Welcome to the world of Infosys Engineering! It is a half a billion plus organization that takes pride in shaping our engineering aspirations and dreams and bringing them to fruition. We provide engineering services and solutions across the lifecycle of our clients’ offerings, ranging from product ideation to realization and sustenance, that caters to a cross-section of industries - aerospace, automotive, medical devices, retail, telecommunications, hi tech, financial services, energy and utilities just to name a few major ones.

« March 2010 | Main | August 2010 »

July 19, 2010

Privacy of Data in the Cloud

There is no executive meeting today in the software industry where the 'cloud' word is not used. As the industry gets more and more familiar with the intricacies of cloud computing and the accompanying economical benefits and risks, the concerns of data security remains to be one of the major hindrances towards wide scale adoption. However, to assuage such fears, companies are coming up with some innovative ideas (some technology-oriented, some process-oriented) to provide the necessary confidence towards cloud adoption.

Retail customers often need to handle peak hour traffic on only certain days of the year - sometimes only once a year. It is not economical for businesses to spend large amounts of capital on infrastructure in terms of hardware and licenses to handle this extremely rare demand peak. At the same time, in this era of extreme competition, not many businesses would dare to have unhappy customers, especially when it matters - like for example, a week before Christmas.

The elasticity that Cloud Computing offers is just 'what the doctor ordered'. One can just call up the cloud service provider, a week before the anticipated peak, and ask that the necessary resources needed to handle the peak be put in place.Cloud service providers also will need to be able to provide the necessary elasticity to business consumers without prior notification. Architecting solutions to automatically handle unknown surges in demand is challenging even today where architecting for scale-up and scale-out are common considerations. However, virtualization technologies, affordable blade servers with terabytes of main memory backed up by cheaper and larger hard-disks, multi-core processors looking for work to do - all provide the necessary technology support to service demands that are unique to cloud computing.

The biggest fear that companies have when thinking about operating out of the cloud - is with regard to the privacy of their data. Companies want to have control of their data. Over the years, as PCs got faster and less expensive, tasks were moved from the mainframe realm to the PC realm, because it gave a feel of things being under your control. Though the movement was slow initially, it picked up speed over the years and has now resulted in a lot of software running on desktop machines and server machines in-house. As more and more critical data resided on desktop machines, installation and execution of anti-virus software solutions provided that much needed confidence about data and applications being secure on the machines. With data out on the cloud, there needs to be something similar in place for customers to feel secure about solutions hosting their data.

Data security being one of the major hindrances towards leveraging the benefits of moving to the cloud, there is enough thought being put into how customers can be assuaged of such fears. According to Bret Hartman, CTO of RSA, the company is working on a SaaS based solution which provides a dashboard that allows enterprises to see how cloud service providers secure their data. Enterprises should be able to see that the sensitive content deployed by the provider is being protected and can also be used as an audit input.

Solutions that cloud service providers adopt have to be architected and implemented to protect data. To achieve data security, solutions need to achieve clear partitioning in storage, servers and network -achieved through use of virtualization technologies and management tools to monitor separation. There is a move towards getting vendors (whose solutions are commonly used in cloud computing solutions) on board to integrate and build security right into the cloud computing infrastructure. Virtualization solution providers, for example, need to think even harder towards what could possibly compromise data security when used as part of a cloud computing solution and plug those gaps. There seems a collaborative effort towards achieving such goals with RSA for example working with Cisco and VMware.

In addition, to provide potential cloud customers the necessary confidence, companies like McAfee will partner with leading Certification delivery vendors (KPMG for example) to provide Certification services tailored for SaaS and Cloud vendors. The certification services, which are provided on an annual basis, will include existing security controls, processes and certifications, as well as future Cloud security standards. In addition, there will be automatic and daily security audit and remediation of vulnerabilities. Cloud service providers who pass the daily scan and other checks will receive a `McAfee Secure' Trustmark which could serve as a certification of their strong security facilities.

The fear of data security as the one of the major hindrances towards cloud computing has indeed set off a scramble for solutions. It is interesting that the focus is not just at look at technical solutions, but there is intense innovation coming in from the process and standards side too. What is required is the hardening of the virtual environment, having access controls in place (so that consumers can determine control rather than providers), having strong authentication, strong interoperability and world-class standards in security. It is heartening that companies are working together in a cooperative mode towards a common purpose - that is to get more and more businesses to trust and embrace cloud computing solutions. 

July 6, 2010

Leveraging the power of Crowdsourcing for Localization

Crowdsourcing is the new buzz word floating around the internet lately. Wikipedia defines it as "the act of outsourcing tasks, traditionally performed by an employee or contractor, to a large group of people or community (a crowd), through an open call". Though this a new term, the concept itself is not so new. It literally means outsourcing to the crowd. The Open source revolution which started almost a decade back is successfully tapping the power of the community to develop software. The key driving point of Crowdsourcing is participation and collaboration with the general crowd (or users) who use your applications and leveraging their expertise and time to enhance your product. Companies like Microsoft, Apple and Google etc have successfully tapped the potential of Crowdsourcing and made millions out of it by virtually investing nothing.

Crowdsourcing can be used for almost anything. Companies are using it to create online content, mobile apps, market research and much more. Facebook is one of the Web 2.0 success stories of recent times. Almost 60% of Facebook users are spread outside the US. As early as 2008, Facebook started involving its end users to help in translating the application into more than 2 dozen languages. A community driven project to add foreign language support to its application was started. It launched an application called "Translations" to make the site available in the language of your choice. Users were presented with thousands of words and phrases which they could translate and these translations would be reviewed by other users who were part of this whole eco-system. People just needed to add the app, enable "Translation Mode" and submit translations for whatever page they were browsing. Statistics have revealed that over 300,000 people have participated in this translation exercise, making Facebook available in more than 70 languages and Facebook has achieved all this for free!!! (Well, almost). Facebook made a success of its Crowdsourcing project for translating its application with high quality and rapid turnaround. They have even filed a patent for this method of localization by the community. Adobe has recently begun leveraging Lingotek's software platform to enable the crowdsourcing of translations within China.

The traditional approach to localization has been to outsource the translation activity to professional agencies which employ trained people who are paid to do it. The cost of the translation activity depends on the number of words or pages to translate and is generally very high as it is a very laborious task. As per the contracts, the agencies have to work according to the release schedule of the product into the market. Outsourcing this translation activity to the end users themselves, changes the entire development model. No longer would this activity be accountable, you can't sue people for wrong translations, you can't impose deadlines on anyone, you can't ensure commitment too, but in spite of all this you can still tap into the community and get the same output and at a relatively cheaper cost.

So, is crowdsourcing of localization the right approach and does it score over the traditional approach of outsourcing your translation work to professional translation agencies? Is it really free of cost or is there some cost associated to the company to get this done? How reliable are the translations? Can this approach work when time to market is the deciding factor? These and many other questions come to our mind when we think about crowdsourcing for localization.

What makes crowdsourcing of localization a viable option? Facebook couldn't have done it if its user base was not large and diverse enough. You need a relatively large pool of users who understand the application well. Along with this the users should also have some level of involvement with your application. You can't expect every user who uses your application, to have the free time to help in localizing it even if they had the expertise to help in translations. Moreover they should be motivated to do it without any expectations of gain, monetary or otherwise. It should also be kept in mind that community driven work gets done at its own pace and by people who range from novices to experts. Does this imply that quality of translation will not be as good as that done by professional agencies? This may not always be true, since in this case, people who are translating are actual users of the applications and they have a better understanding of the scenarios in which a particular line of text gets displayed. Moreover you can have other people vote on the translations and finally choose the one which gets voted most, thus ensuring a good level of localization. With the advent of free web technologies and open source, it is not difficult to make work available online. However it is challenge is to invest in creating a framework wherein the community can contribute, collaborate and be motivated to do work for you. In the end, crowdsourcing is about direct contact with your customers.

This being said, the traditional way of localization is not a thing of the past yet. If your company is into a business where quality and timely delivery is of more importance than the money you are spending on your translation activities, then crowdsourcing may not be the answer for you. It is better to hire professional translators and release your product on time.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Infosys on Twitter