Despite the temptation of dramatically
reducing their total cost of operations, many companies are still
hesitant about making the move to outsourced IT resources and
services. Some worry about security – fearing that sensitive data
could fall into the hands of their competitors. Others are simply
not comfortable with the idea of an external service provider
taking responsibility for business-critical systems, and fear that
outsourcing would mean losing control of their own
infrastructure.
“The key here is trust,” he explains. “An
enterprise needs to trust its service providers the same way it
trusts its accountants and its lawyers – or even its own employees.
Choosing an outsourcing partner means trusting that the partner
will be able to protect systems and information as securely as your
in-house team could manage, ” counters Tanya
Duncan, Managing Director Interxion Ireland
He adds: “There are good reasons for thinking
that today’s outsourced service providers can provide better
security than most in-house facilities. Reputable data centres –
for example, those certified or accredited under SunTone, ISO or BS
7799 standards – have built processes to eliminate concerns about
the security of networks, data and physical machines.”
Physical
protection
Modern outsourced service providers take care of
physical security by deploying biometrics, multi-point surveillance
cameras, server cages and mantraps.
A biometric system scans the fingerprints of the
person trying to enter the data centre, ensuring that only
authorised personnel can access the resources. Meanwhile,
multi-point surveillance cameras are positioned strategically and
record all proceedings. The recordings are archived so that in case
of any sabotage the tapes can be revisited.
Further, server racks are placed under lock and
key. One key remains with the client and the other with the service
provider, ensuring that the service provider's engineers can only
physically access the servers in the presence of the client's
representative.
Network
security
Of course, securing the physical location of a
company’s servers is only half the battle – network access can also
be open to abuse, especially as mobile access becomes more
important and the number of portable devices accessing a company’s
resources increases.
Good service providers offer solutions which
allow clients to open their resources to mobile stakeholders while
at the same time minimising the chance of abuse. One of the key
solutions is double factor authentication – remote users enter
their access code, a challenge is sent on their physical token
(which could be a mobile, pager, PDA, etc), and only when the
challenge is fed into the system is access provided.
Such service providers also deploy proper
firewalls and intrusion detection systems which can detect and
restrict any unwanted advances to critical resources. Since
firewalls change at break-neck speed, service providers are in a
much better position than in-house IT teams to update their systems
on a regular basis.
Reliability,
availability and safety
The quality of infrastructure support is of
paramount importance. Service providers today invest a lot in
putting up an extremely good infrastructure with FM200-based fire
suppression facilities, precision air-conditioning to maintain
constant temperature, and power back-up systems to ensure that the
client's critical applications and data are kept safe and available
at all times.
“The thing to remember is that the provision of
these services is the core business of IT outsourcing companies, so
it’s vital for them to invest in an infrastructure which will
promote safety, security, reliability and availability – usually to
a far greater level than an internal IT department could justify,”
explains Tanya Duncan. “It is therefore almost always the case that
a system hosted in an outsourced datacentre will be better
protected than one in the company’s headquarters.”
Improving
service levels
“As we have already said, the core business of
outsourced service providers is to keep their customers’ IT
environments safe, secure and available at all times, so their
infrastructure will be designed to promote these objectives,” says
Tanya Duncan. “In-house IT departments tend not to have the budget
to specialise to the same extent, and their focus is usually split
between day-to-day infrastructure support and more exciting areas
like systems development.
“In-house staff may not be particularly
qualified – or even interested – in infrastructure support, whereas
outsourced service providers employ CCNA- or MCSP-certified
specialists. Outsourcing ensures that the run-of-the-mill
administration and maintenance tasks will be taken care of by
experts, and enables in-house teams to concentrate on adding value
to their business.”
Working with an outsourced service provider can
also provide access to services which are beyond the scope or
budget of internal IT departments – particularly in terms of
disaster recovery.
“Everyone can see the benefits of having a
secondary datacentre at a different site, but not everyone can
afford to set one up,” says Tanya Duncan. “Service providers will
typically run a number of dispersed but interconnected data
centres, so they can offer this service at a fraction of the huge
capital and operating expenses that would be incurred
in-house.”
Increasing
flexibility
Because outsourced service providers already own
the infrastructure their customers need, and have the right people
and strategies in place to meet almost any eventuality, it is often
easier for them to scale IT provision up and down in response to
their clients’ requirements than it is for in-house
departments.
“When you outsource your IT infrastructure, you
only need pay for what you use,” explains Tanya Duncan. “Since the
partnership is governed by service level agreement, resource
utilisation becomes someone else’s problem – so there’s no longer
any need to worry about whether your servers are over- or
under-provisioned.”
The
future of moving out
The trend towards outsourcing data centres will
grow substantially as IT infrastructure grows increasingly complex.
Service providers realise that the extent and scope of companies’
hosting requirements is growing all the time, and are building
capabilities not only to host servers, but also to provide
multi-channel connectivity, incorporate multi-level security, and
create environments that surpass their clients’
expectations.
“Outsourcing IT infrastructure is nearly always
safer and more secure than the in-house option,” concludes Tanya
Duncan. “It is also invariably cheaper and the service tends to be
superior, due to the specialisation of the outsourced service
providers’ staff, infrastructure and business model. Sooner or
later, most businesses are going to have to think hard about
finding a service provider they can trust and building a
partnership that will help them keep service levels high while
minimising costs.”
Cut
costs with carrier independence
“There are
hundreds of ways that moving your infrastructure to an outsourced
service provider can provide cost benefits,” says Tanya Duncan,.
“One good example is carrier independence. If you have your own
data centre, you will need to contract to a connectivity supplier –
which means you have to pay for the physical and exclusive cabling,
and if the provider’s systems crash, you lose connectivity. Having
two carrier providers for resilience purposes is usually too costly
for most organisations.
“By contrast,
outsourced service providers can offer hosting with multiple
carriers, so you are no longer tied to a single supplier and single
physical infrastructure. More importantly, if one carrier’s system
goes down, you can automatically switch to another, which promotes
resilience and ensures availability.
“Equally, choose
an outsourced datacentre with a large number of different carriers
– Interxion houses around 700, with between 50 and 100 in each data
centre. This means that the carriers are competing for your
business, and the cost savings can be significant – in some cases,
enough to pay for the first year’s hosing costs.”