Sidekick data loss: In cloud we trust?by
Following last week's data loss at Sidekick, Stewart Twynham takes a hard look at the realities of the Cloud and raises the questions you need to ask suppliers.
T-mobile in the US has halted sales of its Sidekick phone after one of the largest data losses in Cloud Computing history. The bad news was given an added twist when it emerged that Microsoft was in charge of the infrastructure at the time.
The Sidekick ‘cell phone’ was sold to over 1m users in the US as an alternative to Apple’s iPhone. Unlike the iPhone, its data is backed up exclusively over the air to a Cloud service run by a Microsoft subsidiary aptly named Danger. With no local backup on their local computers, users could be left high and dry without their data if the cloud system ever failed. And fail it did.
Most Cloud users have experienced some downtime in the recent past, but the complete loss of data is a rare but worrying trend.
Cloud Computing conjures up the vision of clinical white automated data centres spread right across the world, providing a redundant, self-healing, indestructible haven for your most critical data. The reality, of course, is that your data is merely out of sight. Instead of sitting on a hard disk next to you, it’s almost certainly just sat on a hard disk somewhere else. It might be a very big and very expensive hard disk (such as a Storage Area Network or SAN). But for all intents and purposes it’s really just a scaled up version of what you have sat on your desk right now.
Rumours are now circulating that Microsoft neglected to take a backup before carrying out a major upgrade to the infrastructure at Danger. The upgrade went wrong, and all of the data may have been lost, although there is always a possibility that they might be able to recover something in the future.
Just like when an upgrade goes wrong on your own PC, really – except that it’s only your data that you lose, not the data of 999,999 other people as in Microsoft’s case. And while it might sound crazy or careless that Microsoft didn’t take a backup, it’s not entirely unheard of in data-centre circles.
Data centres hold and process huge volumes of data – the music, videos, emails and data of 1m Sidekick subscribers isn’t going to fit onto your average backup tape. Making a reliable copy of all of that data is likely to take many hours or even days. Would you be happy if I turned off your e-mail or web for a week just so I could make a really safe backup of your data? Probably not.
The SAN that was being upgraded may have been nearing its benchmark capacity level, so Microsoft might not have had the capacity to make a decent copy. SANs are usually so reliable that they are often considered as definitive as “the backup”. Many operators never backup their SAN, because it “never” goes wrong. At least one such company hit the headlines recently when an operator accidently deleted the wrong file, taking thousands of customers off-line. Another good reason to make a backup.
Just to reinforce the point, Cloud Computing really is just a scaled-up version of what you’ve got on your desk. When it goes wrong it does so big time. Despite all the assurances about redundancy, technology back-up and know-how, there is little to prevent the cleaner from turning off all the lights. The next spectacular Cloud data failure is only just around the corner.
Having experienced my own share of data losses, unplanned outages, human errors, and just good old fashioned business failures, it’s good to be reminded that the Cloud is no different to any other supplier relationship. Here are a few reminders of how you should approach the technology.
Where are your Cloud-based assets now?
Some readers might think that these sorts of incidents confirm their suspicions about Cloud Computing, but the reality is that almost all of touch the Cloud in our day-to-day lives.
If you have a website, or a domain name or use a hosted e-mail such as Hotmail, if you use an online contacts or accounts package, or simply rely on Twitter or LinkedIn to generate your business the Cloud is never very far away.
Managing the information security risks that stem from these dispersed IT relationships involves identifying what’s critical to your business, and where that critical information is actually sitting right now. If it’s up in the Cloud somewhere, or you’re thinking of moving it into the Cloud you will need to carry out some due diligence.
Look closely at your suppliers
What better time than now to make sure you know exactly how your data is being safeguarded? The principles are just the same as any normal supplier. You might start by looking at your Service Level Agreement (SLA), or the small print in your contract – but look beyond the superlatives of the marketing bumf on a website, as these promises and claims have little legal standing. The provider might meet some kind of quality standard – ISO27001 is a good one – which should give you some confidence that they don’t what they’re doing.
If you’re looking to choose or change supplier, don’t be tempted to jump on the bandwagon just because supplier X or Y is growing really fast. The top common denominator behind recent high-profile Cloud outages and data losses has been down to fast-growing businesses tripping over their own feet. Every business can suffer growing pains. When they start happening in a data centre, the impact can be acute. Overloaded servers, insufficient bandwidth, storage, security, power, cooling or man-hours caused by sudden bursts of demand for a Cloud-based service can stretch customer loyalty beyond its elastic limit.
While you’re at it, find out who is really hosting your data. Few businesses can afford their own data centre – nor should they. Find out who your supplier uses and find out some more about them. Where are they based? How do they operate, and are they hitting the headlines for all the wrong reasons? I’ve made a point of personally visiting every data centre I use.
All of your eggs...
When I ask customers if they ever back up data held in the Cloud, they usually tell me that the Cloud is their backup. I then ask what would happen if a disgruntled employee deleted all of their data, or simply phoned up and cancelled the contract. How would they recover their data then?
In the real world, Cloud suppliers may well back up their systems to safeguard their own infrastructure and customer data as a whole. Often, these same suppliers cannot (or cannot within a reasonable cost or timeframe) recover the data attributable to just one business or individual. In other words, if they mess up, you’re safe – if you mess up, you’ve had it.
It is important to make that distinction, and where necessary include regular backups from the Cloud provider as part of you business recovery process. If data is that important to you, you’ll look after it.
Can we really trust the Cloud?
Cloud Computer has become the catch-all for anything being done or stored remotely via the web. So turning away from the Cloud because of an occasional piece of bad news would be like chucking out the television completely because you don’t like a particular programme.
What we’re really asking is can we trust other people to look after our business critical-data? For me, the short answer will always be yes. In most cases the processes, practices, equipment and people in a data centre are going to be far more extensive that those of a typical small business.
The slightly longer answer is that Cloud Computing involves a level of trust. Given that you are handing over some of your business’s most important assets, that trust must be appropriately earned.
About the author
Stewart Twynham has 18 years’ experience developing internet technologies and has been working with virtualisation and the cloud for more than five years, with particular focus on Amazon, Google and the recent start-up Go Grid. As a contributor to AccountingWEB.co.uk, Stewart has written extensively about IT and information security. For more detailed background, see the following items: