Caroline Kennedy

Microsoft has launched new betas for its free Office suite and for the "streaming" technology it will use to deliver some paid versions of Office 2010 next year. Office Starter will include on-screen advertisements, the first desktop edition of Microsoft's longstanding suite to do so. As first reported by ZDNet blogger Mary Jo Foley, Microsoft has kicked off a private beta of Office Starter 2010, the ad-supported edition that the company will offer computer makers in lieu of the ancient Microsoft Works, which has been discontinued.

The ads will be limited to a space in the lower-right-hand of the applications' windows. Office Starter will include reduced-functionality versions of Word and Excel, the suite's word processor and spreadsheet, but will not be a time-limited trial. Microsoft announced Office Starter 2010 more than a month ago, but said it would not be available to the public until the completed Office 2010 suite ships sometime in the first half of next year. Microsoft hopes that customers will like what they see and pony up the money for the real deal, such as the entry-level Office Home and Student 2010 or the more expensive Office Home and Business 2010. Prices for Office 2010 have not been set, and last month Microsoft refused to say whether Office Starter users will receive a discount if they purchase a for-a-fee edition. According to Foley, Office Starter to Go will run from the flash drive on Windows Vista and Windows 7 systems. Today, Microsoft confirmed that it has launched a preview of Office Starter 2010 to what a company spokesman said was a "select group of users." Also included in the Starter beta, said the spokesman, is a new feature called "Office Starter to Go" that lets testers run Word Starter and Excel Starter from a USB flash drive.

Microsoft also sent invitations to a larger group of testers for a preview of the "Click-To-Run" mechanism it plans to use to deliver some final editions of Office 2010 next year. Last weekend in an FAQ posted to its Web site, Microsoft hinted that it would offer the public a beta of Home and Business using Click-To-Run, but those plans have been put on hold, said Takeshi Numoto, the corporate vice president for Office, in an interview earlier this week . "We're working to make that available as soon as possible," said Numoto. In messages sent to people who had tested the Technical Preview of Office 2010 last summer, Microsoft urged them to try the Click-To-Run delivery. Click-To-Run is a new technology that Microsoft debuted in the Technical Preview that went out to testers last July. It also runs Office 2010 in a virtualized environment, separating it from the rest of Windows and other applications. Essentially, it "streams" pieces of the suite as users begin a download, letting them start running the suite within minutes.

Unlike the Office 2010 Beta that went live on Wednesday, the Click-To-Run version of Office 2010 Home and Business must be installed alongside existing versions of Office on the PC; it's not possible to upgrade from Office 2003 or Office 2007 to the beta of 2010. Testers must also first uninstall the Technical Preview before installing the Click-To-Run edition of the beta. Like the standard download of Office 2010 Beta, the version delivered via Click-To-Run expires Oct. 31, 2010. The beta of Click-To-Run Office Home and Business 2010 includes Excel, OneNote, Outlook, PowerPoint and Word.

If Order Mapper has its way, we'll all be ordering pizzas on our iPhones without ever having to talk to another soul." The application maker this week released Order Pizza, a free app for the iPhone and iPod touch which allows you to order takeout or delivery from your favorite pizzeria with just the push of a few buttons. The app requires some initial setup the first time you launch it-you have to enter your name, address, and phone number initially, as well as a personal ID number for order tracking. The app takes advantage of a number of iPhone features-location awareness and push notifications, most notably-as well as the Twilio Web services API for automating phone calls. But after that, it's just a matter of punching in that PIN number and you're set to order.

Use Order Pizza's location awareness feature, and the app will pull up a list of nearby pizza joints. Order Mapper founder Jim Bricker contrasts his app's approach with that of the Pizza Hut iPhone offering, which requires a name and password each time you place an order. That list will be dominated by chains mostly, but you can also enter the name and phone number of your favorite neighborhood pizza parlor. That's where Twilio comes in. From that point, it's just a matter of selecting pickup or delivery, picking a pizza size and toppings, and tapping a button to place your order. It enables Order Pizza to call the pizzeria-even on the iPod touch-and place your order.

