewandswallow. Flint, using a remote communicator is now able to manage and control when the “food rain” starts and times it for breakfast, lunch and dinner.

However, demand quickly grows and Flint has to make adjustments to increase the portion size. Ordering more food requires more clouds, which soon develops into a storm system causing the machine to malfunction with an incessant rain of mega-size food all over the town, resulting in a lot of damage. What follows is Flint’s hilarious and heroic journey to save the town. Since there was no spoiler alert, I will refrain from divulging any more.

This story sounds familiar to applications running on Cloud. They go through the same rigors of ebb (reduction) and flow (spike) in demand. And of course then they malfunction or are not accessible. As in the case, of the big outage at well known cloud provider AWS (Amazon Web Service) that took out popular services like Netflix, Pinterest and Instagram.

A power outage caused by a storm is not that uncommon, but the expectations of cloud-based applications are that they are always available. Yet, outages have plagued all layers of the cloud stack and recently it happened with Microsoft’s PaaS (Platform as a Service) Azure.

Which brings me to the title of this blog – Cloudy with a chance of app(lications) failure. While Cloud provides a platform for services to easily scale up and scale out, it has also become prone to single point of failure. This has made the availability Cloud based applications to be a little iffy at times caused by unplanned downtime. Let us discuss some of the way to mitigate or minimize some of the unplanned downtime for services running on a cloud platform.

Cloud applications generally imply High Availability (HA), (i.e. something is always available). Some of the providers do factor in planned downtime and mention it in their service agreement. Generally business critical applications need to be available between 99.9% (8.76 hours/year downtime) to 99.95% (4.38 hours/year downtime).

AWS does not deserve all the blame, since like any other data center dependent provider, it cannot guarantee 100% uptime. The onus of software availability is on the application provider. They should build redundancy in their architecture by supporting multiple cloud vendors.

Even within the same cloud operator, the workload should be designed to run across multiple geographies. Even Amazon’s best practice guidance calls for distributing workloads across geographies. Based on Accenture analyst, Huan Liu, below is a snapshot of how the servers of Amazon are distributed across the world. The highest concentrations of servers are in the US East (Virginia), which happened to be the region affected by power outage.

As we see more workloads moving to cloud based computing, it becomes more pertinent to have tools that can help to move workloads between cloud vendors and bring them up in case of outages. We will continue to see these outages but with proper tools and planning, cloud based application can be made redundant and easily available in case of unplanned outages.