Archieves of Mayukh Gon

About Mayukh Gon

Mayukh is the Founder/CEO of PerfectCloud Corp. He has over 15 years of experience working in the technology industry, specifically Middle-ware technologies, Software Development, Identity and Access Management. His company PerfectCloud Corp. is an innovative Cloud company which makes products for enterprises to provide them complete security & privacy for their identities, access and data.

Cloud Security Is In Decline – What Are Your Options?

Cloud Encryption is in decline

Have you ever felt that awful feeling that the ship you’re on is slowly and steadily sinking, and no one’s telling you a thing about it? If you are in the cloud, then you should know the feeling, because while your captain is reassuring you that everything is A-OK, new holes start appearing in every new version of the product every day, allowing more water to seep in above the keel.

Cloud security has been in a steady decline ever since the cloud existed. It’s just too juicy a target not to try to hack. Imagine yourself as a hacker. You’re a 30-something-year-old geek who’s trying to get a name for himself. One of the quickest ways to do that is to exploit some vulnerability found in an enterprise. You see, hacking individuals is fun and all, but it’s not going to get you kudos among other hackers. Take down an entire enterprise, and you’ve earned yourself a badge. You hear about this “cloud thing” and it piques your interest, not because it’s one of the coolest booms of innovation to ever hit the internet, but because lots of enterprises park their sensitive stuff right there.

This kind of mentality has lead to a constant struggle between cloud providers and hackers, and guess who’s losing? It’s not those college kids or basement dwellers living with their moms. It’s the company that’s giving you the services you depend upon, and I guarantee that you’ll experience the wrath of a compromise one day if you’re not careful.

What makes this security problem worse is what is known as the identity and access management (IAM) gap. Basically, as the Cloud Security Alliance puts it, your employees have as much access to the cloud as you do, and activities happen without the knowledge of your IT staff. This creates a snowball effect where little pieces of information about your enterprise fall bit-by-bit into the hands of companies you don’t know you can trust. Essentially, you’re exposing yourself to a vulnerability without even being equipped to know about such vulnerabilities. Added to this, managers are prone to making mistakes in their adjustments of access management, which in most businesses is currently based on the honor system as opposed to being based on something more concrete, such as a database of users and access groups that can be transparently managed.

This, and your inability to take action quickly, spells an embarrassing future for you!

When the cloud first came into existence, some very smart people were warning everyone about possible security vulnerabilities that might exist in some applications. Now, enterprises on average run about one-third of all their mission critical applications on the cloud. There seems to be no turning back for these businesses, and if you are running one, it’s time you learned what you have to do in order to prevent yourself from getting into a mess that’s difficult to climb out of.

The Road to Iron-Tight Cloud Security

It’s very difficult to give up on a product that’s making you more revenue and producing less headaches. But you can’t ignore the fact that migrating over to the cloud, coupled with the bring-your-own-device (BYOD) phenomenon, can present new challenges for IT departments that have very little to no knowledge of what goes on outside their spheres of influence within the enterprise. For this very reason, you need to do a few things:

1) Adopt a BYOD policy and enforce it!

If you’re going to have BYOD, don’t just let people do what they want on their devices. Be serious about the threats that come with BYOD and address them. Have employees use your applications to bring their work onto their mobile devices. Use a security solution that allows you to track said devices and wipe them if they’re lost.

There’s another way around BYOD, though. Simply forbid employees to use their devices for work, but offer them company devices that are either partially or fully subsidized by you. This way, they will be able to compartmentalize life and work while still being able to maintain a high level of privacy and comforton their own personal devices.

2) Doing backups? Rely on yourself!

It is immensely difficult to set up a backup solution that will be able to store files in a central repository and synchronize folders efficiently. That’s why you don’t have to do it. No, we’re not talking about sticking to the cloud. Instead, you can move the cloud to you. Just use a private cloud backup solution with end-to-end encryption. Make sure it doesn’t “phone home” in any transaction. In other words, as long as you have a private cloud server that doesn’t communicate with the outside world, but backs up via intranet, you could end up with a secure backup method that won’t put your company at risk. Of course, you have to set it up correctly, too.

