Slashdot Mirror
When ASPs Go Under
lar3ry writes: "eWeek has a lead story about companies that have been catching the ASP bandwagon, and now are finding themselves high and dryas ASPs are going out of business. I may be old, but I remember when I was writing applications being used by other companies, that the contracts had agreements that provided for the source code to be held in escrow in case the company that I was working for went out of business. Does this mean that common sense is no longer a virtue in the Internet age? Just whispering a few hot terms like "ASP" makes the CIO of a company blind to any financial exposure that an application has to another company's future? Geez!" This is one thing that scares me about various companies' plans to take care of your data and apps. And unlike "Perpetual Care" at ye olde cemetery, you're still around to feel if the perpetual care stops.
I work on a helpdesk and our mission critical app for logging calls is hosted on a Citrix server, located in a different city, but the same company. Even that is bad enough, we have to deal with a braindead helpdesk, and once the server went down for a day and a half, and they couldn't have cared less. I would NEVER EVER EVER trust my mission critical applications to someone that I couldnt physically walk over to and slap (or fire) when the server went down. (Unfortunatley, it's not my choice)
I'm amused by all the comments saying ASPs and outsourcing are Bad. Spoken like true corporate tunnel-vision IT. I'm a business manager. I hate dealing with corporate IT. They have no motivation to serve my unit's business needs, and I have no leverage over them. If I go to an outsourcer or ASP, I may get equally bad service, but at least I have an enforceable contract and I control whether or not their bill gets paid. I agree that you've got to pick your vendors, but I don't buy the argument that some things are "too important" or "too sensitive" to outsource. Hell, I outsource my payroll, like most businesses do -- you wanna tell me what's more important and sensitive than that? Why shouldn't I go to an outsourcer, who are specialists at what they do, rather than rely on some generalist corporate IT guy who's been to some class and now thinks he's the equal in knowledge to a specialist vendor?
When the company that I work for installed SAP, the licenses alone cost over $2.2 million! Not developing the software is not an option. It took the people from SAP three weeks to dig out all of the dialog boxes that were still in German, for chrissakes! While, admittedly, all of that sort of initial setup would have been done by the ASP provider, how can you possibly expect to see any value off of that kind of investment if you don't customize the software? Bar any wily new competitor-killing business idea that doesn't fit within SAP's 'best practices' methodology (i.e., fit you business to the software)? In that case, it pays more not to have paid for the thing in the first place. It's even worse if you've just been renting the services provided for a few grand a month, as there's no real gut feeling for the impending doom, if this kind of crash does occur. Hmm, let's see, we could shell out six or seven digits to buy the licenses ourselves, add a few relatively high-demand app developers with experience in our market segment, and begin to support a server farm, or we could choose a different version of the provider that put us into this mess and hope that they can transition our complex data schema and app front-ends into whatever they use lickety-split. Like those choices! Love 'em!
Any escrow solution simply enables you to survive long enough to choose between a number of really crappy alternatives, unless your company is Jack and Jill and their ten employees proudly serving the Greater Chicagoland area. In that niche ASPs are, quite possibly, the least of all evils. For the rest of us, the ASP model is not ready for prime-time. It may be eventually, but a LOT has to happen first. Simple insurance doesn't cover it, either. A Lloyd's of London policy may cover your taxes during the problem time-period, but you can bet your ass they're not going to go out and shill for lost customers.
We did this a *long* time ago with a mainframe package -- source code in escrow, with us paying the escrow account fees. The company went bankrupt and died; we petitioned the court for the source, as called for in our contract.
Not allowed. The court rulled that the source code was the *only* asset the company had, and, contract or not, couldn't be delivered to us.
So we ordered the contents of the lock-box destroyed (seemed to have been the *only* copy of the source code -- it had been trade secret and the authors left the company after getting peeved at the legal types that forced a takeover) and filed for a full refund of the contract payments because of breach of contract.
We got about 15 cents on the dollar.
That'll do, but even less dramatic: how about outsourcing your mail, then expecting your users to push and pull 50MB attachments over a T1 that is already at 100%?
It's much more fun to blame somebody for something that was 100% in their control, rather than wait for some freak accident to expose bad planning... And fucked if my options were ever worth anything near enough to make any concern on my part greater than my mordant curiosity in watching this incompetence spiral spin hilariously down...
In the immortal words of Bob Terwilliger:
"BWAHAHAHAHAHAHAHAHAHAHAHA!"
