Think about it, if an organization wants to save energy (good for carbon emission reduction, good for saving money in these tough times), what better way than to ditch the servers, data center, etc., in favor of a hosted solution? 
 
This is an easy win -- and the IT sector can capitalize on the need to save money and power. Freeing up funds to use elsewhere makes sense from a portfolio management perspective, as well. 
 
Just a thought... 

Posted by: Tom Termini

Posted below is an email exchange with a recent spam poster I received. Yes, I know, am I crazy trying to actually correspond with a spammer!?  
 
Well, I had a hunch I could maybe get through to this person -- and I got results! We will see if he follows through. 
 
== (in reverse chrono order == 
Ok, well this is a good start. 
 
First, you should find an email service that lets people opt out, like 
 
http://www.mailchimp.com 
 
That, way you can send an e-newsletter ONCE to your list, and let people self-filter. 
 
Your e-newsletter should be readable, and contain useful information. You can get content from a syndication  
 
http://www.contentthatworks.com/store/start.html 
 
if you can't come up with your own. I recommend writing a CASE STUDY for your first e-newsletter. What was the last job you didHow did you solve your last client's problem? Here's a press release about a Communication Arts magazine article. Communication Arts is the BEST graphics magazine. 
 
http://siteworx.com/company/news/siteworx_redesign_makes_communication_arts_site_of_the_week/ 
 
Third, buy a list from someone, and use the first tactic to filter it. Lists are made up of people WHO WANT to receive information from legitimate businesses.  
 
http://www.getsubscribers.com/?gclid=CJGm_6Ky_pUCFQO2FQodHzLzFQ 
 
I also recommend your site have an OPT IN email newsletter subscription form. MailChimp, for example, provides one. Make the subscription compelling by having a good newsletter.  
 
Publish a decent BLOG on your area of expertise. For example, you are offering an OFFSHORE contract relationship -- what are the problems one might expect? Perhaps explain how payments work (paypal? credit card?). I would also approach the subject from the UNIQUE design perspective you might have -- such as your academic credentials (what awesome university did you go to?). 
 
Finally, you can advertise -- pick the top 10 cities you want business from, and place advertisements on Craig's List. Be explicit about your rates, skills, and the offshore arrangement.  
 
http://www.craigslist.org/ 
 
You can also try some freelance vendor sites: 
 
http://www.guru.com/category.cfm?cid=200&tc=23000&kw=graphic+artists 
 
-- 
 
I hope this helps you. I don't want to see ANYONE fail at what they do, but adding to the SPAM crossing the wires of the internet will not get you business. Getting your message out to the world in a legitimate, non-intrusive way will. 
 
Please feel free to write me if you run into any problems or if you think I can help in other ways. Good luck and hang in there! 
 
(and spell my name right, TERMINI) 
 
 
Regards, 
Tom Termini 
 
== his reply to my anti-spam message == 
 
Shaun Liu to me 
show details 1:48 AM (6 hours ago) 
 
Reply 
 
Hello Mr.Ternini 
 
I think I have to say sorry at first,I do not want to become a spammer at all. 
 
I find out several hundred emails of design agency,then I send them Letter of self-recommendation,because I don know any other way to lets them know me. 
 
If you would like to tell me how to build a legitimate mailing list or Throw me some article link,I'd like to Abide by the rules. 
 
In fact,The email I sended has not made good results,I am confused on how to find the clients. 
 
Shaun 
 
 
------------------------------------------------------------------------------------------------------------------------ 
 
Website:http://www.Shaun-Liu.com 
Email:Info@Shaun-Liu.com 
Street address: #32,28/F,MOI.Orient-Times mansion,No.16 Jiangxin road north,Jiangbei District. 
Location: Chongqing,china. 
 
 
 
== 
 
 
 
 
 
== my reply to his first email == 
 
I got your email. I am curious, why do you think someone would hire a spammer? the very fact that you keep sending me your email against my will makes me not only NEVER want to hire you, but tell EVERYONE i know around washington dc NOT to hire you either. 
 
so, if you write me telling me you will refrain from random spamming, I will help you get work. Otherwise, i will write about your unprofessionalism on my blog, and my facebook page, and more. 
 
There are lots of ways to build a legitimate mailing list. I will help you do that, too, if you are professional enough to admit that spamming is NOT the way to get work. 
 
Cheers, 
Tom 
 
 
 
 
== his first email == 
2008/9/28 Shaun Liu <info@shaun-liu.com> 
 
- Show quoted text - 
 
 
Dear Sir/Madam: 
 
My name is Shaun Liu, I'm now looking for professional clients around the world to work with on a freelance basis , Perhaps we could work together. 
 
