Web Based Cloud Systems Design and Development

Cloud systems are essentially advanced websites, but they differ in the sense that clients must usually register and pay a monthly (or annual) subscription fee to use the services of the specific website (cloud system). Think GMail, Dropbox, SuperBru. When you subscribe to a cloud service like DropBox, you just pay for the service. It is someone else’s problem to pay for website hosting, etc. The lines can become a bit grey between advanced websites and cloud systems, but the gist of the difference lies in the business model used.

Cloud Systems Hosting

With a Cloud System, one needs to look carefully at one’s website hosting requirements.  The most affordable hosting solution for websites is usually shared hosting, where multiple websites are loaded unto a specific web server.  Usually many people at the hosting provider have access to the web server, at various levels, depending on their roles within the organization, which also represents a potential security risk.  When changes are made to the settings of a specific web server, it affects all the websites running on the specific web server.  From experience we have often found that these changes in settings by shared hosting providers can often negatively affect your specific website.  With shared hosting, you usually have to deal with a call centre to have issues resolved and the level of training of these call centre support staff is often inadequate to resolve issues.  Escalating issues can also be challenging, since the business model for shared hosting is volume over quality of hosting.  Thus, although more expensive, dedicated servers are usually the preferred route for cloud systems hosting.

Our own Cloud Systems: People Genius CRM and Survey Genius

We have developed 2 of our own cloud systems:   People Genius CRM is a Customer Relationship Management System and Survey Genius is a Business Survey System.  Both these cloud systems run on a fully managed dedicated server and People Genius CRM is a secure website, with its own security certificate.

Security

Security is paramount for all websites, but even more so for Cloud Systems.  There are many aspects of security that needs to be properly addressed, to truly have a secure website system.  To name a few:

  • built-in security in the source code of the website application itself  (e.g. protection against SQL injection, etc.)
  • having adequate requirements for passwords (e.g. length, different cases, special characters)
  • using one way encrytion on passwords (passwords stored in the database can’t be decrypted, not even by the developers themselves)
  • security of the server it is hosted on
  • safety mechanisms in place by the hosting provider
  • security certificate for the website
  • secure encryption protocol used to access the website (e.g. SSL Secure Sockets Layer, HTTPS)

The bottom line is that when it comes to website security, one can never bee too paranoid.