3) Use a transparent, concrete, and highly-secure identity management solution.

If you’re not taking care of your identity infrastructure, anything else you do for security is worthless. The biggest problem in identity and access management is making sure that your employees are not using cloud apps all willy-nilly without any supervision, right? What if you could have an environment that shows you detailed audits of application access and stores all of the identities in your infrastructure in a safe location? What if that environment allowed everyone to keep the encryption keys in their hands rather than storing it on the server?

These are not the only options you have but take them as a starting point to make sure you’ve less to worry about. As they say, get back to the basics and look at the fundamentals.

Have any more options to add to this list? Let me know in the comments and I might update the article.


This article was first published on PerfectCloud Blog. Visit the blog to read more about cloud computing, security and privacy.

Advertisements

Why Cloud Security Should Focus on Identity Management

Identity and Access Management system diagram

(Source)

Despite the woes of many that the cloud may not be secure enough for real business to take place on it, many people are hopping on the gravy train. The growth of the cloud has become immense, an inevitable result of the large piles of money corporations and small businesses throw at it. Whether you like it or not, the cloud has become today’s chief business infrastructure and there’s no sign that it will go anywhere.

History’s Lessons

Historically, a correlation can be made between the popularity of a product and its likelihood to become a target for wrongdoers. Technology products are no exceptions. As Microsoft Windows grew more popular, hackers became more interested in swindling unprotected users of their money and computing resources.

Alas, the same thing shall happen in the cloud if we’re not careful enough. Some services are already starting to feel the pressure to become more robust against these threats. However, one service doing the right thing just isn’t enough. We need a tough policy on security, and we need it soon. Otherwise, the hordes will show up at the gates and we might as well have just thrown them the key and run away.

The Chaotic Cloud

In the corporate world, IT management is in chaos. Cloud services are services that fall outside of the company’s scope of control. Therefore, they have to enforce strict policies and assign roles to users that are subject to change at any time. They need a way to get new people on board and people who leave the company off the system.

For each employee, this might mean adding and/or deleting several accounts at once. What a nightmare! Some companies may even get lazy and put the same password on all the accounts for that particular user. Once a company goes down that road, it will one day crash and burn like every ordinary fellow does when he sets the same password for everything. (Learn How To Create Strong Passwords Without Forgetting Them)

To add insult to injury, many solutions that are meant to help with this issue tend to turn it into even greater a problem. Each cloud product developer has a different way of making their login system. Because of all the different conventions, security software providers find it difficult to provide a definitive way to secure every identity. As a consequence, companies continue to create identity silos that become increasingly difficult to manage as they grow.

Today, security providers are trying (mostly unsuccessfully) to catch up with the variety of cloud services out there, making sure that they can remain ahead of the curve. But these cloud services have now become a vital part of our infrastructures and we simply cannot renounce to them so easily. How do you make sure that your presences on the cloud are iron-clad?

The Solution

The overall cloud infrastructure is in desperate need of a knight in shining armor. Who will that be? Cloud security isn’t exactly the most developed sector of the IT sector, but it holds a lot of promise. One of these promising solutions is identity and access management (IAM), which solves virtually every aforementioned issue here.

The market for IAM is growing, with Gartner predicting its 2017 numbers to be somewhere around $4 billion. This means the technology is evolving and will continue to make face to the challenges that lie ahead. The road to a completely secure cloud won’t be easy, but tech innovation inevitably trumps all of the things standing in its way just in the nick of time. We expect that IAM will become one of the principal solutions for cloud security, chiefly because of the way it accounts for basically everything a company needs to manage its IT infrastructure with peace of mind.

