PaulDotCom mailing list archives

Hosted Applications and Security or Lack there Of

From: brianwgray at gmail.com (Brian Gray)
Date: Mon, 3 Nov 2008 10:23:34 -0500

It's nice to have the feeling of total control over your data by having it
in house. BUT, there are several CYA situations that make having another
company on the hook contractually if something does happen to the data even
better.
Pulling this example out of a hat:

    Take something like handling resume collection, resume storage,  job
application collection, and integration with other sites like monster.com,
hotjobs, etc. Why do I want to be liable for that mess if someone else can
do it for a fraction of the cost and contractually take the hit financially
if something happens?

2008/10/31 Bugbear <gbugbear at gmail.com>

Good Morning Everyone,

I had an interesting discussion with my boss yesterday over a really great
lunch and I decided to post it up here to see what dialog comes out of it.

We certainly have come a long way from a service provider just providing a
Virtual Web Server for our Corporate Web Page. Seems like everyone now is
selling a "hosted" solution. There is Anti-Spam Services, Message Archiving,
HRS Databases, Online Collaboration, Expense Reporting, DR Services, etc...
Every time I see such a  request or project plan in my Company for a service
such as these I get a twitch in my left eye and have a sudden urge to smoke.
In most instances I would prefer to have the apps in house but the reality
of being a mid-sized R&D company with no products yet and limited resources
sets in quickly.

What is everyone doing at work? Do you try to keep things in house? Maybe
based on the nature of the data (i.e. Hosted website offering up generic
info on Company is a lot different than a HR Database being out there)? What
does everyone look for when evaluating a host (i.e. SAS 70, other
independent audit reports, pens tests, site visits, etc...)?

Fire away I am very interested in every ones opinion!

Tim



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
-Brian W. Gray
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081103/44a33f51/attachment.htm

Current thread:

Hosted Applications and Security or Lack there Of Bugbear (Oct 31)
- Hosted Applications and Security or Lack there Of Brian Gray (Nov 03)
- Hosted Applications and Security or Lack there Of Paul Asadoorian (Nov 03)
  - Hosted Applications and Security or Lack there Of Bugbear (Nov 03)
- Hosted Applications and Security or Lack there Of Erik Harrison (Nov 03)
  - Hosted Applications and Security or Lack there Of Bugbear (Nov 04)