The defining moment

When a federal agency turns to an application service provider to outsource its email or enterprise resource planning applications, the ASP usually brings welcome relief from the burdensome operations and upkeep associated with those applications.

When a federal agency turns to an application service provider to outsource

its e-mail or enterprise resource planning applications, the ASP usually

brings welcome relief from the burdensome operations and upkeep associated

with those applications.

But it also means those mission- critical applications are moved out

of an agency's information technology shop to a private company's data center.

The service-level agreements that agencies negotiate with ASPs before migrating

those applications lay out the costs and deployment schedules for outsourced

services and are the agency's central window to the performance and security

of the enterprise applications.

Players in the growing ASP market own the hosting servers and often

the software licenses for myriad enterprise applications including messaging,

enterprise resource planning and customer relationship management software.

The service provider handles the customization, upgrades and maintenance

that the applications require, and the agency then "taps the apps" via the

Internet or a private network while paying either a flat subscription fee

or a per-user fee.

That sounds simple enough, but an ASP arrangement is not simple. Agencies

shopping for an ASP will find that there are several core components to

negotiate with the provider before outsourcing an application, including

hardware and application availability, service and service response times,

security, application customization, pricing and disaster recovery.

The success of the eventual deal depends on how well an agency does

its homework before the application goes up.

First Things First

Most negotiations begin with defining cost and availability, which provide

the underpinnings of service-level agreements.

Typically, enterprise applications cost about $800 per user per month,

said Jessica Goepfert, a senior ASP analyst at IDC, but they can cost as

little as $5 per user per month for low-end applications with no customization.

It takes about 90 days to roll out an enterprise application, she said.

One of the first issues most agencies will address when working with

an ASP is availability. Because the ASP industry is a relatively new player

in the IT market, most companies have molded their service-level agreements

on the types of guarantees Internet service providers offer, ensuring 99

percent server uptime or higher, depending on the application.

Still, 99 percent uptime could mean up to a week of application downtime.

Many ASPs offer a basic level of 99.5 percent or 99.7 percent, with the

option of building more redundancy into the offering for more money, typically

raising the price by 10 percent to 20 percent until reaching 99.9999 or

99.99999 percent, which requires full redundancy and costs substantially

more.

However, although many ASPs guarantee server uptime, some companies

have begun encompassing application performance in their availability guarantees.

For example, Qwest Cyber.Solutions offers 99 percent, 99.7 percent and 99.99

percent application availability as part of three levels of offerings (see

"Checking up on your ASP," Page 38).

The levels range from 7 hours and 20 minutes of downtime per month to

no more than 4 minutes and 22 seconds for selected platforms. The company

also includes service response times, CPU usage on the application server,

storage usage, disaster recovery services and customer satisfaction levels

in its service-level agreements, said Brad Clay, Qwest Cyber.Solutions director

of product development.

"Every single customer that we've talked to...has talked about, "Well,

what do I get if the center where this is stored blows up?' " he said. "We've

looked at recover points and recovery times and made [them] part of what

we deliver. If you can't deliver operationally, none of those nice bells

and whistles matter."

Customer Care

In addition to application availability and high performance, customers

want to ensure that the ASP responds to problems as if they were their own,

Clay said. Qwest has financial accountability tied to all aspects of its

service-level agreements, including guarantees on customer satisfaction.

The company regularly surveys its customers via a third party to gauge satisfaction.

If the overall score of each customer is not "satisfactory" or above, Qwest

will offer customers a credit on their monthly bills.

Infinium Software Inc., which offers a variety of enterprise applications

including enterprise resource planning modules and customer relationship

management software, also places a premium on keeping its customers happy,

said Dyanne Griffin, director of ASP marketing at Infinium. In addition

to offering the standard 24-hour-by-7-day customer help-desk services and

support, the company employs "customer care managers," who are dedicated

solely to supporting a small group of customers and handle any problems

the group may encounter.