IAM seems to hold the key to the future of IT security, as companies migrate more into the cloud and create more accounts for their employees. It makes IT management processes a breeze and allows companies to enforce policies more easily with virtually no chances for making mistakes. It not only lowers the costs involved in paying for wasted time managing tons of accounts, but it also raises the bar significantly in the reliability of your security.

Before you pop out the champagne and celebrate the fact that such an awesome solution exists, however, you ought to know that there’s more to your security than simply signing up for the first IAM your eyes land on.

How “Good” IAMs Manage Data

One question we must ask ourselves is: Who is watching the watchers? Well, IAM watches after your accounts and provides role-based security in a firm. But who makes sure that IAM providers aren’t peeking into your data? Businesses entrust a lot of information to their providers without questions. Perhaps it’s time they asked what exactly is being done to make sure that the company providing the services has no access to the data.

Maybe, just maybe, it’s time to ask how encryption is managed on the server side and on the client side. Do you have any control over the cryptographic functions of anything you use? It would be kind of scary to put all your passwords into a service that offers only promises but no concrete evidence that they’re actually storing your data behind lock and key.

Just imagine for a second what kind of nightmare it would be if a hacker managed to tap into an IAM service’s database and decrypt all of its data. That would mean that the hacker has every one of the provider’s client accounts, and the accounts of each employee. The damage that this person can do is extensive and ultimately fatal to even the most big-budget firms. How do you determine whether this will ever happen?

With our solution at SmartSignin, at least, you’ll be able to create your own encryption key, which means that we delegate control of half of the encryption process to you. In this manner, any breach would only succeed to gather a bunch of gibberish. Your key is safely tucked inside your brain and the hacker won’t know how to crack your safe open.

The next time you look for a proper security provider, don’t forget to ask yourself this question: How much control do they give me over my data? You’ll find yourself surprised at how much you were willing to trust to someone else without any concrete assurance that your data is safe!

Is Your IDaaS Vendor Really Securing Your Identity?

One major problem with Identity as a Service

With no huge capital investment, and almost equal operational expenditure, organizations all across the globe are rapidly moving to a cloud based infrastructure.

The benefits of moving to cloud may be plenty, but where sensitive corporate data is involved, adopting cloud leaves the enterprise in a fix. Reason being, that almost all the cloud based applications are in a public domain, and the maximum level of security offered by all of the cloud application providers is a secure channel of communication between the SAAS vendor and the consumer.

In older days, enterprises used to manage security by putting big bad firewalls to keep the data within the premises. If the data was to move outside the firewall, there were VPNs. With cloud, all the data residing with the vendor is in clear text and god forbid if the notorious hacker is to get hold of it.

This inherent problem with cloud SAAS has followed organizations in the identity domain as well. But identity is a different beast altogether and the security aspect must not be overlooked when adopting IAAS (identity as a service).

SAML, the protocol to establish trust between two different identity systems, will be the answer provided by many cloud identity providers, but is SAML really the answer? Not so much! SAML just take cares of the establishing a secure channel for transporting identity, but the actual data residing with identity providers may not be secure. This is the question that really needs be to be answered before adopting a cloud based identity provider. Why? Well digital persona theft exposes the organization to plenty of hazards both monetary and reputation wise.

In older days, the organizations used to get rid of the incompetency in the data breach by making a change in the organizational structure of the team responsible for managing security. With cloud, in case of security risk, moving to a different cloud IAAS vendor is harder to do because the digital personas reside with the provider, and replicating those records along with roles and policies would be a nightmare, both in terms of time and cost.

So what to look for in a cloud IAAS vendor if not SAML? Yes, you got it right! The answer is: what is the IAAS vendor doing to protect sensitive data?

1. Are they putting firewalls?

2. Are they getting security audits done for their infrastructure?

3. Or are they doing real-time encryption?

1 & 2 are the norm and comes by default with IAAS vendors. However, encryption is the trickiest part, because simple encryption is nothing without carefully crafted key management system. IAAS providers for a non-collaborative way of providing SSO, the key management is usually poor. Either the keys reside with data that it is being stored with, or the keys generated are through an algorithm, making the encrypted data exposed to rainbow tables.

