Another day, another data loss
Incidents with data loss at cloud service providers don't make any sort of general statement about cloud computing. But they do highlight some things for users to think about.
Downtime is bad enough. But it's a really bad day when you lose data.
We've seen much gnashing of teeth over Microsoft's loss and slow recovery of data stored on T-Mobile Sidekicks. In its latest update, Microsoft says: "We continue to make steady progress, and we hope to be able to begin restoring personal contacts for affected users this week, with the remainder of the content (photographs, notes, to-do-lists, marketplace data, and high scores) shortly thereafter.
But data loss problems are hardly unique to Microsoft.
Social-bookmarking service Magnolia suffered a complete and largely unrecoverable corruption of its database back in March. Cloud storage provider SwissDisk is the latest to suffer a hardware failure related to data storage.
The company writes: "To prevent any future outages SwissDisk management has signed a contractual service agreement with a $40B company. For the first time this will enable SwissDisk to provide our customers with a 99.95 percent service level agreement. SwissDisk users will enjoy the peace of mind that comes with access to a truly world class, internationally deployed, multi-million dollar, extremely resilient storage infrastructure and internet network."
One would have thought that such risk mitigation procedures would have been better implemented before an outage occurred rather than after. A saying about barn doors and horses comes to mind. But be that as it may, what do these sorts of failures say about cloud-based storage in general? Certainly these sorts of problems are among the poster children that get trotted out when people want to take swipes at cloud storage.
I don't buy claims that these incidents make any sort of statement about cloud storage in the general case. They do however suggest some things to think about when we're considering storing data with third parties.
Reliability requirements both in terms of data access and, ultimately, how willing you are to tolerate loss even as a rare event. It's tempting to glibly state that "nothing's perfect" and at some level that truism is hard to dispute. However, as a practical matter, IT systems can be made very, very robust and reliable with many layers of fallback and protection in place. Think of the systems and networks used for stock transactions for example.
However, as Cisco's Christofer Hoff notes: "Utility, cost efficiencies, convenience trump security, privacy and even (degraded) availability. Cloud doesn't escape that logic." In other words, if you want those layers of fallback and protection, you have to pay for them. Security also often has usability tradeoffs but that's a discussion for another time.
Transparency. That said, one of the issues today is that it's often difficult for the buyers of cloud services to evaluate the back-end procedures that are in place to safeguard data and enhance availability. To be sure, it will always be partly a matter of trust that "best practices" are in place; gear by itself isn't enough. But the view into how data is being stored and protected even at a gross level is often limited at best.
Primary vs. secondary. When we're talking about data storage specifically, one important distinction is whether you're using cloud storage to preserve your only copy of important data or whether it's for backups--or even an offsite copy of an onsite backup. Reliability still matters in any case. If a backup is lost, there's a vulnerability window until it can be restored. And, of course, you need assurance that a valid data backup exists at all.
However, in general, service provider failures that involve only copies of data don't have the same impact as when they involve the only copy of your information. In the latter case, understanding a service provider's procedures becomes especially important. Indeed, in many cases, prudence suggests storing another copy onsite or with an alternate provider.
The specifics will depend on a great many factors. They will be familiar to anyone versed in backup and archive procedures. As with many things, cloud computing does represent changes to the way that companies and individuals are doing IT. But much remains the same.