Two months ago we moved our last customer still running their own email server to Google applications. As we have seen with our other customers, there was a short stressful period as they adjusted, followed by great satisfaction as they moved from using Outlook to Gmail's web UI. It starts with one or two employees discovering the power of live collaboration on spreadsheets or simple document sharing. They become internal evangelists, and pretty soon the whole organization is realizing productivity gains.
In some cases it takes a year or more of gentle nudging to get an organization to make the switch. Customers in areas such as finance and healthcare take the longest. They are understandably nervous about the security of their data. The idea of their information being held in a nebulous, hard to visualize cloud is scary. The fact of the matter is that in every case we encounter, we are moving them away from set-ups that feel secure, because they are easy to understand, but are in fact for more vulnerable to security violations and data loss. It may be comforting to know that your email is on a box you can identify in your company's server room, but who has access to that room? Is it physically secure? Who is in charge of backups? Is he or she a highly trained specialist with a well documented geographically redundant and regularly tested backup system in place? Even if the answer is "yes" (which it never is) the followup question is, "Is this cost effective?" Of course not.
With services like Google Apps and Amazon's EC2 reaching maturity, it really doesn't make sense for most companies to host their own email, file servers, web servers or web applications. Google is a $120B company with everything to loose if they suffer even one serious security breach or lose critical business data. They know this, and they have taken extraordinary efforts to ensure this doesn't occur. Their systems and processes have passed a rigorous independent SAS 70 type 2 audit. Anyone who has visited one of Google's facilities knows they are fortresses with multiple levels of physical security and military-like protocols. There are no engineers hanging out with their girlfriends in the server room. There are no casual visitors leaning on the racks. Google's network and application security people are among the best in the world. If you think your email is more secure just because you know where your server is located, whether its in your own office's server room or Joe's Auto Parts and Mail Hosting, I assure you, you are wrong.
The reliability and risk factors of the large SaaS providers are becoming utility-like, akin to providers of electricity and phone services. Of course there are still hiccups, just as we have with any other utility (yes HECO, I'm looking at you), but not nearly as many as you are likely to encounter with a server tucked away in the corner of your office. Its easy to make the technical, financial and security arguments for using established SaaS vendors. I've been in many situations where a decision maker agrees with all the arguments but still can't bring himself to make the move. It takes time to get comfortable with the abstraction of software services from their physical origins. Our children will find this as amusing as we find survivalists that live in caves, generate their own electricity and poop in buckets. For now, we just need to do our best to educated the business community about the advantages of letting the professionals at Google, Amazon and Salesforce.com handle their critical data and application needs.
- Design • Build • Localize | Web • Desktop • Mobile