Because I have: 
 
- 6 years + experience specialising in interactive design/web design/graphic design for several design agencies. 
- Good communication and understanding, the work undertaken will fit your specifications down to the last detail. 
- I work with the support of partners. 
- A way to save you HR costs. 
 
So, plesase check out my design portfolio Site http://www.Shaun-Liu.com and contact me at Info@Shaun-Liu.com for more details. 
 
-----  

Posted by: Tom Termini

In response to a self-admitted Marxists' confusion about the way derivatives work... 
--- 
Posted by stoobe 54 points 12 hours ago* [-] 
I think I'm only one of a few Social-Liberal Fiscal-Conservatives who read reddit. Since I work in finance, I'll try to explain the value of these "weird investment products" 
These weird investment products don't create value in themselves, but instead help other companies create value more efficiently. For instance, when a company issues stock no value is created by writing a bunch of stock certificates. The value instead comes from dividing risk among many different investors and giving the company access to money that it needs to grow. This trade is mutually beneficial to both company and investors. 
Other investment products do similar things, for instance take credit-default-swaps (CDS). All a CDS does is give you some money if a company is going bankrupt. Who would want a CDS on Ford Motors? Well, anyone who sells stuff to Ford, such as Bridgestone Tire. The CDS lets Bridgestone sell tires to Ford and not have to worry about Ford going bankrupt. The bank that sells Bridgestone the CDS makes a little money on each CDS they sell, and in exchange Bridgestone can then focus on its business rather than worrying about whether it'll get paid or not. 
And finally, if two parties agree to trade then they are probably both benefiting. One is likely expecting to make money and the other reducing risk. 
Anyway, I hope this helps. I think finance is cool and I hope this makes it a little more interesting to you too. :-) 
 

Posted by: Tom Termini

We've been underway with the Workbench private beta for a few months now, with some success. With over 200 users from several distinct organization, we have gotten a good cross section of the variety of uses for the product. High on the list of requests has been user interface improvements. It seems our endless tinkering will be, well, endless, in the quest for an easy-to-use approach. 
 
More details as they become available... 

Posted by: Tom Termini

Service-Oriented Architecture (SOA) and Software-as-a-Service" (SaaS) are two forces to be reckoned with in software architecture these days. SOA has provided a means to integrate and consolidate legacy systems onto a consistent platform for growth and agility moving forward.  
 
One key aspect of SOA is that clients are "thin" (think: browser) and the presentation layer contains no business logic. As with three-tier, business logic is located in services (in the Java code, in our product, Workbench) where it can be reused across many different types of clients ranging from web browser UI, to mobile clients, to system-level external component-type APIs. 
 
We provide several services in our SAAS offering, Workbench, including messaging, encryption, scheduling, and user lookup (plus a few more). As more SAAS offerings become available over the Web, service implementations can change so that instead of consolidating all logic themselves or delegating to some local third-party product (library or COTS application), they instead delegate to some remote service delivered by some third party. Google maps is my favorite: the real-world realization of Geographic Information Systems (GIS) brought about via web service.  
 
To make use of Google's geocoding service, we simply switch the implementation of our "Map It" service and change the method to delegate to the Google geocode web service instead of processing such requests in our local app layer. This modification from using our local geocoder to using the remote Google Maps API does not change the WSDL interface for the "Map It" service, so there is no impact to any of our clients. Just a user-friendly Google map that we are now so used to. 
 
In handing off to remote services over the public Internet, we are concerned with security, naturally. This risk is mitigated effectively with a combination of application and communications layer stepts: application security typically includes username/password login to the remote service before use; communications security may be implemented witw, for example, HTTPS. 
 
We've gone to great lengths to architect our SAAS offering in the most SOA-like way, so that in the future we are flexible, and we enable our clients to be, as well. 
 
 

Posted by: Tom Termini

InfoWeek discusses the concept of the cloud, and the end of the desktop. Chrome, Google's new browser, is pretty interesting in that it is (supposedly) very Wc3 compliant, and uses separate threading for each tab to make the browsing experience much more 'snappy'. For example, the JavaScript-heavy auto-completes in YouTube load in a flash, making web applications in Chrome seem more like a local client app. Oracle-owned NetSuite has provided several screens in their SAAS that are optimized for Chrome, as a test. expecting to update the entire web app by late October to take advantage of a better end user experience. 
 
