ASP group offers guidelines for security

Hoping to make the ASP model a better bet for customers, the ASP Industry Consortium has announced major breakthroughs on security guidelines and dispute resolution.

          Hoping to make the application service provider (ASP) model a better bet for customers, the ASP Industry Consortium has announced major breakthroughs on security guidelines and dispute resolution.

          Vendors at the Comdex/Fall 2000 show this week hailed the news as a needed boost to their efforts to give customers confidence that their agreements are enforceable and that allowing an outside company to host mission-critical business applications will not expose clients to a pack of cybercriminals.

          "Every single sales call I've been on with a customer, I hear those issues," says Denise Grey, president of the ASP group for Verso Technologies in Atlanta.

          "I think it's important that ASPs realise we have to come up with some common practices. Don't go start marketing something that isn't real, because you will hurt the market for all of us."

          Grey says she expects more than 1000 companies to enter the ASP market during the next decade and that the industry will need to be scrupulous about how it conducts its business.

          "You have to give documented white papers on everything you do," she says.

          The industry consortium listed security as the chief concern of ASP end users and now has a best practices guide to network security, platform security and integration security.

          "We're more secure than the typical end-user's own network," says Jim Kirchner, president of, an ASP that runs applications for schools from kindergarten through grade 12. "The problem is in getting the end users to believe that."

          ASP executives agree that for the market to take shape, they will need to continually refine the security and service-level agreements they offer their customers.

          "To date, it's been a lot of people stabbing at it in different ways," Kirchner say.

          The ASP Industry Consortium also released an executive summary of its dispute resolution guidelines. The group anticipates short-term consolidation in the ASP market, along with disputes over data ownership, data transfer and software ownership.

          "As an industry, we are going to have to be nimble," says Karen Styres, vice president of marketing at Resonate.

          She notes that service-level agreements must be comprehensive rather than selective.

          "Customers don't want to hear it's a network issue or a server issue; the agreement has to incorporate the whole system. ... Of course, it gives people a lot more to complain about, and that's why it's important for the ASP industry to address these issues before they become problem areas," Styres says.

          She says it's still early for the industry to work from a set of common standards but that it's important for ASPs to understand what their competitors are doing to add surety to the business model. Grey stresses that the industry must be focused on customer service if the ASP model is to flourish.

          "These [consortium guidelines] are great starting points, and you're crazy if you don't follow them," she says.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments