Should the Force(.com) be With You?

These days, it seems that everyone wants a piece of the Force. I’m not sure why. Maybe they think that they’ll be able to jump 20 feet high, survive a thousand meter fall, and move spaceships with their minds. Who Knows? All I know is that vendor after vendor in the e-Procurement space are following the lead of vendors such as Coupa, SupplierSoft, and CVM Solutions and (re)building their application on Force.com.

And I’m not sure it’s the right thing to do. First of all, as I’ve told you many times, the cloud is not a fluffy magic box. It’s just another delivery model, with it’s own advantages and disadvantages (and the biggest disadvantage being that you have zero control over performance).

Secondly, the convenience of having all of your applications and data in one place is just as convenient from a hacker’s point of view as it is from yours — especially if his primary line of employment is corporate espionage. One weakness in the security layer and BAM! … all of your data belongs to him. Plus, he doesn’t even have to social engineer an account from your users to social engineer legitimate platform access … if there’s a weakness in the data access protocols, any account from any customer will do.

Thirdly, what happens when the whole thing goes down, as it recently did for the Virginia Department of Motor Vehicles when “a breakdown in the data storage system” (Boston.com) caused them to go offline for days? If the black swan sinks his teeth into the Force, and takes down a primary data center, do you really think there’s enough spare capacity in the system for them to failover without interruption and data loss? And even if they do, will performance be tolerable?

I’m not saying that your vendor shouldn’t do it, or that you shouldn’t do it either, but that you should think about it. Remember, there are two sides to the force — and if you forget about the dark side, you won’t be prepared when it rises up against you.

Share This on Linked In