Read more... 
http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=210500375 
 
Netsuite... 
http://news.cnet.com/8301-1001_3-10034108-92.html 
 
 

Posted by: Tom Termini

(warning, tom rant follows) 
---- 
My friend Joe posted this guy's blog on my Facebook page. Ack! I couldn't let it go unanswered... http://townhall.com/columnists/DennisPrager/2008/08/12/why_i_am_not_a_liberal  
 
----- 
So let's get down to it... 
 
<quote> I believe that the United States of America, from its inception, has been based on the Judeo-Christian value system, not secular Enlightenment values alone, and therefore the secularization of American society will lead to the collapse of America as a great country. 
I believe that some murderers should be put death; that allowing all murderers to live does not elevate the value of human life, but mocks it, and that keeping all murderers alive trivializes the evil of murder.</unquote> 
 
Consider the inconsistencies -- these two are at immediate odds. Killing is wrong, period. You are either a sell-out to your so-call Judeo-Christian values, or a hypocrit. I vote the latter. 
 
<quote> I believe that the trial lawyers associations and teachers unions, the greatest donors to the Democratic Party, have done great harm to American life -- far more than, let us say, oil companies and pharmaceutical companies, the targets of liberal opprobrium. </unquote> 
 
Fact: Exxon Valdez caused by corporate ineptitude; 1991, following the collapse of the local marine population (particularly clams, herring, and seals) the Church Native American group went bankrupt [http://www.juneaualaska.com/between/chugach.shtml]. Fact: THALIDOMIDE causes birth defects, hence is a bad choice for controlling nausea during pregnancy, sorry we didn’t pass along that little tid bit of research. Fact: teachers are valuable assets to American society. Fact: laborers were being KILLED by management until the advent of unions. [ http://www.kentlaw.edu/ilhs/cherrymi.htm ] 
 
“In law, a trial is an event in which parties come together to a dispute present information (in the form of evidence) in a formal setting, usually a court, before a judge, jury, or other designated finder of fact, in order to achieve a resolution to their dispute.” 
 
Without the checks and balances of lawsuits corporations would run rampant. “Strategic lawsuits against public participation" are a serious menace to free speech. -- example: the publisher of Consumer Reports has already spent $10 million defending itself against a lawsuit filed by Isuzu Motors Ltd. because, eight years earlier, Consumer Reports rated the Isuzu Trooper "not acceptable" for safety reasons. Izuzu's internal memos state that the "lawsuit is a PR tool" and "when attacked, CU will probably shut up." According to a study by two University of Denver law professors, "Americans by the thousands are being sued, simply for exercising the right to speak out on public issues, such as health and safety." 
 
What tort reformers don’t mention is that the legal system already has three safety mechanisms in place to prevent, dismiss, and correct “frivolous lawsuits” and “runaway jury verdicts.”  The first mechanism, the contingent-fee agreement, prevents frivolous lawsuits from being filed in the first place. The second, the Summary Judgment, is to determine whether there is a genuine need for trial. When a party files a motion for summary judgment, they’re telling the court that there is no need for trial because the facts and law applicable to the case would prevent the other side from winning. Finally, a judge can issue a directed verdict, which tells the jury that they must make a certain decision.  Usually, a directed verdict is used when something comes out at trial that prevents the other side from winning as a matter of law. 
 
The nation's largest businesses have been advancing a legislative agenda (“tort reform”, another case of Orwellian doublespeak) to limit their liability for causing injuries.  
 
[ U.S. News & World Report "Premiums Up, Payouts Flat", U.S. News & World Report, June 30, 2003 ] 
 
Maybe check the dictionary (or, Wikipedia!):  
 
Liberal: The problem with labels when they are used as they are in the political arena is that they become name-calling and do little to help move the discussion forward so that we can solve the serious problems (and even the not-so-serious problems) that we have in our country and world. The word "liberal" derives from the Latin liberalis ("generous"). However, it is widely associated with the word "liberty" and the concept of freedom. The American War of Independence established the first nation to craft a constitution based on the concept of liberal government, especially the idea that governments rule by the consent of the governed. The more moderate bourgeois elements of the French Revolution tried to establish a government based on liberal principles. Economists such as Adam Smith, in The Wealth of Nations (1776), enunciated the liberal principles of free trade. The editors of the Spanish Constitution of 1812, drafted in Cádiz, may have been the first to use the word liberal in a political sense as a noun. They named themselves the Liberales, to express their opposition to the absolutist power of the Spanish monarchy. Beginning in the late 18th century, liberalism became a major ideology in virtually all developed countries. 
 
