Survival of the Fittest

Survival of the Fittest  

Companies looks for solutions to their technology, regardless of their industry if you have information chances are it is stored electronically and either you manage this yourself, you hire individuals to manage it for you or you outsource this all together.

I’m going to touch the outsourcing portion of this and leave the other 2 remaining topics for another day and based on the feedback or response I get from this one.  The outsourcing will be referred to as Managed Hosting.

Uptime is critical for everything and it’s like insurance you pay for it and hope to never use it but once you do, you are sure glad you had it because once things stop working then they might as well be completely shut down it’s like a total company wide work stoppage.  This is further extended into not only your company and its reputation but the confidence and focus on what makes success in your business and where others are able to focus the efforts in doing so.

So we take our precious information and share it with a separate company known to us as a managed hosting provider where they have experts or so they claim and the promise that they can run the IT portion of our business so that we can focus on what we do best and succeed on our individual businesses.

And yet here we are with trust, trusting a company to deliver this level of service is what I will call a true player in the game, the sales pitch is that the company I host with will become an extension to my company, an outsourced staff of IT operations and I like to think of this as some really smart person who knows everything and never sleeps, they are a  24×7 always up and running superman.
That sounds good to me, I can trust putting my whole business in this basket if the track record is proven, the references provide me a level of confidence to my uncertainty and the price measures the value for what I am getting.

You have extended a Service Level Agreement (SLA) to your customers, and now must not only meet your own stringent requirements for quality, but also the expectations of those who rely on you for their success. It is the mission of a successful vendor to keep clients delivering complex applications up and running.

The flashy advertisement is not going to fool me, there are companies which may have all of this but in other worlds such as the best doctors or lawyers they don’t advertise, they are here by word of mouth, the elites know who is good.  A proven track record and at any price the best is what is expected.

The Cloud, Virtualization, Managed Hosting, PCI Compliance, SAS-70, IDS, DMZ, CISP, HIPAA… Regulatory compliance and the associated security guidelines can be a web of confusing acronyms and requirements, but a good provider should be able to explain how these regulations apply to your business and how to accomplish a solution within your budget. Compliance, sensitive data requires an ideal environment for the applications. The industries which require compliance must meet these requirements of government regulators and subcontract only to providers that meet their stringent needs to match.

The extent of an audit with a vendor should also include asking what is audited. They should include on-boarding policies for new hires, disaster recovery and business continuity planning. For technology this should include physical security policies, data backup and recovery procedures, provisioning of services, asset tracking and inventory management. For infrastructure this should include separation and no sharing of hardware resources, decommissioning of services and servers and other best practices. Traditional clouds do not match the compliance regulations being on shared storage. Seek out an enterprise dedicated private cloud.

PCI Compliance is non-transferable however a hosting partner can provide key solutions and coverage in securing the handling and resources to meet with compliance regulations for their customers. One more consideration for clients wishing to achieve compliance is that PCI Compliance requires you to sign up with an Approved PCI Scanning Vendor (ASV). The scanning vendor will review the code on your site and detect vulnerabilities. There are a number of qualified companies who can provide this service.

Co-Sourcing – A belief exclusive to select enterprise level of service providers. A big difference from the more popularly known Outsourcing which is that while technical functions while considered the future of several years ago is now recognized to be more complicated. Throwing something to an outsourcer and expecting them to deliver exactly what you want was a nice idea but reality has always fallen far short of the promise. In order to get results you want from an outsourcer you have to actively manage that relationship and after you’ve spent all that time doing so you wonder if it would have been less effort in the long run just to have done it yourself in the first place. Co-Sourcing is the new way to look at things and it is a highly effective alternative to either outsourcing or d-it-yourself models. Bringing both sets of knowledge and expertise together is essential in resolving issues and figuring out the best plan for scaling to the next level. Finding a unique vendor who actual means it when they say they act as partners with their clients. In any co-sourcing relationship it is imperative to keep the lines of responsibility unambiguous and clearly state the responsibilities and obligations so that it is clear what is needed and not to say that advice or guidance is not offered when asked for or that the vendor will not go above and beyond the call of duty when the need arises but rather to set the expectations accurately.

Nicholas O’Neil
e: t: @noneil277

Posted via email from IT Rockstar