Order Mapper claims a 95-percent success rate with pizza orders getting accepted in its testing. "We were surprised by the number of pizzerias that took the order," says Bricker. "We have some really good engineers." Bricker notes that premium features for specific restaurants could be added to future versions of Order Pizza. If the order goes through, you get a push notification. And Order Mapper sees its slice of the pie expanding beyond pizzas and into other areas. "I think the next version will probably be Chinese food," he adds.

Google plans to upgrade its YouTube video streaming Web site to provide support for IPv6, a long-anticipated upgrade to the Internet's main communications protocol. Google's Chrome operating system - whose source code was released this week - supports IPv6, as does its Android platform for mobile devices. Google already supports IPv6 with its Search, Alerts, Docs, Finance, Gmail, Health, iGoogle, News, Reader, Picasa, Maps and Wave products. For example, if a Verizon Droid user connects to a Wi-Fi network with IPv6, the user will be able to connect to IPv6 Web sites.

We've seen healthy growth in the last year." Google is anticipating IPv6 traffic growth as more devices such as LTE handsets and set-top boxes ship with IPv6 support, and as more ISPs such as Hurricane Electric, Global Crossing and Comcast offer IPv6 access and transit services to users. "We expect roll-outs to happen in our user community," Colitti says. "We expect other ISPs to push this to users, and we'll be ready for that." Google is one of the Internet's most aggressive adopters of IPv6. Indeed, Google's lead IPv6 engineers - Colitti and Kline - were recognized by the Internet Society earlier this month for their contributions to IPv6 deployment as winners of the Itojun Service Award, which includes a $3,000 prize. IPv6: The Essential Guide Next up for Google's IPv6 development team is YouTube. "YouTube is the IPv6 team's number one priority right now," says Erik Kline, IPv6 software engineer at Google. "We haven't said anything about the timeframe for that yet." Google admits it isn't seeing much IPv6 traffic yet on the Web services it has enabled so far. "It's somewhere on the order of the 0.2% range of Google users have IPv6 access," says Lorenzo Colitti, network engineer at Google. "Around 40% of that traffic is native. The Internet Engineering Task Force (IETF) created IPv6 in 1995 as a replacement to the existing version of the Internet Protocol, known as IPv4. IPv6 is needed because the Internet is running out of IPv4 addresses. IPv6, on the other hand, uses 128-bit addresses and can support so many devices that only a mathematical expression - 2 to the 128th power - can quantify its size. IPv4 uses 32-bit addresses and can support approximately 4.3 billion individually addressed devices on the Internet. Experts predict IPv4 addresses will be gone by 2012. At that point, all ISPs, government agencies and corporations will need to support IPv6 on their backbone networks.

The Planet, Netflix and Limelight Networks demonstrated IPv6 services over Comcast's network in June. Besides Google, other early adopters of IPv6 in the United States include the federal government and Bechtel. Google engineers have said that IPv6 deployment is not as difficult nor is it as expensive as they thought it would be. "We've seen that it's easy, and not that expensive, and refreshingly simple to operate," Colitti says. "We didn't spend any significant money on infrastructure at all….The boxes major vendors are shipping have had this for years. Google says that it's easier to design an IPv6 network than an IPv4 network because network architects can allot large blocks of IP addresses to subnets to cover future growth. It's just a question of turning it on and maybe fixing some bugs." Google is running IPv6 internally on its enterprise network and on the wi-fi and wired LANs in its offices in Santa Monica and Mountain View, Calif. "We have a couple corporate data centers running IPv6 through our internal corporate services," Kline says.

They said it's also easier to run an IPv6 network because there are no network address translation devices. "It's a much lower operational cost, it's easier to debug, and it's easier to design," Colitti says. "The larger address space allows you to break it up in a very predictable way. The Info Pro released survey results this week that indicated 7% of enterprise network managers have adopted IPv6, up from 5% six months ago. You can define a network 10 years out in terms of what IP addresses your routers will have." Google is encouraging other enterprises and Web content providers to experiment with IPv6. "You can set up an IPv6 lab for a trivial cost," Colitti says. "The bottom line is that it doesn't really cost you anything, it prepares you for the future, and it prepares you for a future where you will have lower costs." Google's strong support for IPv6 comes at a time when enterprise adoption of the next-generation Internet Protocol is slow. Additionally, 15% of the enterprise networking professionals interviewed by The Info Pro said IPv6 was in their plans as an infrastructure technology upgrade, down from 17% six months ago. InfoPro said that it is not anticipating much progress on IPv6 because the technology lacks "a significant business justification." The survey results are based on more than 200 interviews with enterprise networking professionals.

