16 May 2006

Critical Note on Hosted Services and Web 2.0

These days new Web 2.0 startups and services appear in large numbers - Ajax, Ruby and the like really started something new.

But let's sit back and reflect a little on potential drawbacks of such applications. Take Backpack or Google-Mail as examples: Do we really want them for our work?

Some arguments why we (oops - I personally!) might NOT want services like that:
  • Security: I'm consulting highly sensitive clients from a variety of industries. Usually I have to sign a Non Disclosure Agreement (NDA), which disallows most communication about the project-at-hand. NDA's force me to apply tight security measures to the documents, models and other information processed and produces during the project. Just in case I trusted the provider of any hosted service (which I do not...), are the carriers reliable? Is my ISP reliable? Those guys did obviously NOT sign my NDA - so I'm not allowed to divulge any client- or project related information to them. To be more precise: I have to actively take measures so they cannot access the project-information. No hosted service provides the kind of security I need for sensitive data like that. On some of my machines I even keep parts of my harddisk crypted :-)

  • Security, part 2: What, if the provider of my hosted service is located within the USA - and is beeing approached by the homeland-security guys? Nobody will care about my personal data, even the mere thought of keeping my data private will not cross the mind of my service providers' admin... Feel free to replace USA by any other country, rogue or not...

  • Reliability: Can I rely on the data beeing stored in some obscure datacenter? Or will some unhappy employee of some Web 2.0 startup begin manipulating data one day? Do you include MD5 hashes in your documents when you upload it to your favorite hosted service? I bet you don't... (I did never do it)

  • Availability: They all tell us about backups, redundant servers and the like. What if their business-model doesn't work out? Will there be backups even in the future, when I still need my data? Again, I trust my own backups (which I test regularly!).

  • Availability, part 2: I'm pretty fond of my Internet-service-provider - they have approx 99% uptime of my DSL connection. But on a few occasions the net simply wasn't available at times when I needed to work.
My conclusion: There simply is no free lunch. And Web 2.0 will definitely NOT, unlike 42, be the answer to all our problems...