Being proud of “not being a liberal” is like being proud of Luddite-tendencies and neo-fascist “Fatherland First” jingoism. Sheesh. You utter a few Libertarian catch phrases, but let’s face it, in 8 years the Republicans have bankrupted the country for MY grandkids, soured our moral high-ground (post 9/11 everyone was with us, now they think we invade countries for no reason. Wait, was that Georgia or Iraq?) with unconstitutional presidential powers of torture and spying on our own citizens, and most of the country rolls over while our rights are trampled. At least I can own a gun now in D.C. legally. Wait, since when do I have to have PERMISSIOn from the Bush administration’s lackeys on the Supreme Court to enjoy my 2nd Amendment RIGHT? 
 
[proud gun owner and NOT a member of the NRA] 
 

Posted by: Tom Termini

I've been seeing a lot in InfoWeek and other trade rags about Cloud Computing -- co-mingled with discussions on Software-as-a-service (SAAS). But there seems to be confusion in the ranks about the difference. And there IS a difference. Browser access to an application hosted on the web is SAAS. The notion of "cloud" applies more to infrastructure, in my mind, than the universality of access to web-based resources. Sure, Gmail and such are gigantic web apps living 'in the cloud' of the internet. But Amazon's storage net, or Google's app infrastructure, seems to fit the definition of 'cloud' computing better -- raw materials that anyone can take advantage of (for a fee or for free) to push info tech outside the building. 
 
Outsourcing in the 21st century is all about SAAS and the cloud. The equation remains the same (even if the approach has changed) -- is it cheaper/better/faster to utilize X, or to buy/build our selves? How you answer that question dictates the extent you can leverage the cloud for your organization's benefit. 

Posted by: Tom Termini

Dan Druker over at his blog has an interesting summary of the Bessemer Venture Partners SaaS CEO Summit. This is good stuff for any commercial offeror of a software-as-a-service. http://intacct.blogspot.com/2008/01/channeling-bessemer-saas-ceo-summit.html 
 
I found the discussion on corporate culture at the two most recognized SAAS vendors to be most enlightening (Salesforce.com and Netsuite). Culture in terms of visibility is obviously the most common aspect of the organizational 'personae'. Branding can help reinforce this, but often the true virtue (or vice) comes through -- think 'Big Blue' (or, conversely, BearingPoint). But Dan is focused on the other aspect of the corporate personae, that of the level of resistance to change. When faced with change (most probably from outside forces), many organizations fall back on "what works" rather than assessing the newly changed landscape for opportunities. 
 
When an organization's internal behavior patterns support embracing change -- such as adopting a channel partner mentality over a direct sales one -- opportunities are capitalized on. Culture in a corporation (or any organization) is not about strategy, which is a rational approach to dealing with external factors. Rather, identifying the shared values of the people who make up that organization, which may or may not be related to the strategies employed, offers up the easiest route to embracing change. 
 
For example, we have a customer who at present is trying out the SAAS model with us -- a test to see if the members of the organization (and external stakeholders) will accept a different model for software. This works well for them because they are, at their core, an R&D type environment. Experimentation works well. Other customers have had a top-down approach: "This solution is the most cost effective and the fastest to deploy. So you will use it because I (the CEO, CIO or whomever) say you will...". While I personally prefer the latter to the former, we try to be accommodating for all types of cultures. 
 
 

Posted by: Tom Termini

Obviously we are big Xserve users. I came across a brief on setting up Leopard Server with a Basic install that might be of interest.  
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9069898 
“Leopard Server, the newest version of Mac OS X Server, sports many new updated features. One of the most innovative is a new interface that simplifies server setup and management. This new interface is designed primarily for small businesses or small workgroups within a larger organization that need server functionality but don’t have the resources to hire a full-time systems administrator.” 
Handy -- screenshots, etc. Coupled with iPhone 3g/2.0 software, Apple has some very useful enterprise solutions -- that 'think different'. 
 

Posted by: Tom Termini

We're in the middle of a pilot for one of our customers, and are able to demonstrate how Agile development techniques -- specifically the incremental feature releases, quick user feedback loops and quality assurance that include users -- can yeild better results. However, we have not publicized that this an 'agile' approach, per se. The goal, we agreed with the client on, was to include the end users more fully early in the process. Of course, the idea that we'd make changes and re-deploy quickly was very appealing. 
 