The Smart-Key Algorithm developed by SmartSignin and its inferred system architecture make possible a new class of security and trust for cloud based identity and access management. One can think of this as perfect trust because it is based on the principle of mutual distrust of all elements in the system.

By using key splitting, mutual authentication of client and server, and ensuring that an actual encryption key used for entity/password protection is never stored or used on a server (encrypted or otherwise), it gives absolute assurance that even if an attacker was to penetrate that said server they would never have enough information (even if actively stealing data out of memory) to ever reconstitute a key or steal an online identity. By ensuring decryption and use of credentials exclusively on the client it renders cloud servers (which are the single point of security failure and highest risk element in any system) immune to any attacks associated with account compromise.

In summary beyond the Smart-Key Algorithm offering a high level of security with the right implementation, it also offers cloud based security and identity management a significant forward evolution that is very compelling and worthy of broad use and deeper integration (i.e. direct use of the algorithm rather than just encryption of regular passwords) into various web services.

SmartSignin takes security very seriously. With its patent pending Smart-key algorithm & carefully crafted key generation and management architecture, it leads the way and stands apart from all the players in the cloud.

How The Cloud Can Keep Canadian Business Afloat

Canada’s been seeing a slight recovery from its recession recently, with bankruptcies declining slightly from one year to the next. Still, there are companies that can’t keep up with the excessive challenges that are appearing as a result of the harsh climate. How can we keep businesses in Canada, particularly domestic ones, solvent?

300px-Canada_flag_halifax_9_-047

One way to cure the illness is by introducing more businesses to the cloud. This includes providing cloud-based services that bring accessible and affordable enterprise-class services to them. Put simply, the cloud will save businesses money, in most cases. But it’s not just about money. In the business world, time is also an asset. The cloud also helps increase their productivity and get more done in less time. This essentially translates to less man hours necessary to pull off a project. In the end, less employees can get more work done. Or, when seen through other lenses, that same amount of employees can get even more work done.

Aside from that, organizations such as the Canada Cloud Network can provide avenues to better promote products and services on the Internet that would help businesses succeed. This creates “hubs” that businesses can use to get in touch with new and innovative Canadian cloud vendors that create the products they love the most.

In addition to all of these things, there’s one that should take center stage: The advocation of a framework that would allow businesses to do what they do best. In the current economic climate, a lot of businesses have been leaving Canada because of its inability to attract investment. When trying to find what’s causing this problem, people like to look through a microscope and examine small details of the bigger picture. Perhaps it’s time we actually stand back and look at the elephant in the living room. The country is riddled with problems that have created a quasi-hostile environment for businesses.

We can no longer afford to ask, “What can we do to solve these problems?” Instead, we must ask, “How can we work around these problems and provide an untampered medium by which businesses can peacefully operate?” The answer to the question, as always, is to make the cloud more known. We must raise awareness of the cloud, SaaS, and IDaaS services that can seriously slash their costs to fractions of what they used to be. We have to take advantage of the fluidity and flexibility of the Internet as a framework by which businesses will survive.

The one thing that Canada’s starting to lack in is innovation. New ideas don’t pop up as frequently as they do in other countries, and it’s mainly because people are afraid to get their feet wet. We must promote a strategy that will inspire people to create. Businesses often feel the need to get creative when they adopt new solutions that help them multiply their productivity and explore new methods for managing tasks.

How do we get businesses to adopt cloud solutions? The biggest barrier is security. Corporations feel rather vulnerable when thinking of the cloud because of the fact that they’re sharing it with many other concurrent users. They need to feel convinced that everything is safe. Sweet-talking them into a sale isn’t enough. We have to ensure that they have the facilities necessary to prevent attacks from happening. Another common fear is downtime. Cloud servers need to be more robust and the lines they operate on need to be ultra-stable. Otherwise, dissatisfied customers will refrain from ever again touching the cloud.