PayPal used its inaugural PayPal X Innovate 2009 conference in San Francisco to officially announce the PayPal X program to release APIs allowing developers to integrate PayPal seamlessly into third-party applications. The new PayPal APIs allow developers to engage customers directly within their own applications rather than forcing them to port users off to the actual PayPal site. The expanded functionality will help PayPal to compete against similar online payment services from Amazon and Google.

Users who don't even use PayPal can actually sign up for PayPal within the third-party application and begin making PayPal payments seamlessly from within the third-party application. Part of the goal of opening PayPal to developers is also to expand the types of transactions PayPal is used for to include things like paying rent, or employee payroll. PayPal wants to make it easier for developers to leverage its payment system, ostensibly making PayPal a sort of de facto currency for the Web. PayPal also has its eye on smart phones and wants to incorporate PayPal payments into mobile applications. PayPal is an established name in online transactions. Google Checkout is already working on mobile devices, and Nokia is working on its own mobile payment system, Nokia Money.

It built a reputation for providing a safe and secure means of making payments for things like EBay purchases. There are fees involved and some users have taken issue with those fees (including recently adding fees without notice for services that were previously free). Rather than adopt PayPal (and the fees that come with it) for online payment, Amazon and Google have developed homegrown online payment systems. It worked so well and got so popular that EBay eventually bought PayPal in 2002. PayPal doesn't provide the service as a charity though. Google and Amazon are both online gorillas, and Amazon is a huge online retail site, so the competition is a threat to PayPal. The new PayPal X API's provide an even more integral and seamless opportunity for SMB's to leverage PayPal for both incoming and outgoing financial transactions.

A couple years ago PayPal introduced the Website Payments Pro program aimed at providing small and medium businesses (SMB) with a platform for conducting secure online transactions. Tony Bradley is an information security and unified communications expert with more than a decade of enterprise IT experience. He tweets as @PCSecurityNews and provides tips, advice and reviews on information security and unified communications technologies on his site at tonybradley.com.

Enterprise efforts to consolidate data centers and install virtualization software are taking a big bite out of the number of power-hungry application and storage servers required to support enterprise data. You can move from hatchet to scalpel (to borrow a metaphor from President Obama). In this instance, the reference means that once you've minimized your number of power-sucking devices, it's time to precisely monitor and measure data center environmental metrics - down to the nitty-gritty rack level - so that you know exactly what adjustments are needed to optimize efficiency. But after taking this critical first step, what else can you do to boost efficiency?

What does a real green data center look like? Having visibility into them on a device-by device basis - a scarce capability today - reveals the degree to which they are in sync with each equipment manufacturer's recommended specifications for optimal operation.  'It's hard to improve power and cooling efficiency if you don't know where the waste is in the first place," says Nik Simpson, senior analyst in Burton Group's data center strategies practice. These metrics, of course, are electrical power, heat, airflow, cooling, temperature, humidity and pressure levels. Let's face it: it's far easier and less expensive to mount wireless sensors than wired ones. Wireless data center sensors, sensor networks and associated monitoring and management applications - available from companies such as SynapSense and Arch Rock - are starting to enable these capabilities and could kick off an evolved approach to data center energy management. "The smart grid is moving into the data center, and it is wireless instruments making this possible," asserts Peter Van Deventer, CEO at SynapSense.

Not needing cabling lets sensors live in many more places, so you can see a more complete and fine-grained lay of the land and make precise, appropriate adjustments. He estimates that the cost of a wireless sensor (SynapSense's are $100 each) is 10 to 20 times less than that of a wired sensor once you figure in the installation cost. In fact, sometimes sensors are only in the computer room air handler (CRAH). Though some helpful tabulations and assumptions can be made from this data, they don't show the entire efficiency picture. Because of cabling complexities, costs and the need for pricey data center 10Gbps ports for sensor communication, wired sensors tend to be installed in ver y few locations. There are also useful sensor capabilities built directly into some equipment, such as Cisco's Energywise solution for monitoring the power levels of Cisco network-connected devices. The emergence of wireless sensor applications aimed specifically at gathering real-time statistics in many places throughout the data center should ease the task, though.

