Cloud Computing

ISVs and Future Proofing Your Payment Integration

Here is an excerpt from a blog post I wrote this week for the payment processor Clearent.

When a consumer walks into a store or browses an online ecommerce site, very little thought is given over to the “paying” part until the time comes. At that moment, a fast and convenient point-of-sale or checkout experience helps create a positive memory, raising the loyalty factor a little bit. But a less-than-ideal transaction, caused by long lines, a failed tap, or a shopping cart page that crashes and burns, steers the shopper to the competition. No one has time to wait for a reboot or to listen to apologies.

The expectation and the requirement are that the payment system be up-to-date. For that to happen, the merchant and its ISV must be future-proof. What’s the best way to future-proof something as complex as payment integration?  The answer is right in front of you, in the apps inside your phone and your tablet.

To learn more, visit our most recent blog, “ISVs and Future Proofing Your Payment Integration” available right now at CloudTweaks: go to

The Shift from Monolithic to Microservices: What It Means for CTOs.

The shift in application development strategies is moving from monolithic design to isolated and resilient components known as microservices. As a result, applications that were designed with platform entanglements such as database and messaging layers have become more complex and costly to operate and maintain. This provides new challenges to CTOs, who must stay aware of the most dynamic, cost-efficient, and secure methods of managing their company’s data, while navigating the inexorable slide toward a microservices economy.

Mike D. Kail, CTO of Security-as-a-Service firm, points out that “with the rise in popularity of Docker Containers, there is an associated belief amongst many that by simply moving an application to leverage containers instead of virtual machines or bare metal, that you then get microservices by default.” But, he says, “that is certainly not true.” Microservices is an architectural pattern, and containers can be part of the technology using that pattern, but containers remain a “thing” while “microservices” is still a “notion.” This pattern can be used to either re-factor an existing application, or more easily leveraged for greenfield initiatives.

Central to the popularity of microservices is the ability to overwrite or replace an individual component without taking down the entire application, leading to less downtime and faster deployment or redeployment of software into an operating environment. Immutable infrastructure also helps with overall security as an APT can be rapidly mitigated by “refreshing the deployment”. This is also a concept shared by microservices – a modular and agile codebase, each part maintained by individual teams.

Microservices is an approach that is still evolving. It is a process being spearheaded by some of the biggest players in the business, like Walmart, Amazon, and Netflix. It is a technological ideal intended to ensure an organization’s ongoing agility and flexibility. This in turn allows faster and more intelligent response to immediate market demands like volume spikes in online shopping or movie watching.

Microservices need not be small, as the term “micro” might imply, but each service is dedicated to a single task or process. This allows for the components to be taken offline and edited, rebuilt, or replaced, without having to take an entire application down with it. This in turn allows for improvement on the fly, with less scheduled downtime, which leads to better business continuity.

The switch away from monolithic applications to collections of compartmentalized or containerized components seems to offer a much more practical approach to managing application development. They can be scaled separately and deployed as needed. They can be designed and programmed separately using different platforms or languages. And testing becomes more affordable, targeted, and frequent.

So What Problems Do Microservices Pose?

According to JP Morgenthal, Managing Editor of Microservices Journal, as applications get decomposed into microservices there arises a range of challenges around managing the sprawl. “In short,” he says, “no one knows the whole picture. They only know what’s wrong with their part.”

He points out that the previous generation of monolithic applications were expensive to maintain because of the high degree of entanglement of the components. Changes required more complex releases and longer testing cycles, yet at the same time, their design fostered simpler operation using fewer components.

“But as we move to polyglot microservices that leverage existing cloud services and are much more elemental, we still see an increase in the number and types of things that impact applications. This in turn increases complexity on the operations of these applications.”

What’s the Diagnosis?

Morgenthal highlights a need for greater involvement of developers in the cycle, specifically, full stack engineers and site reliability engineers. “The factors and attributes associated with design of microservices further increases complexity due to the way data management changes and the nature of discrete transactions.”

Wanted: A New Approach for CTOs in Managing Microservices

The very thing that makes microservices a more practical application development practice – compartmentalization – leads to an incomplete management perspective. “There is now a more urgent need for end-to-end management – something that has never truly existed. We need to break down the silos between organizations and departments, and we need to move from reactive to proactive. This would be the nirvana of modern applications management,” says Morgenthal.

This puts the role of the CTO in a new, indispensable light, as someone who must take complete end-to-end ownership of an application’s life cycle, encourage communication, and understanding across all teams and timelines involved, and be capable of knowing the entire process.

Mike D. Kail of, himself a CTO, adds more. He states, “I believe that the role of the CTO is more relevant today than ever. As with Digital Transformation, every company is becoming a technology company. The modern-day CTO needs to have the technical chops to drive the overall product/platform vision internally and the soft skills and business acumen to drive outward facing initiatives as well as communicate effectively and clearly with the other C-suite peers.”

Overall, the challenge of establishing full end-to-end management of microservices resembles the typical left-brain/right-brain dynamic of a living corporate entity. The logical processes of developing and refining a highly versatile and compartmentalized application need to be balanced with a refined approach to human communication within IT-Ops, upwards to senior management, and outwards to those who will ultimately benefit from it. This requires a blend of political acumen and technological know-how, something that will make CTOs more visible and indispensable as the microservices trend continues to expand.

