January 13, 2010

You get what you pay for

As you might know, since the news made its way to Slashdot, Moscow cameras streamed false pictures for a while.

Citing from the article:

According to the contract with StroyMontageService, the Moscow government only paid for working cameras. Dumalkina said the company unreasonably received around one million dollars for the northeastern district alone.

This is a very well-known problem: if you measure performance of a given service (and pay according to performance) the way you choose to actually perform the measurement changes the service itself. If you measure the number of calls which get out from the call center, people will do a lot of very short and possibly useless calls... and so on.

This is a very interesting point when applied to modern IT services. What are you going to measure? Availability of the application? Sure, a Cloud (citing an interesting, new topic) will give you more of that. But how are you measuring the tradeoff in security here?
Are you taking into account know-how your administrators are not building for themselves, when you outsource?

You get what you paid for: if you're just paying for your machines to be 100% available on a remote Cloud, that's exactly what you get. The more your infrastructure gets fuzzy - or "cloudy" - the less you know about it. The less you measure, the less you get (and hopefully pay, but that's not the point).

But hey - I can hear you think - weren't you an advocate of virtualization and cloud-based-stuff? Sure I am, but I really do think that we have to understand what we're doing. We have not built, yet, any meaningful measure of virtual-cloud-fuzzy efficiency: what we do have is some vendor-biased and -piloted accounting methodology, if we're lucky.

Think about what you're asking, what you're stating and what you're losing when you think about outsourcing. Maybe even virtualizing your hardware is outsourcing it in some way...