With these goals in mind, we can form a proper strategy:

  • Raise Canadian cloud vendor awareness through organizations like CCN.
  • Make Canadian cloud based services enticing to businesses looking for savings.
  • Participate in discussions regarding business innovation.
  • Enhance cloud security and entice businesses looking for security.
  • Enhance server and line stability.

It’s easier said than done. Most of the items on this list are nearly impossible to accomplish on an individual basis. It’s time for cloud vendors to organize and develop a concrete plan of action that would better give Canadian businesses the proper push they need to keep themselves alive. More investment in the cloud will one day be translated as more investment in Canada’s future.

The cloud can provide a resource more valuable than any commodity, reaching out to everyone from entrepreneurs to small businesses, and then to large conglomerates of corporations. Each of them can benefit from this great resource and share in its joy. What’s best for business is best for Canada’s national interest. By improving public and private sector operations, we improve the economy and, as a consequence, improve the lives of the country’s citizens.

Lifting The Roadblocks To Canada’s Business Innovation

Today, technology is bringing us closer together than ever before. Its impact has given small businesses and individuals the ability to make use of resources that previously have been available only to larger enterprises. In a nation, the overall innovative capacity of businesses within its territory determine how successful the economy of that nation will be.

Some would argue that Canada is a nation that has been more lightly affected by the global financial crisis than others. Many of this nation’s citizens pride themselves with the prudence and responsibility that has kept its head above the water. But what can we say about Canada’s business innovation? The country is not very on-par with other similar nations.

One report from the Centre for Business Innovation at the Conference Board of Canada says that there is no way of knowing where to lay the blame, whether it be a lack of qualified persons, excessive regulation, tax burdens, and high barriers to entry. In fact, let’s look at a quote from the report: “Some major attempts at solutions have already been tried. For example, great progress has been made in reducing the business tax burden in recent years. However, we have not seen hoped for gains in business innovation performance.”

But it’s not enough to lower taxes and expect for businesses to set up centers for research overnight. In fact, if you really want to put the blame somewhere, why not blame everything? The barriers to entry for entrepreneurs to start something in Canada are excessive, public sector wages are much higher than private sector wages, regulations are not very friendly for smaller enterprises, and taxes are excessive.

From reading the Centre for Business Innovation’s report, you’d think that taxes are lower today for businesses in general. This is only partially true. In 2006, the corporate capital tax was eliminated completely, only to be re-introduced in full force in 2012. That gave businesses roughly six years to accomplish something. That’s, by no means, a “major attempt.”

Aside from that, we still have a problem. If you come from another country, you’re not always likely to have your university studies recognized in Canada. You also might encounter a certain number of roadblocks while trying to start your own business. This almost hostile environment for outside influence might be the single biggest problem that businesses face in Canada’s current economic climate.

If you fear that foreign business might take away market share from domestic businesses, that would only happen in instances where a domestic business cannot offer a better product. In that case, the process of elimination must take place and the best man/woman wins. Encouraging and celebrating competition, while creating a healthy environment upon which it may flourish, will create the interactive flow necessary for a strong Canada full of ideas. The boom of changes that come from such a move will spur a great amount of innovation as Canadian businesses fight tooth and nail to try to compete to the hardened veterans overseas.

Image

                                                                                                        Canada and Innovation?

But what do we do about the telecom industry? Well, why not do the same? We can reduce their consolidation of the Canadian market by making it easier for small local providers to appear and expand. Telecom is a very consolidated market in this country because of the great piles of regulations that make it difficult for small businesses to comply. One may argue that we have a sufficient amount of smaller telecom companies, but that argument doesn’t justify the roadblocks they are experiencing every day that prevent them from scaling up. These roadblocks are composed chiefly of regulations from the CRTC and other regulatory bodies.  Also consider the lack of savings incentive caused by the tax burden. This combination is a large impediment to the potency of the telecommunications industry of Canada. Potency comes from the lifting of boundaries that keep them stuck below a certain ceiling.

