I agree it's not written in the clearest way, nor verifiable (though Stefano Marinelli does seem to be a semi-public figure in the online IT community, so it's not some anonymous blog).
>So we have just learned in paragraph 1 that the current system is dated and full of security holes and missing features. In paragraph 2 we have learned that the current system's infrastructure is "solid" and "working fine".
This confused me too, until I realized that he probably meant that his company set up the hardware infrastructure ("reputable IP classes, redundant datacenters"), but doesn't manage the software. Otherwise, why shred your own credibility from the first sentence by crapping on the "ancient," "insecure," and "ineffective" Exchange server?
>How can the price be both "reasonable" and "absurd?"
The price was reasonable given the average quotes received by similar entities and the prices on the market, but it was absurd when considering the service provided. Perhaps I didn't make that point clear, and I'll likely modify it slightly. The concept is that the price, which was initially acceptable to them, was in fact absurd when viewed in terms of what was being provided.
Side question: If you and your co-workers (across multiple government agencies) had strong suspicion that the vendor had a backdoor to spying on your emails why wasn't the obvious choice contacting federal law enforcement? I'm not sure what it is like in the EU, but in the US I'm pretty sure that if something like this was discovered at a government agency that vendor would quickly find their office raided by FBI agents.
I've modified this sentence, I hope it's clearer now:
They had already received a proposal - expensive but, when compared to similar offers made to other organizations, apparently reasonable — for a managed service hosted by an external provider and based on an open source mail stack. The company offered a managed version with its own proprietary additions and enterprise support.
The catch? While such pricing had become almost "normal" in the market, it was still wildly inflated considering what was actually being delivered. Agency A already had solid infrastructure - reputable IP classes, redundant datacenters, everything running smoothly. We had built and maintained that environment for years, and it was still performing perfectly.
>So we have just learned in paragraph 1 that the current system is dated and full of security holes and missing features. In paragraph 2 we have learned that the current system's infrastructure is "solid" and "working fine".
This confused me too, until I realized that he probably meant that his company set up the hardware infrastructure ("reputable IP classes, redundant datacenters"), but doesn't manage the software. Otherwise, why shred your own credibility from the first sentence by crapping on the "ancient," "insecure," and "ineffective" Exchange server?
>How can the price be both "reasonable" and "absurd?"
Agreed, this part makes no sense.