Cloud Computing conjures up the vision of clinical white automated data centres spread right across the world, providing a redundant, self-healing, indestructible haven for your most critical data.
The recent Sidekick data loss in the US comfirms the reality that your data is merely out of sight in the Cloud, where it can be subject to all the mishaps and human frailties that can destroy information on your desktop machine. It might be a very big and very expensive hard disk (such as a Storage Area Network or SAN). But for all intents and purposes it’s really just a scaled up version of what you have sat on your desk right now.
Data centres hold and process huge volumes of data – the music, videos, emails and data of 1m Sidekick subscribers isn’t going to fit onto your average backup tape. Making a reliable copy of all of that data is likely to take many hours or even days. Would you be happy if I turned off your e-mail or web for a week just so I could make a really safe backup of your data? Probably not.
The SAN that was being upgraded may have been nearing its benchmark capacity level, so Microsoft might not have had the capacity to make a decent copy. SANs are usually so reliable that they are often considered as definitive as “the backup”. Many operators never backup their SAN, because it “never” goes wrong. At least one such company hit the headlines recently when an operator accidently deleted the wrong file, taking thousands of customers off-line. Another good reason to make a backup.
Just to reinforce the point, Cloud Computing really is just a scaled-up version of what you’ve got on your desk. When it goes wrong it does so big time. Despite all the assurances about redundancy, technology back-up and know-how, there is little to prevent the cleaner from turning off all the lights. The next spectacular Cloud data failure is only just around the corner.
Having experienced my own share of data losses, unplanned outages, human errors, and just good old fashioned business failures, it’s good to be reminded that the Cloud is no different to any other supplier relationship. Here are a few reminders of how you should approach the technology.
Where are your Cloud-based assets now?
Some readers might think that these sorts of incidents confirm their suspicions about Cloud Computing, but the reality is that almost all of touch the Cloud in our day-to-day lives.
Managing the information security risks that stem from these dispersed IT relationships involves identifying what’s critical to your business, and where that critical information is actually sitting right now. If it’s up in the Cloud somewhere, or you’re thinking of moving it into the Cloud you will need to carry out some due diligence.