Remember, value includes long-term relationships and total cost (over the long run). Total cost includes the vendor being in business - at least for the duration of your agreement. It also includes things related to 'security'. Does it matter if every other customer can traverse your directory structure? If so, is there a 'cost' associated with that?
What is the value of not being vulnerable to code-red or other issues? Answers may or may not pertain. Value differes. The main issue is to know what you are getting and place value on what is important to you. If you don't mind your site being vulnerable, then it doesn't matter if
they run W2K without patching. If you do, it does. Perhaps there is 'value' in ensuring that your hosting company does patch their Windows boxes regularly or uses a different OS.
So, I have compiled a list of questions I ask my hosting providers.
In no particular order:
1. Professional facility
- multiple backbones
2. Responsive customer service - what hours - methods?
- Level of expertise
- What topics
3. Easy to manage system - web interface for email, DNS, content
editing, trouble tickets?
4. Basic features:
- FTP access over ssh, can use scp, or similar
- multiple E-mail addresses
- forwarding to any address
- POP/web accounts
- statistics
- backup
- off-site archiving
5. Reliable service - "up-time" - SLA available?
6. Affordable pricing - what's included/not included.
7. Has policies that maintain security.
- Customers should not be able to see or access other customers
directories.
- Programs run as a user-specific login ID, not a generic ID
common to all clients.
- Maintaing latest patches - esp. security.
- Includes configurations to minimize risk - ie. MySQL run as
named pipes vs. TCP sockets - separate instance (not shared with other
clients).
8. Does not leave basic security up to the client (who probably
doesn't know how to deal with it).
9. Deals with patches before the client knows there's a potential hole.
10. Does not allow spam. If another client spams, the whole customer
base is vulnerable to blacklisting.
11. What platforms do they support - how many experts for each
(especially windows)
12. Include extras? like:
backend scripting (what and which versions)
available canned scripts
available scripting components
mailing lists
web-based email pickup/managemnt
available media types (flash, shockwave, wmv, etc)
streaming media servers (Real, Quicktime, Widnows Media)
built in ecommerce packages
Get references - call them - ask if they would mind if you picked out
some customers at random and called them.
Do you disagree with any of these? Have I forgotten some? Talk back to me.
2 comments:
Valuable post, Paul. I suspect a lot of business owners without your kind of technical knowledge would find the list daunting - I have to admit I do! What would be great - and I'm not suggesting you do it - is if there were a 'correct answers' crib the potential client had access to.
Des
Hi Des,
That would be valuable. Unfortunately, everyone has different values, making it impossible. There really are no 'right' and 'wrong' answers.
For example, I have a personal site I use it to post humorous things (www.pauldube.net). While I believe it is secure, it really doesn't matter if it is available or 'hacked'. Therefore, my evaluation of these questions is much different than for my business site.
What I might be able to do is develop a number of sets of answers based on some value assumptions. That might get us closer to your desire. :)
Post a Comment