Sunday, April 29, 2012

Cloud Computing and Unbilled Deferred Revenue: On the way to another bubble?

I was reading this report on the outlook cloud computing from GigaOm and came across an interesting accounting term:  "unbilled deferred revenue". When I googled the term, I came across the following explanation from Salesforce.com: "Unbilled deferred revenue, represent[s] business that is contracted but unbilled and off balance sheet". In other words, it is revenue that can't be recognized because it is not earned and it is off-balance sheet because it has been collected! Will such funky accounting terms be used to fuel a bubble vis-a-vis the cloud? It appears I am not the only one that saw the need to look into this a little deeper. This article actually analyzes the term and gives some rationalization to the concept: "[Subscription economy is] one way to make sense of cloud computing and the many new and very different ways of doing business on the Internet. We're most familiar with Software as a Service and how different it is from conventional licenses; so familiar, in fact, that I don't need to describe it for you here." 


One of the key factors in bubbles (based on a paper that Efrim and I wrote a few years ago) was "speculative valuation models".  So the next step is for some physicist to figure out how  "unbilled deferred revenue" can be put into a black-scholes type finance model -  and voila! -  we are are on our way to the next tech bubble. 


Of course there are other factors (see the paper for the list) that are necessary to inflate a bubble. The one to pay particular attention is to whether the credit is flowing freely. With the debts woes of Europe and people still stinging from the sub-prime crisis, this factor may inhibit the inflation of such a bubble. However, this assumes banks and traditional lenders will be the primary source of capital. The reality is that tech companies are awash in cash, and as evidenced by Facebook's acquisition of Instagram for a cool billion, they appear ready to step in and make the necessary deals to potentially fuel another tech bubble.  

Thursday, April 26, 2012

Google Drive: Cost, Security and Other Issues

Earlier this week, Google released its much anticipated release of Google Drive (even the official blog referred to it as the "Lochness monster"; due to the fact that Google was supposed to release this years ago). For those interested in how Google Drive stacks up against other cloud based storage services, see Dana Wollman's post on Engadget. Included in her post is a side-by-side comparison of Google's offering against  Dropbox, Microsoft SkyDrive and iCloud. In terms of security issues, this CIO article points out that it will be hard for system administrators to block Google Drive because it will be hard to distinguish from the other Google services (e.g. Gmail, youtube, etc), which many organizations allow users to access. 

As with any other cloud service, users need to be aware of the terms of service (ToS or "click wrap" agreement) which bind the users to all sorts of conditions (this ZDNet article gives a good analysis of how Google is imitating DropBox a little too much). This article claims that users concern that content shared would be owned by Google "are probably unfounded". Their evidence: Google's ToS are the same as Microsoft's ToS for their cloud drive offering. However, the following ZDNet article extracted the ownership clauses and it seems that Microsoft is much clearer in stating that the content belongs to the user and not Microsoft (but you can see it for yourself and decide). 


Although Google may capitulate to public pressure and alter the terms of service, the incident highlights one of the key trade offs with the cloud: convenience of the cloud comes at the cost of control. For example, most, if not all, cloud service providers (CSP) will hand over data to law enforcement - without the consent of the data owner. However, if the same law enforcement agencies wanted the data hosted at your business or house; they would have to obtain your consent first - because you are in control and not the CSP. 


Beyond the privacy issues, if CSPs are free to write their own terms of service customers, especially the small and medium sized businesses (SMBs), will be at the mercy of these large players who have an army of lawyers at their disposal to write the ToS in a way to protect the CSP - leaving the SMBs vulnerable. That's until there's some cataclysmic breakdown in the cloud forcing the regulators to act in a way to protect users from such agreements, similar to what we saw with SOX or even the birth of the SEC itself after the depression.

Sunday, April 22, 2012

Macs & Viruses: The End of Innocence


Macs & Viruses: The End of Innocence

With the Flashback botnet continuing to plague Mac users, it's good time to reflect on those Apple vs PC Ads. Oh you know the one where the slick Apple dude tells the PC guy that Mac's "don't get viruses".  And that probably was true when the ads ran in 2006: malicious code has been traditionally targeted towards Windows. For the cybercriminals behind these outbreaks it's just a game of numbers: more PCs users = more potential victims =more $$$. However, the picture has changed from 2006: Macs have risen from being 4% of the market to nearly 13% of the market in Q3 of 2011.  However, the numbers are just one part of the story. As illustrated Apple's smug ad, Apple users have been lulled into a false sense of security: "PCs not Macs" get viruses. This makes Mac users a juicy target for viruses, as they are likely not to have the proper security in place to prevent viruses.  Sorry Mac users, I know it's a sad day - but you have to defend yourself from viruses just like all the PC users out there. 

Monday, April 2, 2012

Security Rating in the Cloud

Security in the cloud is an issue of paramount importance to companies. Cloud computing is one of the biggest trends in eBusiness since the invention of the internet. But security has lagged behind the other aspects of cloud management.

In the attached (referenced) article published in ISACA Now, Antonio Ramos, CEO of Leet Security puts forward an argument for the implementation of security ratings for cloud service providers. Such ratings would be similar to credit ratings used in the financial world. He points out, correctly I think, that although credit ratings suffered credibility during the financial crisis, generally they have served the financial and investment world quite well. he argues that security ratings could serve a similar purpose for the cloud.

An idea worth thinking about. Check out his article here.