This evening a minor controversy exploded in the Asterisk community as first Marcelo Rodriguez took Fonality to task over the security of its hosted model, and then Fonality CEO Chris Lyman responded via a guest posting on Garrett Smith’s blog.Â Ken Camp weighed in with a “Tut tut, children” post, while ringmasterÂ Andy Abramson waved his baton from the sidelines.Â
There are really just two issues here.Â First, can Fonality make their solution secure.Â Second, given that they are collecting information, how will they protect what they collect?
I don’t know the mechanism that Fonality uses to keep the link between servers and clients open.Â Earlier this week, in a conversation with Chris Lyman, IÂ asked ifÂ it was a VPN (as Marcelo asserted) and was told that it is another mechanism.Â Â I am going to posit that Fonality has the technical chops to make the link itself secure, and will vigilently monitor that technology to ensure it hasn’t been compromised.Â For a hosted services provider, that’s the cost of doing business.
This is a pretty clear indication of the commitment that Fonality is making to their customers.Â Could it be stronger?Â Sure, the policy could assert that customers own their own data, and that they have rights associated with that data.Â By and large, though, it’s clear that Fonality is committed to keeping private customer data private.Â Again, that’s the cost of doing business in a hosted model.Â
With all due respect to my friend Marcelo, the security issues he has raised are aÂ throwback to big enterprise IT.Â They are expressions of the ongoing struggle between hosted and premises based services.Â All hosted services have to deal with the issues raised by Marcelo (indeed, we at iotum deal with these regularly), while providing superior usability, upgradeability, and maintainability.Â Most premises based services don’t have all the benefits hostedÂ models offer, andÂ may be less cost effective,Â but deliver greater control of customer data.Â
It’s a tradeoff every customer is faced with.Â Personally, I am an unabashed fan of hosted models.