If there’s anything you should take out of this, it’s that Henry David Thoreau’s words ring truer today than ever before: That government is best which governs least. The less intervention the market experiences, the more opportunities it will have to expand. Perhaps it wouldn’t be in everyone’s interest to have a completely laissez-faire policy, but it would do well to get rid of anything that puts boulders in the path to innovation, whether it be from a small or large enterprise.

Top 10 Cloud apps useful for SMB’s

As a small business owner, I adore using the Cloud. I’m constantly searching for the latest online widgets and SaaS apps that will help me manage and grow my business. “SaaS” or Software as a Service includes any application that is delivered as a service via a Web browser, from a public or a private cloud.

What are the benefits of SaaS? SaaS or Cloud apps are about cutting cost, easy deployment, improving business productivity and increasing revenue. Cloud apps can be accessed from anywhere using any device that can connect to the internet, including smartphones, and tablets.  Some other advantages include pay-as-you-go subscriptions, which typically include the app itself, tech support, and access to all upgrades.

Popular app categories with SMBs are e-mail, CRM, collaboration & project management, customer support, accounting/billing, and marketing automation. I personally get most of my app information from http://www.smallbiztechnology.com and Getapp.com. These great sites recommend SaaS applications specifically for SMB’s.

Allow me to share some of the free and paid SaaS webapps that I use in my business

1. E-mail service – email is the life-blood of a business. Without efficient and timely communication internally and externally, a business cannot function properly.

My choice is Google Apps Gmail. It is simple to integrate with all devices and is easy on the wallet at $5/user a month. Google Apps also allows you to access all other Google services including Google Drive, Google Analytics, YouTube, and Google+.

2Online Document Storing, Managing and Sharing – Collaboration plays an important role in every business. This is especially true with telecommuting employees and globally distributed teams, suppliers, and customers needing to communicate and share notes, designs, and documents from different locations.

Google docs & Mavenlink – Google Apps is the cheapest choice but it is very limited in function and I’ve noticed formatting is often lost in the conversion to/from MS Office. Mavenlink on the other hand is very intuitive, easy to use app and it can be integrated with Google Apps if desired.  Mavenlink not only includes Project management and collaboration tools, but it also provides time and expense tracking. The only downside is that it cost $39/month for the basic package, and it can be expensive for some small businesses.

3.  Payment gateway A payment gateway is a crucial part to enable Internet based businesses to accept e-payments.  Paypal is a good option for SMB’s as it is universally accepted around the world. But, all client payment data& history reside with Paypal. I personally prefer Stripe. I highly recommend SMB’s (that need to accept online credit card payments) to utilize Stripe as it is very easy to use and very cost effective. The charges include a flat fee of 2.9 per cent, plus 30 cents per transaction.

 4. VOIP and Video conferencing/Chat – Although Skype is one of the popular cloud-based companies offering free and paid Internet calling, I find that most of the time the video and sound quality is lacking. I recently came across Zoom.us and I found it offered a much better user experience than Skype.  Zoom is very simple to use, offers high quality video conferencing, screen sharing through both pc browsers & iOS devices and allows up to 15 people to meet online for free.

 5. Customer Feedback & Support – Customer feedback and support is necessary for a businesses as it provides insights to what your customers need and how best to improve your businesses.

We decided on UserVoice as it was easy to implement, very user friendly, and had great functionality. With UserVoice all you need to do is embed a widget on your website and then you can create a forum for your customers to submit their feedback and ideas. Customers can also vote on the best feedback/ideas submitted. They can create comment threads they can discuss problems, develop ideas, and even share them. The prices range from free to $125/month.

