When I have an application that goes down (and face it, it does happen) I want the person responsible for getting it back up and running to be within choking distance. And if he’s within choking distance the servers need to be as well, because otherwise he’s powerless to actually fix the problem, and I’m putting my business in the hands of someone paid minimum-wage (or only slightly better, night-time computer-operator wages) and his ability to go out and physically push a button (and god hope it’s the right one)
If you don’t hold your data, you don’t really own it. If you don’t hold your data it can go away at any point.
Several years ago I was renting space in a datacenter up in Springfield – for a little web-hosting business I was using, but also so i could run some equipment for testing and training. (the hosting almost paid for the space, so it wasn’t out of line)
Someone on the datacenter network had a PXE server running to install software. On the public network
Well the hosting company, which was incompetent to it’s core, didn’t put their users in separate vlans like would normally be done in shared environments.
They also did “cloud application” hosting on crappy 1cpu, 1PS supermicro servers that came with PXEBoot enabled.
They lost a half-dozen servers before they realized what was going on. I mean lost as in they PXE booted, wiped the drives, and started installing this custom application that was installed on another customers systems. (Thankfully I had my environment firewalled off from the datacenter network, I was pretty safe)
That was customer data that was just GONE. No backups, just missing servers. Servers that they were paid to keep safe and secure.
This is obviously a worst-case-scenario…but obviously it does happen.