On a somewhat related note, I got this in an email from ZAP, a SOA consultancy. An interesting premiss, the shortage of SOA experts can result in misleading cost estimates for high-level architectures: 
 
<quote> 
The Great SOA Consultant Squeeze 
Document ID: ZAPFLASH-2008728 | Document Type: ZapFlash 
By: Jason Bloomberg 
Posted: Jul. 28, 2008 
 
Here's the scenario: you're a CIO who, in spite of reading ZapThink's warning about issuing a SOA RFP, you find yourself doing just that, shopping for a professional services firm who can help you with your initial planning phase of what promises to be a full-blown enterprise Service-Oriented Architecture (SOA) implementation. Based on your requirements, your own architecture team has calculated that this initial planning project calls for 100 hours of a senior-level SOA architect's time. So, you send out your Request for Proposal (RFP) to three consulting firms: a large, internationally known firm, a midsize firm with a well-regarded technical focus, and a boutique SOA firm that focuses solely on SOA engagements. 
To your surprise, the three responses come back with wildly different figures. The boutique firm proposes the highest price, the midsize firm comes in at 75% of the boutique firm, and the large firm, whom you expected to be the highest, proposes only 20% of the boutique's price, and the evaluation portion of the project, which you estimated would take a quarter of the time, they're throwing in for free. 
On first glance you rejoice, because you didn't think you'd be able to afford the large firm, while now you'll be able to accept their bid with money to spare. But then you get a funny feeling that something's not right. After all, the two other firms are both highly regarded, and based on your conversations with them, they are both interested in winning your business. So what gives? Why are the bids so wildly different, and is the larger firm automatically the best choice? 
The Ol' Bait and Switch 
The reason for the larger firm's lowball bid is pretty basic: they are willing to take a loss on the up-front architecture work in order to win the potentially much more lucrative follow-on implementation business. Now, if this approach were simply a loss-leader sales strategy, that would be one thing -- but it's not. It's actually a bait and switch. 
Here's the problem: the large firm is taking this loss leader technique to sales opportunities around the world, bringing in a small team of sharp SOA architects in a pre-sales capacity to close the deals. But the problem is, they don't have enough seasoned, competent SOA architects to go around. So once they close a deal, it's time for the crack SOA team to move onto the next sales opp, leaving a passel of wet-behind-the-ears developers just a few years out of college holding the bag. And while these junior folks have been through a few weeks of SOA training, they fundamentally aren't up to the challenge of SOA projects like yours. 
 
The Economics behind the Numbers 
Macroeconomically speaking, qualified SOA architects are in short supply and high demand, and as a result, the market is pushing their prices up. When a firm charges less than market value for their services, therefore, it creates an imbalance in the marketplace. Customers who think they're getting a deal but instead get shoddy work are the ones at the short end of the stick. 
In fact, the small and midsize firms who bid on this project are more likely to be charging true market rates for such services. The boutique firm has nothing but qualified SOA architects on staff, and as a result, their services are always in demand, and they can command top dollar -- which in today's market can actually be as high as $500 per hour for the most senior resources. The midsize firm has a more diverse staff, and is planning on putting a mix of senior and mid-level consultants on the project, so they can charge a bit less than the boutique firm. But as long as the large firm continues to underbid the architecture work, they will continue to have too few resources to provide sufficient quality -- at least, until customers get wise and stop giving them their business, or worse, start taking them to court. [ http://en.wikipedia.org/wiki/Invisible_Hand ] 
 
How Much Should SOA Architect Consultants Really Cost? 
The $500/hour cost mentioned above, however, is admittedly at the top of the market -- that is, how much you'd pay for the best regarded, most seasoned architects available. Generally, customers bring in such crack teams when there's a special situation, like the need to build the business case for SOA for management, to mentor internal architects in order to bring them up to speed, or when there's some kind of mess to clean up. Perfectly good onshore SOA architecture teams consisting of a mix of skill levels are more likely to run you between $200 and $300 per hour as an average per-person cost for the team as a whole, or between $100 and $200 per hour for offshore resources. 
It's important to note that these rates are global rates. While there is still some difference between onshore and offshore resources, today's SOA consultants are a globetrotting bunch, and it doesn't matter where you're located -- or where the professional services firm is based. Adam Smith's invisible hand of supply and demand has mostly evened out the rates for such architects, and you shouldn't expect to get much of a discount rate from, say, an Indian firm as compared to a European or North American one. You can expect a small break, however, if the firm charges US dollars instead of, say, Euros. 
 
