When it comes to developing applications , finding an application development service provider who has mastered the development lifecycle is, of course, critical. But it’s not the whole story.
You also need a provider who has these four capabilities:
Application development projects can be difficult to manage while ensuring milestones and retaining hard-won ROI .
But it doesn’t have to be that way. An experienced, competent application development service provider can handle the details with a flexible development strategy that begins with discovery, carries you through concept/design, development and testing/quality assurance, and completes the effort with production/launch and maintenance/support.
The odds are overwhelming that your business will end up engaged in Cloud Computing (if it hasn’t already). Whether you’re stepping toward Cloud services for the first time, expanding your use, or revisiting what you want to achieve with Cloud services, the very first thing you should do is to develop a Cloud strategy.
The right Cloud service-level agreement (SLA) will enable you to bundle all your Cloud services into a single monthly OpEx payment that will …
Shift significant amounts of your IT costs from your capital budget into your operating budget,
Relieve you of constant IT asset upgrade and maintenance costs, and
Make it easier to manage your services and ensure that you’ve established — and continue to achieve — appropriate service levels
This best practice might seem obvious, but it can never be over-emphasized. Here are the five must-dos of Cloud Computing security…
Evaluate Cloud service providers’ security with these questions:
What access control model do you use? Who chooses the authoritative sources of access control policy and user profile information — you, or us, or a third party?
Do you support retrieval of access control policies and user profile information from external sources? If so, via what formats and transmission mechanisms?
Where do our accounts reside? How are they provisioned and deprovisioned? How do you protect the integrity of my data?
What authentication mechanisms do you support? (These should be appropriate for the sensitivity of the data use.) Do you support federated authentication or single sign-on model(s)?
What support do you provide for delegated administration by policy administration services?
What log information do you provide? Can it be imported into our operational analysis and reporting tools?
Can we specify external entities with whom to share information? If so, how is that accomplished?
Cloud Computing doesn’t mean you walk away from your IT.
That’s why #5 in our Cloud Computing best practices countdown is: Always monitor your Cloud services.
Moving to the Cloud doesn’t require a new network (unless your existing network already has serious issues). But bandwidth is a core component of systems using Cloud platforms, so you need to plan for your bandwidth requirements and monitor bandwidth use. Doing this generally obviates Cloud bandwidth issues. And monitoring is the best way to ensure that your provider is living up to your service-level agreement.
