The City of Los Angeles is in the process of outsourcing its e-mail system to a private company (Google). The data behind the e-mail no longer will be housed in a government office building. Instead, it will be housed in privately managed data centers all over the country.
That sounds risky. And, in fact, it is risky. Los Angeles is one of the first (if not the first) city to pursue this sort of plan. So, lots of people understandably questioned whether Los Angeles was pursuing an unnecessarily dangerous course of action. Kevin Crawford, Los Angeles' assistant general manager (essentially an assistant city manager), described the sentiment: "I can't go down and hug my server anymore and therefore it's not secure."
Crawford described some of rewards of switching the e-mail system. He argued that outsourcing the system would save money by reducing the city staff administering the data center. He pointed to a public records request that, under the old system, took (if my memory is accurate) 142 hours of staff time. With the new system, it would have taken 10 minutes.
Crawford, though, also made another case: That the biggest risk would have been doing nothing at all. Los Angeles' data center is in a single government building that isn't earthquake proof. One disaster in one place and the city's e-mails could have been gone. The new data centers will have better security staffing too.
So, Crawford's argument was, in effect, that familiar risks are still risks -- and that being able to hug your servers is overrated.
