Developing Cloud Applications: Where your focus should be

Frank Zinghini

Founder & CEO
Applied Visions Software Development

More and more applications are moving to the cloud, including countless ones we use daily. What’s surprising is how many of them—even after all these years—fail to meet customer expectations. This is because most companies have never developed for the cloud before, and don’t understand the nuances and conventions required by this platform. When developing an application for the cloud, it is critical to know what to focus on—and what not to.

What is the Cloud?

For many, “the cloud” means Amazon Web Services or Microsoft Azure. While these are the dominant cloud environments, many others exist. In this article, the term “cloud application” is used to define any sort of web application where the application is running on a server remotely and accessed either through a browser or a purpose-built device.

Cloud apps vs. desktop apps

In the industry today, apps are built for the cloud unless there is a good reason not to. Cloud applications provide enormous operational gains over old-style desktop apps, which require local installs and introduce countless other headaches involving exhaustive hardware testing and ongoing user support. In the cloud, you manage your app on one server that serves the entire planet. Software updates are applied globally, for instance, with all of your users simultaneously receiving the update. With desktop apps, you have little recourse beyond hoping your users download and install the latest version when you tell them to. Because they won’t, you have to manage all the previous versions, which is a lot of work. Users are notorious for avoiding updates until something breaks. Cloud-based distribution avoids that problem entirely.

Cloud applications are accessed through a standard web browser. This simplifies your distribution, but it requires extensive testing. You will have to test your app on Chrome, Edge, Safari, Firefox etc. running on Windows, Mac, and Linux—and there will always be those holdouts still use things like Internet Explorer or Opera. That’s a lot to test for. It’s a crucial responsibility, but  there are countless tools that can simplify this task, and in the long run, it’s less of a burden than dealing with a desktop app, which requires much harder testing, involving hardware configurations and multiple operating systems and OS versions.

Building a cloud application is a different discipline than building traditional desktop applications. That’s a discussion for a different day, but just understand that it’s not a trivial transition for your developers.

Hosting your application

After deciding to build a cloud application, you need to decide where to host it. You can certainly host the application on your own servers in your data center, and there are times when that is appropriate, but often it’s not practical. A third-party cloud-hosting service is usually a better, less intensive choice – let them worry about keeping your application available 24/7. You can choose to treat your cloud platform as a virtual machine in the sky and build your app the same way you always have, using captive services such as Windows VM or Linux VM as hosts. Or you can use major cloud service providers like Microsoft Azure or Amazon AWS, which provide additional software services to make development easier. This is where (pardon the obvious pun) things get cloudy.

  • Consider using built-in services. Azure offers services such as data warehousing, business intelligence, and machine learning. Many of these can be bolted onto your product, which reduces time-to-market. AWS has comparable offerings.
  • Built-in services may save you time, but not necessarily money, because you pay for your usage. If you decide to use them, make sure you know up front what the cost will be in the long run. Don’t let that be a surprise after you’ve developed your application.
  • There are also countless open-source services that you can build into your cloud app, but using them requires careful consideration, as each will require more time and effort to incorporate and test. AWS and Azure are motivated to make their services easy to implement, while open-source leaves much of the work up to you.

Don’t just experiment or hack away until it works. Plan this out carefully. Do the research and understand what hosting options are available, how they work, and what the costs will be.  

Don’t overlook the user experience

When you deliver your application through the web browser, you are entering a world with which your users are already quite familiar. That is a good thing, but it’s also a responsibility. There are certain conventions and standards as to how people expect web sites and web applications to behave. Simple things, such as where the login link is on a site (it should be in the upper right), and more subtle things like how controls look or behave. These conventions are your baseline. The more conventional you are, the more your users will think, “Ah, yes, I know what to do”; and they’ll just do it. Deviate from these conventions and they will think, “What am I supposed to do now? It’s not obvious. Never mind.” Once you’ve lost a user, they’re usually gone for good—they’ll just go to a different app that better meets their expectations.

This can be a particular challenge if you’re moving an existing application to the cloud: you can be tempted to keep doing things the way you’ve always done them, but that can fall flat. It’s a sad thing when a cloud application looks like something from Windows 98.

Cloud apps are often accepted or rejected on the basis of a two-minute trial. You have two minutes to convince a user to stick around, and if they don’t like what they see, that’s it. You’re done. That’s why usability is such a big deal, and why somebody on your team has to focus on what the user experience should be. And build it into your development process from the start.

Security should not be an afterthought

The dark side of the cloud is that once your application is on the internet, it’s there for all the world to see – and attack. Security needs to be baked into your development process from the very start. Countless threats need to be considered and prevented, and it’s not just a matter of putting a password requirement on your application. There are countless ways to attack an application. Heck, even your login screens need to be appropriately secured—in the early days, too many developers discovered too late (to their horror) that their simple login screens were vulnerable to SQL injection there, giving an outside attacker a way into their database. Learn about application security, plan for threats in advance, implement secure programming practices, and test your software thoroughly.

In today’s environment, the consequences of security breaches can be crippling to a business, and you need to take the right steps to secure your application during development, not after you’ve been breached.

It takes a team

If you are looking to build software that serves users, you need a development team, not just a programmer. Developing an application for the cloud is far more complicated than just coding. A complete process includes:

  • Product definition
  • Design
  • Product management
  • User experience
  • Legal considerations
  • Architecture decisions
  • Programming
  • QA/testing
  • Support

Maybe you don’t need an entire team dedicated solely to a specific development project; maybe you only need five hours a week of design and ten hours of QA or security, for example. Once you define your team requirements, you can decide how to execute the development. If you don’t have the talent in-house, find someone with knowledge and experience developing cloud applications to complement (or be) your team.