Your Working Boy,
- Otis (GAIM: OtisWild)
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Escrow would only be helpful if these companies were offering proprietary products - some of them may be, but many are not. They are offering access to applications which the out-sourcing company could either not afford to pay full whack for as they're only using it from time to time (maybe a major accounting package) or applications which the companies don't want to spend the time and money learning how to administer. These two cases are about access to available applications in a new way, not about access to new applications.
/. yesterday, maybe this is a good model for OSS applications - you don't need to train too many people to support the software, you just need them available from a central point.
Microsoft, don't forget, is going with a licensing model that is likely to help the ASP model - you license for use, but that doesn't mean that you hold the software yourself - why not get someone else to look after it for you?
My general feeling is that there is a lot to be said for an ASP-like model. If I have 20 people out of 2000 using a complicated ERP package, for instance, why should I have 2 or 3 of my IT support staff learning all about it so that they can support it all the hours of the day? It may be mission critical, but if I can find someone else to provide access to it, and not have to worry about training for support, then that's got to be a good thing. The problem seems to be that either the market isn't ready, or the model isn't mature enough. Maybe the applications don't suit the deployment model.
What's more, given the discussion about tech support on
ASP, then, isn't by definition a Bad Thing[tm] - but it may not yet be a Ready Thing for everybody. We seem ready to accept managed hosting - before we sentence the ASP model, let's think around it in more detail.
An ASP is, essentially, trusting someone else with something you don't trust yourself with. In many cases it is a wise decision, e.g. should Mom & Pop's neighborhood small business try to run their own accounting system or let IBM do it? However, it is of vital importance to remember that you are trusting your mission critical apps to someone else - and these are the sorts of things that a business would not be prudent to rely on a contract to protect.
So, in short, don't sign up with an ASP you don't trust. (When I say "trust" what I mean is you trust that they 1. don't go out of business 2. don't screw up 3. don't attempt to screw you over, etc... no small amount of trust.) Which pretty much means don't mess around with VC fueled startups. I suppose it would also be a good idea to have an escape plan (e.g. some way to export your data into a competitor's system) but by no means does it alleviate rule #1.
I'm very well aware of the kind of software we're talking about here, and I know that, given that you're committing to an ASP, it's better to have that backup. What I'm saying is that such a scheme does not come close to alleviating the substantial risk associated with commiting to an ASP, and that point still stands.
They don't necessarily have to develop the software, but they do need to serve it- remember, the company's infrastructure is set up for a remotely served application, and so in order to avoid a lot of transition hassle, they would need to set up a server of their own which mirrors the functionality of the ASP's server. While I've never done anything like that, I get the distinct impression that it's non-trivial.
"Never let your sense of morals prevent you from doing what is right" -Salvor Hardin
The poster mentions an escrow scheme and licensing so that the customers can, presumably, take over the software they are licensing if the provider bails. However, this is not an adequate solution.
The whole premise of application services is that it is not economical for the customers to purchase, install, and support their business software, and must rely on an outside service provider to do those things for them. Is a company which considers it uneconomical to even perform these normal IT-type tasks going to be willing to take over the development and provision (even if only internal) of the service in question? Not bloody likely. Even if a company is forced to take on such a burden by sheer business necessity, it will involve a huge amount of disruption to the normal activities of the business.
Such a contractual solution is no solution at all. Companies which use application-services vendors to provide software essential to their core business must understand that they are in effect betting their company on the hope that the ASP will not go under- a rather foolish bet in this industry, unless the payoffs are truly enormous.
"Never let your sense of morals prevent you from doing what is right" -Salvor Hardin
I don't want to screw up your perfectly good joke, but I believe that this article is speaking of ASP as Application Service Provider, rather than Microsofts Active Server Pages.
Unless of course I am wrong, in which case I am very interested to know how the people that jumped on the JSP and PHP bandwagon are doing, respectively. =)
Alex
Wealth is the product of man's capacity to think. -Ayn Rand
gets() is unsafe; use fgets()
--
Ben "You have your mind on computers, it seems."
First of all if the company signs a contract saying I get their code under particular circumstances a backruptcy court has little to say to it. Why? I get the code BEFORE the company's assets are sold off because my contract takes effect at such time. To keep such code safe you stick it in escrow someplace (or multiple places, especially if its worth 250k to you).
I'm a loner Dottie, a Rebel.
tres OT:
Does that stand for "Jesus, My Honest Opinion", or "Just Makes Him Ornery" or "Ju Might Hate One"? I had to read it a couple times to be sure that it wasn't "IMHO" plus a weird flyspec on my monitor :)
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
Hell, the phone company in Indy can't keep voice over a single pair running, for that matter.
