[dredmorbius]

Diversification is one option I'd considered. It's still difficult to achieve for numerous services, particularly location-based utilities (electrical, water, gas, sewerage, data/comms). For hosting services it's somewhat more tractable, though you're looking at multi-tenancy hosting with distinct providers. For a small organisation, that's going to be a challenge. (It's a challenge for many sizeable organisations.)

Self-hosting is of course another option, and for critical infrastructure probably a worthwhile consideration, though that leaves other risks (e.g., self-owned datacentre outage, personnel risks), and again is challenging for the overwhelming majority of businesses.

Even large business sectors often have very few independent systems / solutions / software providers. Banking, healthcare, and numerous other sectors often have only a small handful, and often a single core supplier of critical systems. Often affecting large organisations as well as small ones.

It's almost as if attacking the recourse rather than the diversification angle might be necessary.

[account42]

> It's still difficult to achieve for numerous services, particularly location-based utilities (electrical, water, gas, sewerage, data/comms).

That's why in the civilized world utilies cannot just cut off paying customers whenever they feel like it. Perhaps we should extend that to almost-mandatory online services but until prehistoric politicians get replaced by internet natives that is unlikely to happen (and even then people might be too used to the status quo), avoid depending on such services wherever you can.

> For hosting services it's somewhat more tractable, though you're looking at multi-tenancy hosting with distinct providers.

This feels like you are letting perfect be the enemy of good - first make sure that you can switch hosts if needed - reasonable downtime for rare unforseeable events is not the end of the world but if you have to rebuild from scratch because your Discord "server" was deleted and you don't have any other contact info of your users that's a different matter entirely.

For smaller businesses a single hosting provider is absolutely fine as long as all you depend on is basic hosting and not provider-specific APIs and services that are there to trap you. Do have offsite backups though, but you should have that even without fearing that the provider will fuck you over because accidents and less-forseeable disasters do happen.

[dredmorbius]

Unfortunately, not all services describable as utilities are in fact regulated as utilities. There are many who still consider water, gas, electricity, and sewerage as luxuries, let alone comms and data. Some in political office.

Otherwise, you're generally arguing in agreement with my fundamental point, or ignoring the fact that many individuals and/or businesses (and many businesses, as sole proprietorships, are individuals) lack the time, knowledge, and/or capabilities to sufficiently diversify their service provision relationships. Or, as I've mentioned several times already, many mid-sized and larger firms. Particularly as the underlying technological landscape is constantly shifting and* is operated by those who'd much prefer to create lock-in.

See Shapiro & Varian's 1999 classic Information Rules. Little has changed. <https://store.hbr.org/product/information-rules-a-strategic-...>

(Though Varian now works for one of the lock-in merchants: Google.)