6. Web Analytics – Today every business requires a company website to attract new customers and serve existing ones. Any business with an online presence should employ website analytics to track the numerous ways people use your website. Web analytics can help SMBs increase marketing efficiency by monitoring and analyzing the web traffic (where it’s coming from and why?) and the visitors’ behavior on the site (what users like and dislike about your site). The statistics help determine what aspects of the website is engaging and what changes need to be made to increase traffic flow and develop new customers.

Google Analytics is free and by far the most comprehensive and easy to use app to analyze website traffic and behavior. You can find data on visitors coming to your website, their location, the sites that referred them to your website, the search keyword they used, the pages on your website that have high traffic and low traffic, the bounce rate (percentage of visitors that leave your site without signing up) and the average time spent by the visitors on your site.

7.  Inbound marketing and automation – Inbound Marketing is a way to increase traffic through SEO and Social media vehicles by providing high quality and engaging content for your audience. The idea is that instead of looking for customers, your content and social media efforts should attract potential customers to your website.

Optify is online suite that has helped us improve our inbound marketing by helping us choose the best key words for SEO which in turn has increased traffic and leads from organic search and social media. The app also helps manage, track and measure a company’s marketing efforts. Optify is very easy to use, and SMBs, with no dedicated staff for inbound marketing, can use Optify to track their SEO performance and leads. The customer support is excellent and the staff went out of their way to assist our team in getting a better handle on the Optify tools.

8. Email marketing – e-mail is one of the most important means of communication SMB’s can have with prospective clients, current customers and business partners. It is as important as social media marketing and is much more affordable than off-line marketing.

We decided to go with Mailchimp. The company offers a very user-friendly and easy to use application, with affordable plans, prices ranging from $9 to $250 per month. The best feature is that Mailchimp not only has ready-made email templates available but also allows the user to design email templates from scratch and integrate email marketing campaigns with social media. There are also very good tracking tools to manage email campaigns and monitor how many subscribers actually opened the email message.

9. Accounting  – We use Expensify (Google Apps) to track our expenses and we use Freshbooks to manage our invoicing.  We use Expensify because it is very easy to use and we can sync everything with Freshbooks. As an international company with clients all over the world we found Freshbooks had the best coverage.  Freshbooks is super simple to use and supports multiple currencies and geographical locales.  Freshbooks also has easy and secure back-up that encrypts the data.

10. CRM – There are now a good number of Salesforce alternatives out there from which to choose a solution to manage your relationship with your customers.  We found it difficult to single out CRM solutions as there so many.  Because we use Google Apps Gmail for our email solution, we find Insight.ly (also Google Apps) irreplaceable for our CRM purposes as it can instantly provide us with a complete history of our communication with a customer, company or individual. Insight.ly is fully integrated with Google Apps full range of solutions, including Contacts, Google Docs, and Calendar. Insight.ly is a no brainer if your company uses Google Apps.

That said, Insight.ly doesn’t provide all of the CRM features we desired (i.e., campaigns & progress reporting). As a result, we chose Campaigner CRM (formerly Landslide) to fill those gaps and more (e.g., Campaigner has iPhone, iPad, and Android support …Insight.ly does not). Campaigner provides all the CRM features we need at a significantly lower cost than Zoho.  Campaigner is incredibly easy to use, integrates with Google Apps and MS Outlook, and syncs with Quickbooks.  Using Campaigner CRM we were able to tie our entire workflow together in a cost-effective manner.

With so many useful Cloud apps there is of course the difficulty of remembering numerous ID’s and Passwords. For that there is SmartSignin, a simple and secure Single Sign-on app for your personal and business web accounts, ID’s and passwords! SmartSignin is a cloud-based Identity and Access Management (IAM) solution with Single Sign-On for browser-based and cloud applications. SmartSignin enables both businesses and professionals to manage their identities and access privileges in the cloud in a simple and secure manner. SmartSignin’s patented security was developed in conjunction with Ganita Labs, a cryptography lab at the University of Toronto, and it ensures there is no single point of failure in the application and only you have the keys to your online identity.