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Indy: "Snakes. Why did it have to be snakes?"
Sallah: "ASPs. Very dangerous. You go first."
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Application Service Providers. Remote hosting of mission-critical applications. They're dropping like flies
Timothy get's an F in grammar today.
And so does the Grammar Nazi.
-jon
Remember Amalek.
But isn't an ASP just like any service provider? If you don't plan ahead and read where trends are going, you are doomed. Trying to stay based on one technology alone is probably what did these poor fellows in. That, and not consolidating or striking big as things slowly moved up from mom and pop shops to corporations.
But that's just my opinion. I could be wrong.
JoeLinux
"Does this mean that common sense is no longer a virtue in the Internet age?"
ummm... lessee, Amazon trading over $140 despite 5 negative earnings reports. Ebay over $190 (well, they were at least making some money). And Cisco as well.
When was common sense ever a virtue in the Internet age?
ASP is an anagram of SAP, or PAS or SPA, or APS, or PSA. Although, more correctly, an anagram should make another word or phrase.
Or perhaps you meant acronym, or initialism, which it isn't, unless you actually pronounce it as a word (c.f. RADAR)
So it seems all we really have here are just the initials of Application Service Provider.
MrCreosote Meow!Thump!Meow!Thump!Meow!Thump! "You're right! There isn't enough room to swing a cat in here!"
And doubtfully much more.
.NET is a whole different critter.
Isn't Ebay, essentially, using an ASP business model? I also consider electronic record
translation services to fall under the ASP
model.
Microsoft
If your connection to the service goes down,
you go down. Not many companies today can
take that kind of risk.
Whenever I have a problem with my asp scripts not working, I just have to reboot my Windows 2000 server.
Rather fundemental to business is avoiding relying on suppliers who may go out of business unless you know there is a second source for what is being supplied.
When Joe's Flange Factory goes out of business, is there usually a row about those who used model GD47-j and are now left in the lurch? Why should it be any commoner with ASPs?
There is another aspect to this too. As one can see from the article, the larger the ASP provider the better, since that gives some security that they will be there next year too. Even better would be an ASP provider backed up by a large company. That means, in the ASP market only a few big Providers will handle most of the market.
Also those Providers handle the most valuable thing of their customers, their information. With many customers businesses relying on an ASPs service the ASP must thus not only provide the application, but also security.
They must secure the data against unauthorized access, thus they needs well administrated firewalls, security personel (what good is a firewall if someone can sneak in at night and steal the harddisk?) and trustworthy employees. They must cover for breakdown of equipment, that means redundancies and backups, to keep dataloss and downtimes at a minimum. They need some financial backing to ensure he's not out of business if something unforeseen happens. They also need special contracts for the software they're using and providing, so they're not subject to a sudden change of license terms which void their business model. They need some lawyers too, since the legal trouble of one of their customers might affect them too.
In many aspects an ASP can be compared with a bank, the main difference being, that one handles information while the other handles money (which is just a special kind of information also). So it doesn't do to put up some computing equipment and a helpdesk, security and reliability is necessary too. Especially when one considers, how many customers businesses rely on that ASPs service.
But an ASP provider whith that sort of reliability and security probably can't compete with the cheap "ten servers and a helpdesk" approach. Well the customer decides, if a company risks to go down (or at least have significant expenses) when their ASP goes broke to avoid paying their own IT folks they'd better check that ASP has adequate security and reliability.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
Someone you trust is one of us.
Not once in the ZDNet article, or in the /. article, does anyone mention what "ASP" stands for... is it "Application Service Provider"?
"Freedom means freedom for everybody" -- Dick Cheney
Just whispering a few hot terms like "ASP" makes the CIO of a company blind to any financial exposure that an application has to another company's future? Geez!"
I got up close and whiserped "A-S-P" in the CIO ear and he didn't exactly go blind like this author would have you think. In fact he just looked at me like I was a freak or something... proving that his eye sight is in fact fine.
Slashdot should check there fact before posting this junk.
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
In other words, in case the ASP goes under (but nooo, that NEVER happens!), you get their source code which you then have to be able to compile (if necessary, and it probably will be), host and run in order to keep using your existing data; alternatively, you have to run it long enough to convert your data to a format you can use with X application, whether another ASP or something local to your LAN. Now tell me again where the savings are? The security?
*** ***
Outsourcers do not have the focus your IT groups would have in supporting your business - you can specify 'attitude' and 'focus' as part of your SLAs. They simply have very different goals from your business - they just want to satsify their contractual terms... not go the extra mile to make things truly good.