One drawback with embedded sensors, though, is that they usually feed measurement data into each manufacturer's own management system, making it complex to correlate, Simpson notes. The applications help maintain compliance with industry standards for Power Usage Effectiveness and Data Center Infrastructure Efficiency. More on this subject next time. SynapSense also automates some adjustments for optimization.

The U.S. Department of Homeland Security's effort to hire some 1,000 new cybersecurity experts could hit a wall because such skills are increasingly hard to find, according to security experts. Alan Paller, research director with the SANS Institute, a Bethesda, Md.-based computer training and certification organization, said DHS has a critical need for strong technicsal skills among its security professionals who handle tasks like intrusion analysis, malware reverse engineering, security auditing, secure code analysis, penetration testing and forensics. "That's what DHS needs and is trying to hire," he said, adding that the agency faces strong competition for such skills from other government agencies like the National Security Agency along with private sector companies. DHS Secretary Janet Napolitano announced last week that the U.S. Offices of Personnel Management and Management and Budget has agreed to allow the agency hire up to 1,000 security experts over the next three years to ramp up its cybersecurity efforts.

The problem for all of the organizations, Paller said, is there aren't enough security professionals to meet the need. "DHS will be forced to hire weaker people and the cost of the very strong people will skyrocket," Paller predicted. The agency needs to address issues that have contributed to a relatively high turnover rate among mid-level to senior cybersecurity professionals at the agency, Kreitner said. Clint Kreitner, president and CEO at the Center for Internet Security (CIS), added that DHS must also create "leadership stability and consistency" before it can hope to attract the right kind of talent. The DHS' National Cyber Security Division, which oversees day-to-day cybersecurity efforts, has seen a "tremendous amount of turnover," Kreitner said. "It has been a revolving door." Many of the security professionals have gone on tothe private sector. "My guess is they don't feel like they are contributing as much as they would like to. President Barack Obama's continuing delay in appointing a White House cybersecurity coordinator has also been "a source of discouragement to many who are wondering whether the realty will match the rhetoric," on cybersecurity matters, Kreitner said. If people felt they were being effective they would stay longer," he said.

Obama announced the creation of the position in May. Pescatore conceded that an agency with the DHS mission has more information security needs than the typical company, the plan to hire 1,000 new workers is "incredibly silly and hard to do. John Pescatore, an analyst with Gartner Inc in Stamford, Conn., questioned whether the DHS, which employs some 200,000 workers overall, really needs 1,000 new security experts to meet its requirements. "For a typical private industry company of that size, you might see at most 200 information security staff -1,000 would be unheard of," he said. They don't need that many. [Even] if they did, they would be much better off training existing staff to become skilled in information security." he said. The NSA increasing security leadership has led to increasing calls for the DHS to oversee the defense of government and commercial interests in cyber space. The announcement about the DHS hiring plans come amid continuing questions about cybersecurity leadership . Critics have said that the NSA and the Department of Defense continue to exert more leadership on cybersecurity issues.

Even experienced developers can run into problems developing and deploying custom applications for software-as-a-service  platforms because SaaS vendors don't always embrace the accepted corporate processes for build, test and release. SaaS is popular in part because applications can be made available without the long deployment cycle typical of on-premise development. The trick is to adapt your configuration management processes to meet SaaS challenges. So a new report can be delivered immediately or a new field can be added to a data entry form on the fly.

A salesforce.com application may have features such as real-time Web service integration, automated e-mail and Web feeds, and batch integration to operational systems. But as SaaS offerings such as Salesforce.com have matured into full-fledged development platforms, the complexity of applications has grown dramatically. This increases the risk that a minor change could impact critical business processes or break the application. Consider the development of a Salesforce.com application from a traditional developer point of view, with the goal being to manage development in the most controlled fashion to ensure reliability. It is often challenging to apply best practices for configuration management in SaaS environments because: * The application may be supported by business, not IT. * SaaS administrators may not be familiar with configuration and release management practices. * SaaS deployment tools are still maturing. * Deploying an application often requires both manual and automated steps. * SaaS integrations require synching releases with legacy systems. * Code, configuration, deployment scripts and manual checklists all need to be checked into the source code repository.