"They can go to that one central person, and that person is compensated

on how happy that customer is," Griffin said.

In addition, Infinium says it can offer better customer service because

the company owns all the businesses involved in its ASP offering and therefore

has more control, Griffin said. Some ASPs may pass service calls to a partner

company. In that case, potential customers would need to inquire about secondary

service-level agreements between those companies because support response

times could be affected by those guarantees, she said.

Although ASPs typically include response time for support in service-

level agreements, they often do not guarantee a repair time, IDC's Goepfert

said. In addition, agencies should also negotiate response times for less

critical work requests, such as a customization or an upgrade to an application

after rollout, she said.

When an agency outsources applications, security and disaster recovery

are also top concerns. Infinium personnel need a passcode and identification

card to get into the company's data center building. In addition, employees

are required to enter a passcode, show an identification card and pass a

biometric scan to access the network operations center.

"Once you're in there, there's another glass wall...but there are only

three people who are allowed in that area," Griffin said. "You can't get

in. We like to call it Fort Knox. Even if you get into the building and

into the data center, the customer owns the data. They have control. They

set the policy for database access."

Infinium offers three connection options: private network, virtual private

network or dial-up access. If any of those connection methods fails, another

will automatically be available for access.

In addition, all equipment in the building has a hot spare, and three

diesel generators are in place to be used if outside power is unavailable.

In fact, the company stores 50,000 gallons of diesel fuel, enough to sustain

its customers' applications for a four-week-long power outage.

Customizing ASP Apps

Because the ASP model is built on a business model of offering the same

applications to multiple customers, the industry average for software customization

is 20 percent, with 80 percent of ASP offerings coming out of the box.

"The ASP model is built upon repeatability," said Jim McGlothlin, vice

president for the federal government at PeopleSoft Inc. "If you open up

an ASP and say, "I can host anything you want...and I can customize upon

demand,' you're not really an ASP."

PeopleSoft can typically customize up to 15 percent of an application

in areas where customers usually have vast differences in their operations.

For example, although credit card reconciliation within a financial module

can usually be standardized, the receiving systems can be customized depending

on an agency's mission.

"The process of receiving at a Navy depot is going to be very different

than a receiving process at a State Department installation overseas," McGlothlin

said.

For an enterprise application for a small agency, PeopleSoft typically

charges $10,000 to $15,000 per month, with subscription fees for larger

agencies ranging from $30,000 to $50,000 per month. Although many commercial

ASP customers may be satisfied with "renting" applications from an ASP,

the government market has refused this typical ASP model, he said. As a

result, PeopleSoft offers special clauses that stipulate that government

customers own the applications the ASPs are hosting.

"The federal government absolutely insists upon the right of ownership,"

he said. "They wanted the assurance that they would have the ability to

migrate and run it themselves or go elsewhere."

USA.net, which manages 15 million mailboxes, 60 terabytes of data and up to 30 million e-mail messages per day, offers the standard feature sets for outsourced messaging, including read/write features, address books and calendaring features. Additional customization is developed and introduced in response to customer demand. The company responds to requests for customization by partnering with third-party vendors for technology that can plug into USA.NET's unified message store, said Scott Chasin, chief visionary officer at the company.

USA.net offers three platforms, with its standard Web mail costing $3

to $6 per user per month, an enhanced package that costs $6 to $18 per user

per month and a Microsoft Corp. Exchange platform, which costs $25 per user

per month.

Although service-level agreements are a useful way to match customer

expectations and vendor assurances, they are by no means an insurance policy

against all the possible customer losses if the ASP's service goes down

even temporarily, according to Greg Blatnik, vice president of Zona Research

Inc.

"It's not a magic bullet," he said. "It's not the Holy Grail to you

having lax or ineffective internal procedures. It's first and foremost a

marketing document... that really limits the liability that an ASP is going

to incur. It's not going to compensate for the impact on a business for

some amount of downtime or some failure to respond."

Harreld is a freelance writer based in Cary, N.C.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.