Why would slap or fire someone because the server went down? There is no 100% bulletproof server or OS. NASA's computers go down, so just about anyone else's can too. It's how the tech person deals with things once the server has gone down that's important. (like getting it back online quickly!)
Now that they're run by beancounters and suits from Marketing, it's probably not surprising that they make elementary mistakes like backing ASP...
///Peter
Well now...
If I was saving big bucks by using an ASP to host MS Office, and maybe Internet Explorer, I'm not spending that cash on buying M$ licenses, am I? I'm not spending that cash buying PCs, either, since I'm buying thin terminals for my DP folks, and others that only need these apps. I'm not paying desktop support people to maintain 2-3 year old P-II-300s with 64MB RAM, or paying to upgrade them etc. etc.
This means I can spend *some* of the extra cash on redundant links to the internet, no? In fact, I could even spend that cash on dedicated frame-relay to the ASP site, with a backup T1 to the 'net through different trunks, couldn't I?
Also, if I'm outsourcing Explorer, the bandwidth that I'm using for web isn't going through my T1, I'm only getting the screenscrape, which is lower bandwidth than the page, *and*, if I'm outsourcing Exchange, I'm *not* getting 50MB attachments (who does this? why bother?) through my T1, they're landing at the ASP, and staying there.
Oh, and my ASP is colo'd at a facility with redundant everything, and I don't need to buy an amazingly large UPS, generator, etc. etc for my data. Sounds good to me.
-JPJ
Feh.
I mentioned in a previous post to another story several days ago about a conversation I had with the business director of a nearby prep school and how he believed ASPs were a good thing. What I don't get is how anyone would willingly tie themselves down to someone else's service on the assumption that the network connection and the service would always be there...
All I'll say is this: I once had someone make me an offer to do some integration work for his ASP. I turned him down because he wanted to pay me in equity as opposed to cash and I didn't really think his business model was workable.
/Brian
We recently spent about $250K for an enterprise-level job costing/asset management, etc., etc., system. At my insistence, we had written into the RFP that a) if the company goes out of business they hand over the source gratis, and b) if the company is sold, we have the option of purchasing the code for a pre-agreed upon price.
As I told my boss, we invested a lot of money in this system. If one of their competitors should buy them out with the idea of discontinuing the product so that we would be forced to purchase (and implement) another system of this sort, or we aren't getting the quality of support we require, we need to protect ourselves.
Why the fuck did this get modded down? The grammar nazi goes through a lot of effort to improve the quality of /. and this is the thanks he gets?
--
--
Ikaruga scoreboard (supports netranking)
I had no idea what ASPs was an anagram for thanks.... my brain doesn't hurt so much anymore.... -james
Let's become partners with someone who has a business model that doesn't work!
The Blaster Master Fighting for Truth, Justice, and Evil Pie since 1979
You seem to misunderstand the point of my friend, grammar nazi.
Bringing irony to the Slash-masses
We never took any external investment, have always operated cash flow positive (by reducing our salaries, at times) and don't anticipate shutting down. Sure, whatever -- the truth is that alone shouldn't be enough for a customer to entrust a bunch of business critical-information to an outsourced service. Our clients can always (and do frequently) download their entire database and file collections -- that, along with our backups is apparently enough for them. We do run our entire business out of it, as well.
That said, it seems like there should be a fairly standardized legal/risk instrument that can guarantee the integrity of information like this. For instance, businesses:
a) put lots of their money in the bank
b) outsource such critical processes as payroll
c) lease critical production facilities
d) etc.
The FDIC/FSLIC provides depositors some protection from bank failure, insurance, bonding, hedging instruments, etc. fill in the gaps.
So, is there, or shouldn't there be, a suitable product (insurance policy, etc.) for ASPs?
who's moderating the meta-moderators?
ROFL.
or...
Jerks Must Have Opinions
Java Means Helpful Options
Jealous Men Hate Opportunists
Joking Means Heaving Onions
Jane Makes Horny Overtures
...but in my case:
Just My Humble Opinion. -- Trevor
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
I have seen so many companies buy into the outsourcing myth. A few execs and PHB's look great for a while, as they count up the savings. But then, lo! and behold, there are some surprises. I have a large, long-term client that outsourced its entire IT organization to IBM. Now, this is no knock on the many good IBM engineers who were providing my client its services and support, many of whom were my friends; unlike many outsource deals, this one did keep good resources and practices in place. But after a couple of years, the company was still hurting, because there was nobody inside the headquarters building whose job it was to make an informed technical decision. All their strategic choices were delegated to a third party in the computer services biz, not in the user company's biz.