Avoiding the Squeeze 
If you've been burned before by a large firm's bait-and-switch tactics, or perhaps you simply take this ZapFlash to heart, then you can decide to make the right choice and select a service provider who can truly do the work, even if they're not the least expensive option. But unfortunately, many organizations don't have that luxury. For example, many governmental bodies are required by law to conduct a formal, open RFP process, and must choose the least cost provider. Furthermore, many public sector (and a good number of private sector) organizations have policies that they cannot pay any consultant more than, say, $150 per hour. Does that mean that such organizations are stuck, with no choice but to hire poorly qualified teams? Not so fast. 
There are ways around the "bill per person-hour" approach to purchasing professional services, especially when supply and demand are driving up the value of the resources you desire. Basically, don't purchase such services by the hour. Instead, purchase by the project. Consulting firms love billing by the hour -- the oft-quoted "time and expenses" -- because it shifts much of the risk of project overruns to the client. Fixed-bid projects, on the other hand, shift such risks to the provider. Be that as it may, it's not that difficult to scope initial SOA engagements with sufficient detail to expect a fixed-bid project. If the service provider quotes deliverables instead of hours, then the true cost per hour is hidden from view, and may not even be determined ahead of time. 
 
ZapThink's Advice 
For all you SOA practice directors out there, here's ZapThink's advice. First of all, never, ever underbid the architecture part of a SOA engagement. You simply won't have enough seasoned architects to go around if you do, and your customers -- and eventually your business -- will suffer as a result. Boutique SOA consulting firms: stick to your guns. Instead of reducing rates, move toward fixed-bid projects that specify deliverables instead of hours. Remember that your most senior people will likely get the work done more quickly than your more junior people would, anyway. 
Individual SOA consultants -- remember, you're in the driver's seat. If the firm you're working for now isn't providing you with everything you're looking for in a position, then there are plenty of others who would be happy to have you. There's no reason to be underpaid; top SOA architect consultants should be bringing home upwards of $200K per year, and even India-based consultants could be bringing home six figures. But remember, even if you are being paid what you're worth, if your firm is losing money on you, then something has got to give. You don't want to upset clients or adversely impact your career, or worse. So unless you're in a commissioned sales role, steer clear of working for firms that underbid your services. 
 
The ZapThink Take 
ZapThink [ http://www.zapthink.com/ ]has been following the SOA talent crunch for a while now, with ZapFlashes in late 2004 and early 2007, but even now, the problem is only getting worse. As SOA finally becomes mainstream, virtually every enterprise is coming to require seasoned SOA architects, so the lure of an enterprise position, and the stability it offers, is drawing talent out of the consulting pool. As a result, the travel schedules for the remaining SOA consultants is becoming even more onerous, and as any former consultant will tell you, it's only a matter of time until the travel commitment leads to burnout. And furthermore, it's not easy to take someone who's not a seasoned SOA architect and make them into one. Training is the first, critical step, but there's no substitute for years of experience. 
</QUOTE> 
 

Posted by: Tom Termini

Security of course is the perennial driver for all enterprise applications. In service oriented architecture, pushing the access and user management out of many web services and applications is a first step on the road to realizing a robust SOA. But what approach works best? 
 
As the notion of cloud computing spreads, the ways to manage access control lists, passwords, in-transit data have all taken on new meaning. One method, which of course here at Bluedog we appreciate, uses the Enterprise Integration Security Pattern, as implemented with a Web Services-Policy and Web Services-Security. Patterns, as readers may know from other posts, are your friend. And a WS- specification ensures interoperability, a cornerstone of SOA. 
 
Security needs may sometimes be at odds with a SOA strategy that abstracts key business logic from vendor-specific infrastructure. The advantage of attacking security early in a SOA effort can be felt throughout the project life cycle. For example, single sign on is well-appreciated in the user community, yielding a quick win and probably garnering support for more SOA work from your user community.  
 
Of course, the exact types of transactions can help identify the right approach. In an on-line storefront you might be more apt to use the WS-security specification. In situations where confidential data is stored and passed among services, we have found a custom encryption/decryption scheme works.  
 
WS- specifications such as WS-policy provide frameworks for describing capabilities and requirements of services in the architecture. As a template for configuration, or perhaps interoperability requirements, this approach can have positive results. But this approach is not universal -- as long as you are using SOAP (simple object access protocol), this approach is valid. We want to ensure protection of messages in transit, as well as the propagation and mediation of credentials (tokens). 
 
For securing the entire environment encompassed in a SOA, multiple vendor and differing web services means a more holistic approach is called for. Policy management becomes an important aspect of managing the environment, as well. Think of multiple domains, where diverse scenarios for identity or role-based authorizations are needed.  
 
At Bluedog, we a re cognizant of the cloud-based computing issues with our in-house Workbench product. We have to provide our customers with access to internal services; we also access customers’ services inside their firewalls. Complexity is the bane of security, but an approach that takes into consideration multiple credential sources (we support OpenID and CAS out of the box, for example, as well as utilizing customer LDAP/ADS user management infrastructure) so that middleware from IBM, BEA, Apple and others can be accommodated. 

