Despite the temptation of dramatically reducing their total cost of operations, many companies are still hesitant about making the move to outsourced IT resources and services. Some worry about security – fearing that sensitive data could fall into the hands of their competitors. Others are simply not comfortable with the idea...
of an external service provider taking responsibility for business-critical systems, and fear that outsourcing would mean losing control of their own infrastructure.
“The key here is trust,” he explains. “An enterprise needs to trust its service providers the same way it trusts its accountants and its lawyers – or even its own employees. Choosing an outsourcing partner means trusting that the partner will be able to protect systems and information as securely as your in-house team could manage, ” counters Tanya Duncan, Managing Director Interxion Ireland
He adds: “There are good reasons for thinking that today’s outsourced service providers can provide better security than most in-house facilities. Reputable data centres – for example, those certified or accredited under SunTone, ISO or BS 7799 standards – have built processes to eliminate concerns about the security of networks, data and physical machines.”
Modern outsourced service providers take care of physical security by deploying biometrics, multi-point surveillance cameras, server cages and mantraps.
A biometric system scans the fingerprints of the person trying to enter the data centre, ensuring that only authorised personnel can access the resources. Meanwhile, multi-point surveillance cameras are positioned strategically and record all proceedings. The recordings are archived so that in case of any sabotage the tapes can be revisited.
Further, server racks are placed under lock and key. One key remains with the client and the other with the service provider, ensuring that the service provider's engineers can only physically access the servers in the presence of the client's representative.
Of course, securing the physical location of a company’s servers is only half the battle – network access can also be open to abuse, especially as mobile access becomes more important and the number of portable devices accessing a company’s resources increases.
Good service providers offer solutions which allow clients to open their resources to mobile stakeholders while at the same time minimising the chance of abuse. One of the key solutions is double factor authentication – remote users enter their access code, a challenge is sent on their physical token (which could be a mobile, pager, PDA, etc), and only when the challenge is fed into the system is access provided.
Such service providers also deploy proper firewalls and intrusion detection systems which can detect and restrict any unwanted advances to critical resources. Since firewalls change at break-neck speed, service providers are in a much better position than in-house IT teams to update their systems on a regular basis.
Reliability, availability and safety
The quality of infrastructure support is of paramount importance. Service providers today invest a lot in putting up an extremely good infrastructure with FM200-based fire suppression facilities, precision air-conditioning to maintain constant temperature, and power back-up systems to ensure that the client's critical applications and data are kept safe and available at all times.
“The thing to remember is that the provision of these services is the core business of IT outsourcing companies, so it’s vital for them to invest in an infrastructure which will promote safety, security, reliability and availability – usually to a far greater level than an internal IT department could justify,” explains Tanya Duncan. “It is therefore almost always the case that a system hosted in an outsourced datacentre will be better protected than one in the company’s headquarters.”
Improving service levels
“As we have already said, the core business of outsourced service providers is to keep their customers’ IT environments safe, secure and available at all times, so their infrastructure will be designed to promote these objectives,” says Tanya Duncan. “In-house IT departments tend not to have the budget to specialise to the same extent, and their focus is usually split between day-to-day infrastructure support and more exciting areas like systems development.
“In-house staff may not be particularly qualified – or even interested – in infrastructure support, whereas outsourced service providers employ CCNA- or MCSP-certified specialists. Outsourcing ensures that the run-of-the-mill administration and maintenance tasks will be taken care of by experts, and enables in-house teams to concentrate on adding value to their business.”
Working with an outsourced service provider can also provide access to services which are beyond the scope or budget of internal IT departments – particularly in terms of disaster recovery.
“Everyone can see the benefits of having a secondary datacentre at a different site, but not everyone can afford to set one up,” says Tanya Duncan. “Service providers will typically run a number of dispersed but interconnected data centres, so they can offer this service at a fraction of the huge capital and operating expenses that would be incurred in-house.”
Because outsourced service providers already own the infrastructure their customers need, and have the right people and strategies in place to meet almost any eventuality, it is often easier for them to scale IT provision up and down in response to their clients’ requirements than it is for in-house departments.
“When you outsource your IT infrastructure, you only need pay for what you use,” explains Tanya Duncan. “Since the partnership is governed by service level agreement, resource utilisation becomes someone else’s problem – so there’s no longer any need to worry about whether your servers are over- or under-provisioned.”
The future of moving out
The trend towards outsourcing data centres will grow substantially as IT infrastructure grows increasingly complex. Service providers realise that the extent and scope of companies’ hosting requirements is growing all the time, and are building capabilities not only to host servers, but also to provide multi-channel connectivity, incorporate multi-level security, and create environments that surpass their clients’ expectations.
“Outsourcing IT infrastructure is nearly always safer and more secure than the in-house option,” concludes Tanya Duncan. “It is also invariably cheaper and the service tends to be superior, due to the specialisation of the outsourced service providers’ staff, infrastructure and business model. Sooner or later, most businesses are going to have to think hard about finding a service provider they can trust and building a partnership that will help them keep service levels high while minimising costs.”
Cut costs with carrier independence
“There are hundreds of ways that moving your infrastructure to an outsourced service provider can provide cost benefits,” says Tanya Duncan,. “One good example is carrier independence. If you have your own data centre, you will need to contract to a connectivity supplier – which means you have to pay for the physical and exclusive cabling, and if the provider’s systems crash, you lose connectivity. Having two carrier providers for resilience purposes is usually too costly for most organisations.
“By contrast, outsourced service providers can offer hosting with multiple carriers, so you are no longer tied to a single supplier and single physical infrastructure. More importantly, if one carrier’s system goes down, you can automatically switch to another, which promotes resilience and ensures availability.
“Equally, choose an outsourced datacentre with a large number of different carriers – Interxion houses around 700, with between 50 and 100 in each data centre. This means that the carriers are competing for your business, and the cost savings can be significant – in some cases, enough to pay for the first year’s hosing costs.”