Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Forecast: Mostly cloudy with a chance of failure

Michael T. Lester | July 11, 2016
Although IT professionals have back up servers which are ready to restore after a failure, most of them forgo it when moving to cloud.

Perhaps nowhere in business, and certainly nowhere in IT, does optimism abound more than it does in a discussion about "moving to the cloud." Clouds aren't always puffy, white cottony things dancing against an azure sky. Sometimes they are terrifying storms that have catastrophic affects.

IT professionals know that systems will eventually fail or get hacked and therefore almost always have back up servers and back up data that's ready to restore after a failure. Somehow though, this diligence frequently dissipates when planning to move to the cloud.

Remember, "The Cloud" is a marketing term. There is no "cloud", it is just somebody else's servers. If you're thinking of moving your applications or data to the cloud, or even if you already have, you should consider these things:

1. Read your T&C's: Your cloud provider is probably not responsible for any consequences of a loss of service. If your customer database is (for example) in Microsoft's Azure cloud services, and something goes wrong, then by the Microsoft online Services Agreement, the most you can collect from Microsoft is what you paid for the service and, of course, they are not liable for any costs you may incur from losing the service.

2. Backup like you weren't in the cloud: Clouds fail. If you think that once you are in the cloud that you are protected, think again. A group at the University of California Berkley are so keenly aware of cloud fragility that they have proposed "Failure As A Service (FAAS)" to test large scale outages of cloud services. As they point out, "...the computing forecast for tomorrow is 'cloudy with a chance of failure.'" The internet abounds with stories of epic cloud failures. Azure was down for 12 hours once on Feb. 29, 2012. Cloudflare, a SaaS company, went down for an hour on March 3, 2013 and took 785,000 client websites with it. It happens, and your business continuity plan needs to cover it.

3. Encrypt everything. What do you really know about where your data is stored and how protected it is from others? A Ponemon Institute report on data breaches revealed that 66 percent of the respondents of the 613 IT practitioners questioned believed that their organization's use of cloud resources diminished their ability to protect confidential or sensitive information. Interestingly enough, the same investigation reveals that 51 percent of the same respondents said that their in-house IT was equally or less secure than cloud-based services. In other words, they weren't satisfied with their in-house IT security, but felt even worse about security in the cloud.

4. Be aware of the "Cloud Multiplier": The same Ponemon report suggests that there is a "Cloud Multiplier" effect to the cost of a data breach. Their research shows that the cost of a breach of 100,000 records from the cloud would almost double to $5.32 million versus an average cost of $2.37 million for the same size data breach from in-house servers. A separate report by Ponemon identifies "extensive cloud migration" as a contributing factor to the cost of data breaches.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.