Posted by: Tom Termini

I got an invitation from Paul Rellis, Managing Director of 
Microsoft Ireland, to participate in the Institute’s Digital 
Competitiveness Stakeholders’ Consultation. He asked my opinion on a couple of issues of importance to anyone in the I.T. sector in Ireland. Following are my thoughts, based on his request. 
 
(Paul): What are the current policy (or other) opportunities & challenges that Ireland faces in the digital sector? 
 
Electronic signatures, electronic funds transfer, and managing one's money via the web needs greater attention -- the cost of doing business in Ireland is still quite high (e-commerce transactions, shipping hard goods, dealing with myriad employment regulations, complex VAT and other taxation). 
 
Focus on making Ireland the location for international concerns to control licensing of intellectual property. Establish the infrastructure to host licensing and contract enforcement. 
 
(Paul): Which emerging trends are potentially dominant in the digital sector? 
 
Obviously, we feel software-as-a-service is a big thing. It would be awesome for Ireland to become the data center/cloud host for the EU. With the fibre in place (Global Crossing trans-Atlantic link, etc.), and plenty of wind-generated electicity, Ireland could be the go-to place for providers. 
 
Another trend to watch that could dominate the digital sector is the movement away from digital rights management. The government may want to consider ensuring the free exchange of information (from free speech issues to protecting peer-to-peer networking) by explicitly adopting a proactive legal framework for the legal exchange of intellectual property.  
 
(Paul): In which niches can Ireland become a world leader? 
 
Intellectual property producers (think literature for the last few hundred years).  
 
"Green" data centers for cloud computing, and a central conduit for internet connectivity via fibre backbone to the continent and North America. 
 
Broadband penetration by free market means -- so everyone can enjoy access at reasonable rates. 
 
(Paul): What is the most important strategic investment of relevance to the digital sector that Ireland could make at this point to enhance its competitiveness in the next 10 years? 
 
Encourage a larger marketplace for broadband so that internet access (wifi, wimax and fibre) become ubiquitous. Follow Singapore and other states who have pushed 90% of government services out to the web. Telecommute will ultimately be needed -- not just more roads, public transport, etc. 
 
In the States, a new study finds U.S. IT workers so eager to ditch the commute that they'd accept a 10% drop in salary.  
http://www.cioinsight.com/c/a/Latest-News/Eager-to-Telecommute/?kc=CIOMINUTE061108CIO2 
 
(Paul): What are the next three steps that Government should take? 
 
Three steps the government should consider: 
 
(a) Extend the tax-exempt status for artists, musicians, authors and other intellectual property creators to include software developers. 
 
(b) Continue to maintain a competitive corporate tax rate, working with the IDA to encourage trade with North America. 
 
(c) Push for 'green computing' by offering incentives to data centers who utilize appropriate technologies and techniques to lower the impact of computing on the environment. Perhaps in this vein consider the 'net metering' of electricity similar to Germany's approach, where the utilities buy electricity from wind/solar/fuel cell producers at a market rate. 
 
I agree with Paul that the Information Sector can be an economic growth force multiplier in the next twenty years. I am not so keen on the governmen trying to foresee the future; I feel the Government should be positioning Ireland to take advantage of new opportunities by setting the ground rules for intellectual property sharing, smart growth with telecommuting, a green focus through low CO2 emmission power generation, and other areas. Incentives and being the arbiter make the most sense -- the government should be in the business of making business the business of Ireland, not trying to guess what the future will hold. 

Posted by: Tom Termini

 
In its March 2008 SaaS survey, In-Stat asked US-based survey respondents about their usage of six specific business function-related applications delivered in the SaaS model such as CRM, ERP, and Web collaboration applications. 
 
In-Stat also questioned respondents about their use of Microsoft Office-esque productivity applications delivered as a service specifically to gauge the impact that SaaS productivity applications might have on Microsoft's dominant position in this space. 
 
This report covers current adoption of, and demand for, these SaaS business applications over the next year. The survey als poses questions to attempt to capture the impact SAAS may have on Microsoft's bread-and-butter desktop productivity apps (Office, to you and me). According to Chris Murray (chris.murray[at]reedbusiness[dot]com, who can provide copies of the report), covered are the crucial reasons why businesses may or may not interested in these applications. The survey also tries to identify who they turn to as providers. 
 
Findings are focused on demand for business management applications delivered as a service such as CRM, ERP, etc. In addition, the second half focuses on demand for office productivity applications delivered as a service (word processing, spreadsheet, presentation). Organization size is cross-referenced. 
 
