Cloud and SaaS technologies have allowed for many new vendors to sell their wares and many end-users to automate where they could not afford to prior. The downside to this easy availability of compute power is that many don’t have the expertise, inclination or resources to ensure the resulting services are enterprise-ready, such as backed by best practices like service continuity management, aka disaster recovery. My recent consulting vocation has given me the opportunity – actually, the mandate – to be an “assessor” and peer into dark recesses of an organization’s IT services and it’s not always pretty.
The ability to recover from some type of serious disaster in a data center is likely critical for all business entities. The acuteness depends on how a company’s business model depends on technology. Companies that offer SaaS services have a business model completely dependent on technology. DR should be a no-brainer; however, many of these organizations are startups that simply have not had the funding or the surety of an ongoing business to invest in a solution which provides only, in fact, a form of insurance with no direct revenue stream. These organizations are unlikely to be subject to oversight that would force DR spending.
A data center disaster could spell the end of a SaaS company. Yet when you have the startup mentality, that is an acceptable risk. Conversely, for a consumer of SaaS services, it might be an unacceptable risk, particularly if the service is a critical business function.
That consumer may be unsophisticated and not realize the importance of DR. Or it could an organization that purchased the service in “skunkworks” mode initially, but it now enables revenue or a critical supply chain. Maybe DR planning hasn’t occurred since it is out of sight and out of mind.
The Web 2.0 and cloud phenom is founded on quick to market and low cost with the anticipation that most ideas won’t stick. So the ideas that stick that need the investment and discipline of the DR discipline are proportionately few. Their SaaS provider may have all the best intentions, but not the mindset and resources to provide the service level that IT traditionally expects.
I think back to a Packetpushers podcast from last summer – “Show 55 – Questions You Should Be Asking Your Cloud Provider“.
So us IT Managers should keep this stuff in mind when our user-base contracts outside IT for business process automation. They complain the internal solution is too expensive, but this is likely why! Hopefully we can at least help vet solution providers or at least identify the risks.