Hi, I'm Ara, founder of CloudPal - a tool that eliminates many pains associated with the use of cloud services

Introductions
#1

Hi everyone, my name is Ara and it’s a pleasure to meet you all :smile:

I’m a web developer and entrepreneur, who like many of you, is full of ideas and ambition, always trying to get my newest crazy ideas built into innovative products and services. I ran into Bootstrapped.fm through a link on Quora, and all I can say is I’m excited to have found a place with so many like-minded individuals!

I’m here to learn more about product growth, and share my new product CloudPal with others who can help me test and validate the concept.

My vision for CloudPal is to provide an easier way for individuals to manage their cloud services. Sort of how “steam” has done for video games, where you can have a single view of all the cloud services you’ve licensed, easily and securely retrieve your credentials, view your expenditure (invoices, payment history, etc), and even make certain types of account changes in bulk (such as updating your credit card across all your vendors in one shot).

This hasn’t really been shared with anyone beyond friends and family yet, and I’d welcome any of your feedback. If any of you are interested I invite you to visit http://www.cloudpal.io and please let me know what you think.

That said, I’m ready to reciprocate the favor, and will be sticking around to help others in any way I can.

Thanks again and pleasure meeting everyone.

#2

Hi Ara,

Wellcome! Interesting idea and nice looking site. What web technologies do you use for the front/backend?

I see two potential problems with the idea:

  1. I will never store my passwords on a third party server. Are there any SaaS users without a password manager?
  2. I pay for my services annually so the statistics and invoices will not be that useful as paying monthly

Cheers

#3

Hi Cosmin,

Thank your for the comments!

We use a straightforward LAMP stack, the front-end is Bootstrap + jQuery, and we went with the Symfony2 framework on the back-end.

What you say makes perfect sense on both points, and we’re going to see how people respond to the idea. This is an MVP and has the bare essential functionality in order to start getting feedback.

At some point we would love to work directly with SaaS vendors using oAuth or something similar, which could alleviate some of the friction you’ve suggested, although as of right now we technically don’t store passwords only hashes for which only the users have the salt (e.g. how PassPack does it), which means the passwords can only be decrypted by the user while his session is active.

As for the second item there may not be much benefit for annual users yet, but if things go well, we would love to give vendors the option to have a ‘CloudPal Checkout’ that would give CloudPal users the option to rapidly onboard with the vendor and have the service instantly appear in their dashboard.

We would also like to expand the account management functionality we offer into other areas (e.g. bulk update your email address, contact info, etc)

We’ll see how it plays out, for now I’m cautiously optimistic and listening carefully to what people have to say :smile:

Thanks again for the feedback!

#4

Interesting idea though I personally don’t have a complex enough cloud environment to make something like this worth while.

One thought - if someone has multiple apps they may want to split costs up and view on a per app basis. Amazon allows you IIRC to do this with cost allocation - other services might not so could be done using estimates. Not a MVP thing I am sure but could be a good differentiator for Standard/Pro plans down the line.

we technically don’t store passwords only hashes for which only the users have the salt (e.g. how PassPack does it),

You might want to check your understanding or wording here as a technical audience will be very sensitive in this area (as already proven by Cosmin) - if you’re storing passwords that you can retrieve in plain text then you are not storing a hash (or at least what most people would expect when you say hash - a crypographic or one way function - e.g. you can say password matches hash you’ve stored, but not get password from hash).

#5

Hi Rhino,

Great to meet you!

Your suggestion is actually a great one, and I think you’re right, as we build up the offering allowing users to get a glimpse of their budget allocation by app, or by category could be quite useful (e.g. Infrastructure, Productivity, Analytics, etc.).

As for the encryption, you’re also correct and we need to find the right way of fostering trust and explaining even to technical folks how we keep their credentials safe. Just to clarify, when users register they provide a ‘secret keyphrase’ which we never store. This keyphrase is the actual cypher used in the encryption process, and we never store it. It’s something only the user knows and is used to decrypt their credentials only for the duration of their session. It’s the same approach employed by other services like PassPack and ZohoVault.

Thank you for the feedback :smile:

#6

I can see the need in larger organizations where SaaS is proliferating, with a false sense that it’s all cheap and easy. The challenge is that SaaS adoption tends to happens from the bottoms up, typically at the departmental level (e.g. a marketing team) and relatively out of sight from centralized IT and finance. There’s been a shift of power (making decisions and spending money) away from CIOs and towards CMOs. The latter are becoming the biggest spenders on software in many companies.

Will the buyers of each individual service (e.g. a marketing automation solution) want to adopt your service if it’s perceived as a threat to their newly gained independence? Things can get fairly political in Big Cos…

Account provisioning/closure for a bunch of SaaS tools multiplied by a bunch of users can be time consuming for sure, plus it’s a security liability if not done right. However provisioning is a tougher problem to figure out than password storage, and not every SaaS vendor is going to provide API hooks for that.

I see attempts at SaaS management from different angles, from OneLogin (SSO) to GetApp (marketplace) to Applango (usage monitoring). The SaaS space is definitely becoming big and complex enough that some sort of unifying admin layer makes sense.

#7

otravers, thanks so much for such an insightful post.

I couldn’t agree more, and what you say is something we’ve started giving thought to, although not with as much depth as you’ve done. For example, if we were to get vendors to back our ‘CloudPal Checkout’ initiative, we could allow companies to provision individual CloudPal accounts for different employees, such as CMO’s, who could still retain their decision-making power, easily contract services, and still have everything centralized and organized under one roof.

We definitely have to give this area more thought, and hopefully can get corporate users to shed some light for us so we can get a comprehensive understanding of the challenges they face.

Appreciate the feedback :smile:

#8

It looks interesting and I think it can provide value for many entrepreneurs, although personally I do prefer to keep and manage my cloud hosting separately. The biggest problem is of course, trust and security, if someone hacks you it gains access to all my services. and I don’t see anything in your site appeasing my worries.

Basically, you need to prove to people you are secure (not only by empty words like “You can trust us we’re using encryption”) but by specifying directly your security measures (everything is over ssl, we don’t store passwords or CC numbers, all personal sensitive info is stored encrypted etc). If you can afford it, hire a security expert to do an audit and then have them write a public review about it (of course after you’ve fixed the holes).

Btw, how do you plan to monetize it? For the moment is free, but I’m guessing you want to make some money.

#9

Hi @sapiensworks,

Thanks for the feedback, the security audit is a great idea, and will be high on our priority list, and yes, we will have to work on the site in order to transmit further trust with our audience.

As far as monetizing it goes there are a few potential avenues, the first of which would be a marketplace that provides one-click on boarding for users where they can get signed up instantly and have the account automatically linked to their CloudPal services list (again, sort of how Steam has done for video games).

Another option might be to expand into enterprise cloud management, and charge businesses for a more extensive product with a broader set of features.

We’re going to keep working it one step at a time and see where it takes us.

Thank you very much for your suggestions!