Chris thoughtfully provided me a list of the exhibits: 
 
Figure 1. Business Management Application Implementation 
 
Figure 2. Over 80% of Current Hosted Ap Users Will Use Same Amount or More Hosted Applications 
 
Figure 3. TCO not the only Benefit to Current or Future SaaS Users 
 
Figure 4. Only 4% Say There is no TCO Benefit to Hosted Business Applications 
 
Figure 5. Security and Poor Support Leading to Churn 
 
Figure 6. Software Companies Turned to Most Often as Hosted Applications Providers 
 
Figure 7. Little Interest in Hosted Applications among Current Non-Hosted Applications Users 
 
Figure 8. Reasons for Disinterest in Hosted Applications Vary by Size of Business 
 
Figure 9. Installed Licenses Exclusively Used by Three-Quarters of US Market 
 
Figure 10. Multiple Benefits Resonate With Current Hosted Productivity Applications Users 
 
Figure 11. Majority of Current Hosted Applications Users Only Moderately Satisfied 
 
Figure 12. Four Out Of Five Users Would Recommend Using Hosted Productivity Applications 
 
Figure 13. Four Out of Five Users Plan to Use as Much or More in Next Year 
 
Figure 14. Providers Could Potentially Charge for Extra Features 
 
Figure 15. Preferred Providers of Hosted Productivity Applications Vary 
 
Figure 16. Not Much Demand for Hosted Applications Expected Among Current Installed License Users 
 
Figure 17. TCO and Accessibility are Key Benefits to the Hosted-Experimenting 
 
Figure 18. Pure-Play Providers Will See Market Share Gains in Next Year 
 
Figure 19. Not Much Interest in Using or Trying Hosted Applications among Current Installed Users 
 
Figure 20. Same Benefits Resonate with Hosted-Curious Installed Productivity Users 
 
Figure 21. Lack of TCO Benefit the Main Reason for Disinterest Among Installed License Users 
 
Figure 22. Respondent’s Knowledge of Organization’s Business Software 
 
Figure 23. Respondent’s Role in the Procurement of Organization’s Business Software 
 
Any new information to help decision makers is a good thing. Although there's lots of research out there, Gartner doesn't corner the market on quality surveys. Personally, I like to be able to analyze the data myself to draw my own conclusions. 
 

Posted by: Tom Termini

The park has many wonderful insects... some good, some not-so-good. Keep your eyes open for... 
 
Tent caterpillars... 
The forest tent caterpillar, Malacosoma disstria, is another native insect of Maryland. This insect is not a looper but is often found with the fall cankerworm. Occasionally it severely defoliates hardwoods. The forest tent caterpillar feeds on oak, gum, and sugar maple growing in forests, especially along rivers and streams. 
http://www.mda.state.md.us/plants-pests/forest_pest_mgmt/gypsy_moth/md_hardwood_defoliators/eastern_tent_caterpillar.php 
 
 
Gypsy moths (pretty bad last year) 
Moth eggs hatch in April, and the caterpillars munch on oaks and other hardwoods in June. The Maryland Department of Agriculture considers them the most destructive pest of forest and shade trees in the state. 
http://www.gazette.net/stories/071107/montnew02807_32371.shtml 
 
 
Bag worms... 
Bagworm is a serious insect pest of many ornamental shrubs and trees 
in the eastern half of the United States. Conifers, especially arborvitae, cedar, juniper, and pine are the most frequently damaged host plants. 
Control: On landscape shrubs and small trees, a simple method of control is to pick off the bags during the winter and destroy 
them. This must be done before the eggs hatch in June. When too many plants are involved to make hand picking practical, sprays are in order. 
 
 
And finally, keep your peepers peeled for the Emerald Ash Borer 
http://www.emeraldashborer.info/ 
http://www.mdarborist.com/treeinfo.htm 
 
-- 
 
Always check with your local agricultural extension agent... at the U of Md (shameless promotion for alma mater) 
http://mastergardener.umd.edu/ 
 
(some insects re GOOD - don't spray or kill indiscriminately. for example, ladybugs: 
http://www.buginfo.com/article.cfm?id=18 
 
The "ladybug" is one name for the beetles that are in a family called the Coccinellidae, or "lady bird beetles". Virtually all of them are carnivores. That is, they eat meat, and that meat is in the form of some of our most reviled garden pests - aphids. Both the larva and the adult of ladybugs feed on aphids, along with other plant pests such as whiteflies, scales, and mealybugs. Several species of ladybugs have been instrumental in stopping major agricultural pests, such as The Vedalia Ladybug that was introduced to control Cottony Cushion Scale in California, essentially saving the Citrus industry from certain destruction. 
 

Posted by: Tom Termini