Anthony Foy, Interxion group managing director talks to Data Centre Management about trends in data centre outsourcing

Despite the temptation of dramatically reducing their total cost of operations, many companies are still hesitant about making the move to outsourced IT resources and services. Some worry about security, fearing that sensitive data could fall into the hands of their competitors. Others are simply not comfortable with the idea of an external service provider taking responsibility for business-critical systems, and fear that outsourcing would mean losing control of their own infrastructure.

Anthony Foy, Group Managing Director of Interxion, can understand and sympathise with these concerns, but offers a different perspective on IT outsourcing.

“The key here is trust,” she explains. “An enterprise needs to trust its service providers the same way it trusts its accountants and its lawyers – or even its own employees. Choosing an outsourcing partner means trusting that the partner will be able to protect systems and information as securely as your in-house team could manage.”

He adds: “There are good reasons for thinking that today’s outsourced service providers can provide better security than most in-house facilities. Reputable data centres – for example, those certified or accredited under Sunstone, ISO or BS 7799 standards – have built processes to eliminate concerns about the security of networks, data and physical machines.”

Physical protection

Modern outsourced service providers take care of physical security by deploying biometrics, multi-point surveillance cameras, server cages and mantraps.

A biometric system scans the fingerprints of the person trying to enter the data centre, ensuring that only authorised personnel can access the resources. Meanwhile, multi-point surveillance cameras are positioned strategically and record all proceedings. The recordings are archived so that in case of any sabotage the tapes can be revisited.

Further, server racks are placed under lock and key. One key remains with the client and the other with the service provider, ensuring that the service provider's engineers can only physically access the servers in the presence of the client's representative.

Network security

Of course, securing the physical location of a company’s servers is only half the battle, network access can also be open to abuse, especially as mobile access becomes more important and the number of portable devices accessing a company’s resources increases.

Good service providers offer solutions, which allow clients to open their resources to mobile stakeholders while at the same time minimising the chance of abuse. One of the key solutions is double factor authentication – remote users enter their access code, a challenge is sent on their physical token (which could be a mobile, pager, PDA, etc), and only when the challenge is fed into the system is access provided.

Such service providers also deploy proper firewalls and intrusion detection systems, which can detect and restrict any unwanted advances to critical resources. Since firewalls change at break-neck speed, service providers are in a much better position than in-house IT teams to update their systems on a regular basis.

Reliability, availability and safety

The quality of infrastructure support is of paramount importance. Service providers today invest a lot in putting up an extremely good infrastructure with FM200-based fire suppression facilities, precision air-conditioning to maintain constant temperature, and power back-up systems to ensure that the client's critical applications and data are kept safe and available at all times.

“The thing to remember is that the provision of these services is the core business of IT outsourcing companies, so it’s vital for them to invest in an infrastructure which will promote safety, security, reliability and availability, usually to a far greater level than an internal IT department could justify,” explains Tanya Duncan. “It is therefore almost always the case that a system hosted in an outsourced data centre will be better protected than one in the company’s headquarters.”

Improving service levels

“As we have already said, the core business of outsourced service providers is to keep their customers’ IT environments safe, secure and available at all times, so their infrastructure will be designed to promote these objectives,” says Tanya Duncan.

“In-house IT departments tend not to have the budget to specialise to the same extent, and their focus is usually split between day-to-day infrastructure support and more exciting areas like systems development.

“In-house staff may not be particularly qualified, or even interested, in infrastructure support, whereas outsourced service providers employ CCNA- or MCSP-certified specialists. Outsourcing ensures that the run-of-the-mill administration and maintenance tasks will be taken care of by experts, and enables in-house teams to concentrate on adding value to their business.”

Working with an outsourced service provider can also provide access to services, which are beyond the scope or budget of internal IT departments – particularly in terms of disaster recovery.
“Everyone can see the benefits of having a secondary data centre at a different site, but not everyone can afford to set one up,” says Foy . “Service providers will typically run a number of dispersed but interconnected data centres, so they can offer this service at a fraction of the huge capital and operating expenses that would be incurred in-house.”

Increasing flexibility

Because outsourced service providers already own the infrastructure their customers need, and have the right people and strategies in place to meet almost any eventuality, it is often easier for them to scale IT provision up and down in response to their clients’ requirements than it is for in-house departments.
“When you outsource your IT infrastructure, you only need pay for what you use,” explains Foy. “Since the partnership is governed by service level agreement, resource utilization becomes someone else’s problem, so there’s no longer any need to worry about whether your servers are over- or under-provisioned.”

The future of moving out

The trend towards outsourcing data centres will grow substantially as IT infrastructure grows increasingly complex. Service providers realise that the extent and scope of companies’ hosting requirements is growing all the time, and are building capabilities not only to host servers, but also to provide multi-channel connectivity, incorporate multi-level security, and create environments that surpass their clients’ expectations.
“Outsourcing IT infrastructure is nearly always safer and more secure than the in-house option,” concludes Foy. “It is also invariably cheaper and the service tends to be superior, due to the specialisation of the outsourced service providers’ staff, infrastructure and business model. Sooner or later, most businesses are going to have to think hard about finding a service provider they can trust and building a partnership that will help them keep service levels high while minimising costs.”