“There is perhaps no better example of a new Internet business
concept that deserves careful scrutiny than the Application Service
Provider (ASP) industry. As ASPs rapidly seek to redefine how you
procure and use application software, will the security of your
data get left behind?”
“The concept behind the ASP model is that rather than purchase
application software, servers, hire and train staff, a company may
instead “rent” the usage of applications from a company that runs
the data center and performs all the traditional IT functions
associated with these programs. The cost can range from a fixed
contractual fee to a sliding scale to a per transaction agreement.
The ASP model can be a compelling argument for many organizations:
the ASP fees may be significantly lower than the costs to run the
given applications in-house, the organization is one step removed
from all the day to day headaches of supporting software and can
instead focus on core business competencies.”
“Why would anyone choose to be on the leading edge of
outsourcing “line of business” applications to an ASP? If this
makes absolutely no sense to you, it is probably because you have
never had hands-on experience in implementing SAP or Peoplesoft
within your company. These applications can be extremely expensive
to implement, integrate and manage.”
“Successfully growing the ASP industry and enhancing the
security of corporate data is a matter of an activist management of
the ASP relationship on the part of the client. It is definitely
not a “sign the contract and forget about it” relationship. A
CIO needs to see the ASP as trustees of the corporate jewels, and
must develop high standards for information protection and have
clear methods of measurement for compliance.”