« Water and software development find their own levels | Main | Pat Clawson can bluff all he wants, but to IPO he is going to have show his cards »

September 10, 2007

Yesterdays argument, tomorrows solution

One of the classic mistakes that armies on the losing side make is fighting the next war with the last wars weapons and tactics.  I am afraid Mr Hoff is guilty as charged in talking about the recent Google/CapGemini deal.  In case you have not heard, CapGemini will offer Google Apps to the one million strong corporate desktops that it services.

Chris does a nice job of explaining how CG will make money on this and some of the advantages of Google Apps. However, Chris seems to side on the camp of those who think that SaaS based, centrally managed applications and the data that goes with it, will present compliance and security concerns that could slow adoption. 

I say poppycock to that.  I heard the same thing about Qualys storing vulnerability data 5 years ago and over the intervening time have seen that argument melt away except for maybe in the federal government space.  In fact Qualys has now become the tester of choice for PCI compliance in many cases.  But beyond that, the whole issue of outsourcing application hosting brings me back to my days at Interliant, an early entrant into the ASP market.  We hosted Lotus Notes, PeopleSoft and other enterprise level applications. As well as managed security (mostly checkpoint firewalls, which was sold to Akiva).

One thing that we learned the hard way at Interliant is that people will not outsource applications which they consider critical and core to the business.  So for instance, if they were an accounting firm, they would probably not outsource the hosting and management of their accounting software.  However, critical, non-core applications are good candidates for outsourcing.  I think for the most part, this is exactly where the Google Apps fall.  I think the success of hosted CRM like Salesforce.com also shows that people are willing to outsource critical, non-core applications.

Now the fact that it is Google after all, raises in my mind anyway, two other issues. One is the privacy of my data from Google.  Is Google going to use that to hone the ad words they serve up to me?  The other is that as Google continues to grow, will it suffer from Microsoft like "evil empire" syndrome, where people attach dark aspirations to everything they do.  I guess we will have to see how this plays out.

Posted at 08:58 AM in Chris Hoff, compliance, General Security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200e54eda90c88833

Listed below are links to weblogs that reference Yesterdays argument, tomorrows solution:

» Speaking of Yesterday, Mr. Shimel, You Do Know It's Not 2001, Right? from Rational Security
In response to my post regarding the CapGemini/GoogleApps relationship, in which I espoused the benefits of the upcoming service offering, Alan Shimel obviously forgot to take his meds as he referenced some bizarre military campaign reference in his po... [Read More]

Tracked on Sep 10, 2007 2:46:16 PM

Comments

Search

Lijit Search

disclaimer

  • The views and opinions expresed here are those of myself only and in no way represent the views or positions or opinions of my employer, Latis Networks, Inc. d/b/a StillSecure or anyone else.

Blog Networks

  • Find the best blogs at Blogs.com.

StillSecure, After all these years, the podcast

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About