But again, that's enterprise.

This started with the idea of a personal on-prem solution, which is probably not worth the cost to maintain for the company. I mean, how much is it worth to you to have an on-prem personal solution for a diary? Because that's the worry... people are afraid that their household budget or their database that tracks the content of various adult films or whatever is going to get exposed. That's mostly about embarrassment, not actual harm. That's not something worth hundreds of dollars a month to most people.

And really, if I want to write down my deep dark thoughts where no one will read them, I'll use paper.

Personal users want E2E encyrption, so it doesn't matter who is running the server. And most users do not have the skill to run their own server. The technically advanced can just use the enterprise version if they really care about personal on prem.

Maybe we should change the notion that it's difficult to deploy an on prem service.

Why can't it be as simple as containerizing it and presenting it exactly like your would install an app on your phone, with the same possibility to grant permissions? App store provides automatic OTA updates so you don't have to bother about security. And the app itself should not have internet connectivity, connectivity is provided through authenticated tunnel into the container so the app cannot phone home in the background, you can only connect into it using the tunnel with your own password.

Even if you have the skill, is it worth the time to do on-prem, considering, you know, a pen and paper?

(Full disclosure: I'm a total bullet journaling convert. Given a choice between giving up my bullet journal and giving up Google Calendar/Docs and Trello, I'd give up the online stuff in a heartbeat.)

> It's possibly something many of us should care more about, though.

Definitely, but I'd argue that even with containers etc., we don't yet have the capabilities to make what we know is right, as easy to operate as SaaS.

> Suppose your company handles a fair bit of confidential information, and some of that information ends up in Notion as part of your general project management workflow.

Many folks that post to HN seem to miss this even though they are probably very technically capable. Many IT people in small/medium organizations don't have the time to consider this. Sometimes relationships with big organizations force this reality and threats get addressed, but it's not the norm. Most IT managers are under pressure to cut costs, reduce staff, modify accounting (review vs capital budgets), coexist with shadow IT, etc. Cloud solutions seem fantastic to them, and they don't have the energy to fight with someone in marketing who introduces a rogue solution because they don't understand how the current Wiki works.

> a rogue solution because they don't understand how the current Wiki works.

That's usually a sign of an IT department not listening to the needs of their end users.

I think that's pretty common, so I don't disagree entirely. It can also be the case that you have increasing numbers of tech-savvy folks who feel that they can build their own tech solutions, but aren't actually equipped to build/select something that is equipped to serve the needs of their team or the organization.

This can result in the team being left holding the baby when certain individuals leave, data loss, security issues etc. In 15+ years of enterprise probably two-thirds of the time I've seen this issues and it has been predictable that it would work out this way, but IT didn't help themselves by pretending their solution was better. When IT tries to learn and adopts the tool, or incorporates the needs then things work out better. But, that's only a third of the time.