My friend Chris Hoff about a month ago (sorry slow catching up) wrote that all of these SaaS vendors who are clamoring for everyone to move off of their own infrastructure and stop wasting money on CapEx spending should eat their own dog food.
Hoff called out Salesforce.com, Facebook and the like to stop wasting 10′s of millions of dollars and live by their own mantra by moving their own services onto public cloud infrastructures. While I see Chris’s point and am a big believer in eating your own dogfood, I have two questions around it.
1. Why does it have to be a public cloud? I know Chris doesn’t like the whole “public vs private” thing. But as a consumer or cloud customer, do I care if Salesforce is hosted on an Amazon cloud or on a private cloud Salesforce built. I think the SaaS vendors are saying move to the cloud, but I don’t think they are saying to move to a public cloud necessarily.
Now whether they eventually wind up there is another story. I do think as this whole cloud movement continues to evolve the efficiencies of the public cloud will drive many of these SaaS vendors to adopt it.
2. Is security SaaS an exception to the rule. While many security SaaS vendors can now run their backends in a virtual environment (as opposed to protecting a virtual environment), does that mean it is OK to do. Would you have a problem for instance if Qualys was keeping your virtual data in a public cloud infrastructure? I think security and cloud security being such a hot button, will be one of the laggards in moving security SaaS services to a true public infrastructure. I think consumers of SaaS security solutions expect that too.
What do you think?
Related articles by Zemanta
- Dear SaaS Vendors: If Cloud Is The Way Forward & Companies Shouldn’t Spend $ On Privately-Operated Infrastructure, When Are You Moving Yours To Amazon Web Services? (rationalsurvivability.com)
- BMC Software to add more SaaS products to lineup (infoworld.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=ade5c98a-1b4e-4e17-9de6-236bc28ce5fd)
{ 2 comments… read them below or add one }
Once you start down the rabbit hole of questioning secure data storage (and security data storage) by a third party, it’s a little harder to justify saying yes to a Qualys and no to a cloud provider, isn’t it? Doesn’t Qualys already use third party hosting partners like Telus? Not cloud based, but still outsourced and offsite. What about MSSP’s and ASV’s? Hosted instances of scanning technologies from vendors like Qualys and Rapid7 are everywhere. I think much of the world has made that leap already.
You either manage your own data or you don’t. I’m not seeing the logic in feeling comfortable with storing, transmitting, or transacting critical business data on a shared platform but not vulnerability data. If anything I would be more paranoid about my customer records, intellectual property, and financial records than my list of potential vulnerabilities from Qualys.
So no, it should not be an exception.
Interesting questions, I just read a similar post about 'eating your own dog food' in the cloud software market by the WORKetc founder here: http://admin.worketc.com/Blogs/Development/69
You both speak of the benefits of eating your own dog food, i.e. the added benefit of constant in-house testing, as well as giving employees the shifted perspective of 'customer' before 'developer.' Considering WORKetc is CRM + project management + billing (aka very important business data) private cloud is important, but with proper security measures going with the public cloud is just as viable.
{ 2 trackbacks }