Why Must Digital Audio Book Titles Expire?

Listening to audiobooks is a pastime enjoyed by many. It has never been more practical, given the range of wireless devices that an individual can now use. We are no longer tied to the CD drive in home stereos and cars. They re-open the universe of the written word to people of all ages, most of whom are too time constrained to invest in an actual book, but who can easily delve into a chapter or two while commuting or exercising.

One would think this renaissance, in which authors’ works are converted to wireless, professionally narrated pieces of immediately accessible art, would be embraced by book publishers as an opportunity to balance the effects that digital media has had on traditional bookstores.

Yet, for public access, draconian and seemingly archaic licensing laws continue to exist.

Case in point: I recently downloaded an audiobook from my local library, which subscribes to a national downloading service. The book arrived inside my phone’s app within seconds, and soon thereafter I was enjoying the title, listening to it through my car’s Bluetooth connection as I drove. Ah, the wonders of the wireless world.

Books become Pumpkins

Unfortunately, the publishers who made this title available to me through the library, allowed me only one week to listen to it before the licence expired. So exactly one week later, while I was still barely halfway through the book, the file had turned back into a literary pumpkin, on the outside of which was a sternly worded message reminding me to delete the now unplayable file from my phone’s memory.

My question is “why?” Why must there be such a short expiry period on a digital property? Why should there be an expiry date at all? I understand, if you borrow a book from a library, then no-one else can access that book until you return it. But this is the digital age, people! Digital files can be replicated infinitely with no adverse effect on the original.

On hold? For What?

Oh yes. And then there is the HOLD. There was another book that I was interested in downloading, but it was on hold. On hold? For what? There’s nothing unique to hold!

I understand that publishing companies are in the business of licencing books, ostensibly to guarantee revenue for their authors. I know this first hand, being a published author myself. I know also, that, as with all artists, we sit at the bottom of a very large inverted pyramid, and tend to get paid after all the middlemen have taken their share. Hmmm. Could that have something to do with it?

The point is, libraries, booksellers and book publishing companies are looking to protect their revenue streams amid an ocean of digitally accessible everything. But does withholding a title actually generate the type of scarcity that will guarantee a queue of patient, obedient title-borrowers? Especially when some enterprising individual might see fit to upload the entire audio track to YouTube so that everyone can listen to it without delay?

Or is their protectionism a holdover from a pre-digital age, in which supply and demand could actually be controlled by publishers?

Monetize the digital marketplace

My feeling, as both an author and as an avid listener of audiobooks, is that there is more to be gained from changing the model: make library titles infinitely available. Guarantee their quality. Make your free product better than the knock offs, and capitalize on spin-off activities, such as directing happy listeners to purchase related titles through sites like iTunes. Heck, I would be happy even to put up with a sponsorship, such as “This audiobook is being brought to you by ABC company.” Sponsorships could easily be rotated – such is the nature of digital media. It is much easier to modify than, say, typeset ink.

Ultimately I feel the publishing industry has much more to gain by adopting a more modern approach to monetizing the omni-channel marketplace than the current dusty old licencing program. Maybe they have started to do so, but it certainly does not seem to be working at the library. If there was ever a perfect “try-before-you-buy” environment, the national library system certainly would fit the bill, and would continue to bolster the existence of publishers and libraries alike.

The Need for Experienced Cloud Security Professionals

My blog post for cloud security firm (ISC)2 , entitled, Competing Cloud Security Demands Call For Credentialed Professionals is available for review at Based on interviews with security experts, the post discusses why it is critical that cloud security experts come with years of experience to handle the challenges of security online.  Click here to read.


Uber’s Surge Pricing Model And Free Market Economics

This blog post, written for KPMG , entitled, The Surge Pricing Model And Free Market Economics is available for review at This post proposes that the dynamic nature of pricing under the Uber model might work in surprising ways for B2B purchasers who do not update their procurement processes.  Click here to read.


The Blended Mindset

This blog post, written for HP’s Business Value Exchange , entitled, The Blended Mindset is available for review at This post proposes that people need to maximize their human skills such as creativity and relationship to match their technological abilities.  Click here to read.


What I Have Learned as a Cloud Security Professional

My blog post for cloud security firm (ISC)2 , entitled, What I Have Learned as a Cloud Security Professionals is available for review at Based on interviews with security experts, as well as with David Shearer, CEO of (ISC)2, the post discusses some of the lessons learned and challenges faces by the people who seek to keep companies and organizations safe from cloud-based attack.  Click here to read.


Amazon Pay-per-page: Books-as-a-Service?

This blog post, written for HP’s Business Value Exchange , entitled No Longer Doing It by the Book: The Rise of the As-a-Service Industry is available for review at This post discusses Amazon’s policy of paying authors by the number of pages read, rather than by number of books sold. It only applies to the Amazon library at this point – not retail – but does it signify the beginning of an industry change? Click here to read.


The Importance of Practical Experience in Cloud Security

My blog post for cloud security firm (ISC)2 , entitled, The Importance of Practical Experience in Cloud Security is available for review at Based on interviews with security experts, the post discusses why it is critical that cloud security experts come with years of experience to handle the challenges of security online.  Click here to read.