Born into a silverspoon ASP world

Date view Thread view Subject view Author view

From: Strata Rose Chalup (
Date: Wed Apr 12 2000 - 22:05:18 PDT

I'm definitely interested in the ASP concept, the WebApp/2-Way-Web a la
DaveNet, etc. BUT...

I'm truly amazed that folks would consider moving more and more of their
vital data onto servers that they do not control and to which they do
not have out of band access!

Am I the only one who breathed a sigh of relief when I got my first
highspeed connection and could bring all my email and files HOME where
they belonged, instead of at the mercy of some department/ISP/whatever?
Then there was the concept of "laptop", where if you couldn't get to
new, incoming email due to net lossage, you at least had access to your
files and data.

Put the family jewels out on a half dozen random dot-com sites which may
or may not be managed worth a damn, have data integrity for small
customers as well as biggies, and be in business from one month to the
next? It is to laugh! It's a free service, you get what you pay for.
If it's not free, then I get to be nickel-and-dimed to death by
"reasonable" $9.95/mo fees for these sites which will try to portal me
out the wazoo to make their reasonable fee more one-stop and reasonable.

I have been a sysadmin and/or systems manager professionally (ie, paid &
not a student) since 1983. I have specialized in Internet services
since 1992. I have done 50K - 500K ISP services rollouts for the last
three years ( news/email/mgmt, email/mgmt,
scaling arch/mgmt). I have kibitzed on many more, and traded fixes &
war stories with others. I live inside the sausage factory. I would
NEVER ever eat the stuff unless it was made in a friend's kitchen, and
even then-- not if I couldn't afford to be sick the next day.

Y'all seem like a pretty savvy bunch? Does your mileage vary because
you know something I don't, or just because you've never toured the
sausage factory?

How amused will the IRS be when you can't get at your tax info for your
audit because "mytaxesonline.whatever" had a server crash a couple of
months ago and you ignored the fine print that said only a doofus
wouldn't print out the results and save 'em offline?

Do you know how many ISPs, let alone "free" services, actually have a
working, tested disaster recovery plan that does anything more than get
the servers up & provisioned with user info? And *maybe*, just maybe, a
few days to weeks worth of data, depending on how huge the firm is and
how close to the bone they're running? I'm NOT talking the big
financials firms, or private corporations, though they too have much
dirtier laundry than you might believe. Just the same folks who will be
doing ASP type stuff, and are doing it already. Do you have any idea
how many ISP's have real server logs, phone trees, contact info,
guaranteed clueful support people instead of whomever is on duty this
Wednesday morning, 3am, at the data center, etc etc?

Let's just say, far far fewer than those who have huge thick piles of
the support contracts they signed with sales people who made a huge
commission selling outsourcing, rack space, 24x7-ya-de-ya, uber-platinum
service level, clone-tank-regen dedicated support rep, etc BUT who have
never actually HAD a failure big enough to show that the
process-n-clue-glue between the various support contracts is missing!

I know one major vendor, who provides specialized components in what is
the industry standard "multivendor huge ISP/ASP/financials backend
database system". They are in the process of forming their own
professional services group after several rounds of blessing first one
and then another outside group for professional services installation
work. Why? The manager forming the division told me candidly in a
phone screen that they were the only major product piece deployed in
these installations that DIDN'T have their own pro-serve arm to go
onsite when one of these went down. All of the other vendors' pro-serve
folks would point the finger at these guys' component, and since they
didn't have a guy onsite, there was no one to point back.

They spent huge amounts of engineering time to prove that their product
was NOT causing the problem and push it back on other vendors' support
folks where it would stick. This happened literally dozens of times in
fiscal year 99. When they compared the lost engineering time to the
cost of the pro-serve division, the realized they'd run the wrong
numbers all the time they decided not to form one. This is what happens
when you have support contracts out the wazoo and nobody of your own to
get tough with the bozos who show up and just want to close the call
ASAP. Outsourcing is not the solution to all problems, though there
are some it solves just dandily.

It's not that it's not technologically *possible* to make this stuff
bulletproof, it's that it's so damnably expensive, not just in hardware
which you can throw ignorant zeroes at but in scarce-as-hen's-teeth
*people* who actually know how to combine good tech practices with IT/IS
processes that work AND are given the time to do so rather than pulled
off the project when they "turn the key" in response to some asinine
corp mktg deadline. Don't get me started. Don't even!!!!

Anyway. I reiterate my earlier question, slightly rephrased: Is there
something that gives you faith in the ability of these things to
safeguard and hold your VID (very important data), or is it merely that
you have not been exposed to the corrosive power of cynicism to tarnish
your shiny faith in technology?

I want ASP's to work, but I want 'em to work on my data on my local
drive, AND I want a data sandbox for updates. And a file system that
supports that whole concept (versioning, with levels of trust in
versions). And a data service that lets me sync to it like a Palm
syncs, only encrypted, and sync multiple times but keep track so I know
how many times my data has been released and can compare it with how
many times I sync'd or requested it to different devices. And with
real-time passwd & token service so I release encrypted data to ASP
services via their highspeed back-end nets, take the processed data
and/or results back into my local or remote sandbox, approve it, save
it, sync it locally.

That's just the beginning. There's a helluva lot of infrastructure that
needs making to make this work. And interact safely with hoopy-frood
technology like GNapStellaWhatever and FreeNet. Great data protection
models like "this is undeletable" suck when you accidentally write your
tax info to your Freenet volume instead of to your local drive. Doh!!

I never know when something's going to push my hot button and spoil a
nice long stretch of lurking...


Strata Rose Chalup [] |
Project Manager | VirtualNet Consulting
iPlanet/Netscape Professional Services |

Date view Thread view Subject view Author view

This archive was generated by hypermail 2b29 : Wed Apr 12 2000 - 22:26:48 PDT