Any time a company outsources its mission-critical systems, knowledge, or decisions, it's taking a big chance.
JMHO -- Trevor
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
Er... Well, y'know. You can't make an omelette without um... destroying a forest. Or something.
My only political goal is to see to it that no political party achieves its goals.
What if the government starts hassling MS over .NET too much in the future. What if they decide it isn't worth the hassle and just decide to take it offline...
Best. Comment. Ever. Enjoy!
As far as getting companies to pay for what they order, also. We've had a hell of a time with collections lately, and I'm wishing I'd time-bombed some of the projects for these clients. I don't think we're going out of business any time soon, but our clients sure act like they're on the verge of liquidation.
You drank my drink, you drunk!
The ZDNet article mentions "application service providers" in the very first paragraph. It just isn't capitalize or bolded or anything.
> Timothy get's an F in grammar today.
/. free of grammatical errors. ;-)
I think you meant "gets an F...", not "get's an F...".
Just trying to keep
-Jason-
ASP is one of those really cool technologies that is scary if you really think about it. When you host an application off site, there are soooo many things that can go wrong. Say you're running word locally. The only thing that can stop you from using word is your computer not working. Now, say you're running word from an ASP who is located externally to your building. Even if your computer works, your hub, router, the line that connects you to the ASP (which may be managed by an completley apathetic phone company), the asp's hub, router, or server may have a problem which stops you from being able to run Word. Now imagine word is a mission critical application, hard decision which one is safer/cheaper? I don't think so. Once you get past the coolness of ASP, it doesnt look so great.
The (Hopefully) Great Slashdot Blackout Apr 21-27
Back in 1982 -83 I work for Merril Lynch, the department was Systems and Proceedures. We had a safe with all the software contracts, and every contract had the provisions simular to escrow. These guys were all paranoid, but felt that if the software vendor went our of business, they had a chance to get the source code.
There was also another safe ( about as big as table) that had source code on tape. They misplaced the combination of that safe more than once. I finally taped the combination on to it. It was not used for security but for fire protection.
ONEPOINT
if you see me, smile and say hello.
If you take your company and put a mission critical piece of software in the hands of someone else you had better have a contingency plan in place for a backup in case it doesn't work. Outsourcing is good and definitely has it's place, but competent decisions should also be made about whether it is right for the situation and then if it is what to do if it fails.
Maybe I'm nuts, but stuff like this whole .NET thing, and all of the other "let us host your apps and data, it's better" companies make me really nervous. I guess I'm just a control freak, but with the current state of tech support (hold please) I just don't feel comfortable that these folks can do what they say they can. Hell, the phone company can't even keep something as simple as my DSL running right, what incentive do I have to believe that remote apps will be any more reliable.
Where's my lobbyist? Right here.
...you'd better be ready when it's gets get off behind you..... If the companies are that stupid, they DESERVE what they get.
TODO: Something witty here...
The overall economy, one might call it the, "behind the scenes," economy at this point, is fine. The recent economic indicator report showed that the GDP went up nicely (I believe it was 2.2%) as well as all the other measurements of how the economy is doing, except for one. The stock market. Which dropped like a rock but now seems to have (at least temporarily) stabilized. Over the past couple of years a bunch of companies were overfunded that had bad business plans or just had too many compeitors. The recent report has shown that the economy will be fine; with all the badly thought out startups calling it quits though, the stock market may make it seem like we're crashing. Don't worry about it too much unless your lively hood is on the line, consumer confidence is too important in our economy to panic because the bloated Nasdaq is culling the weak from the herd.
"A witty saying proves nothing." - Voltaire
Some people seem to be confusing an ASP with ASP. The ASP in the article refers to Application Service Providers, not Active Server Pages. Therefore, this article has NOTHING to do with php, as some have said. Just giving a heads up to those who misunderstood.
Anyway, we took them to court, and won. We managed to get our data back in very short order, and as a bonus, our lawyer managed to wrangle their application code into the deal. I think he had to pull a fast one on the judge for that, but, hey, they had us by the balls.
Our site was down for a little while, and I'm sure we lost customers, but we didn't have many at that point anyway, so it wasn't as bad as it could have been.
Being Liberal should be a Crime!
ACtually what i find incredibly funny about this is... ABout 6 months ago i went to a computer book store asking for a beginners guide to PHP. The ownder of the store was actually bagigng onPHPH hardcore, and was pushing ASP on me.. So I pretty much told him I would take my buisness elsewhere, because the freakw ouldn't show me where to get the book I wanted... I'm glad i left that day.. :)