The Force.com platform, Saleforce.com's custom development platform, is based upon the Model-View-Controller paradigm. This is configured via the salesforce.com setup menu that allows administrators to add custom fields to standard CRM data objects, like leads and accounts, or create new data objects with their own custom fields. This paradigm can be defined as: * Model represents the database structure. As soon as a field is defined or modified it can be queried via SOQL, the Salesforce. Salesforce.com has a built in forms editor for "page layouts" that are associated with data objects.

Com Object Query Language, or SOSL, the Salesforce Object Search Language used for free form text searches. * View represents the user interface. Pages can also be developed in Visualforce, salesforce.com's markup language that is tightly integrated with Apex code, Force.com's programming language that is based on Java. * Controller represents business and application logic. Custom business logic is developed as Apex code associated with triggers, Salesforce.com's version of stored procedures, Visualforce controllers, or as shared class libraries. Rules for field validation, workflow and button actions are configured via the setup menu. Force.com development uses practices that should be familiar to most Web developers.

A sandbox can house a full copy of production data, code and configuration, or just configuration. Salesforce.com allows copying the production environment or "org" to a "sandbox" just as you would copy the production data model and code to a development server. Development is done using the Force.com integrated development environment (IDE), an add-in for Eclipse that lets developers  create a project linked to a development org, production org or sandbox. Apex has a built in unit test framework that requires 75% coverage for all Apex code before it can be deployed. A project can be synched to a code repository, allowing check-in and check-out of code.

The Force IDE deploys code from a project to a production org. Ensuring reliability for the enterprise involves: * Limiting which users have a system administrator profile and defining their configuration management responsibilities. * Putting procedures in place to insure that code, configuration and data for production are checked into the code repository and archived (this may require taking manual snap shots of sharing rules, the role hierarchy and so on). * Creating manual or automated installation scripts. * Making sure that there is a plan for backing out production changes if needed. * Deploying to a sandbox for testing and QA. * Repeating the deployment to production. * Validating the deployment in production. How to address audit, security and business continuity upfront Configuration management traditionally looks at production configuration and code as a "baseline," identifies changes that will be released, and incorporates them into a new, auditable baseline once the release is validated. The gotchas Even senior developers can get lost in the weeds trying to figure out how a feature can be, or might have been implemented, in Force.com. Configuration experts and developers run the risk of reinventing the wheel if they do not collaborate closely on solution design. * Force.com deployment tools do not currently support critical items such as data sharing rules, picklist fields on standard data objects, lead and sales processes, and the management role hierarchy. * Apex unit tests are impacted by actual org data, so code that passes unit test requirements in the sandbox may not deploy. Typical "gotchas" include: * With numerous configuration options and powerful programming tools there are many ways to implement the same features.

For example, data queries on objects with more than 100K of data require querying an external ID field. Success is all in the plan Getting configuration management under control is much easier if the development and testing teams are on the same page from day one. Unit tests that pass in a sandbox can fail in production, killing your deployment. While typical build/release cycle looks like this: * Check in code. * Compile code. * Run database scripts and deploy code to test. * Run tests/inspections. * Deploy to pre-production/production. * Validate deployment. SaaS software development platforms such as Salesforce.com require a mix of configuration and custom development that can confuse developers and be difficult to deploy.

The following tasks need to be adapted for Salesforce.com development: * Check in code and configuration from development. * Check in task list for manual changes to the code repository. * Deploy manual code/configuration changes to test. * Run Eclipse/Ant automated deployment to test. * Run tests inspections. * Deploy using same process to pre-production/production. * Validate deployment. This can be addressed by adapting your configuration management processes for SaaS projects. Once you understand how standard programming and configuration management practices apply to a SaaS application it becomes easier to tackle with the traditional approach. Although SaaS offerings are designed to limit the time spent on traditional development, some tweaking is required in order to fully integrate them with enterprise systems. Hamilton is a CRM technical architect at Acumen Solutions, a business and technology consulting firm.

Contact him at ghamilton@acumensolutions.com.