Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] What Happens when a cloud service shuts down



On Fri, Jan 20, 2012 at 1:35 PM, Jerry Feldman <gaf at blu.org> wrote:
> These days, the buzz word is cloud. You put stuff into a cloud, you
> expect your data to be safe and accessible. But, as most of us know,
> Megaupload has been shut down. A lot of us Android users are affected
> because much of ADA Developers were on that cloud. This is one reason
> why some of these backup solutions may not be ideal. Theoretically, a
> cloud is a virtual storage device where the actual storage media should
> be in several different locations fully mirrored. The worst case it is
> not even in a secure data center. Companies like Amazon, Google,
> Microsoft, IBM, HP are huge and have multiple datacenters so if one
> datacenter gets destroyed by a hurricane, tornado, or a bomb, the other
> data centers continue without much of an issue. But, assume you are
> using a backup service and it suddenly declares bankruptcy. Or,
> similarly, what happens if your car is parked in a secure parking garage
> and the operator goes bankrupt. In any case, your data (or your car)
> would be held hostage.
>
>
> http://hardware.slashdot.org/story/12/01/20/1755207/what-happens-to-your-files-when-a-cloud-service-shuts-down
>
> --
> Jerry Feldman <gaf at blu.org>


After having done backups for years, this kind of thing is a concern of mine.

Just using a 'cloud' data center doesn't mean it is duplicated over wide
area.  Amazon's outage of their East Coast US data center access last
year showed the hole in many of their clients thoughts.  To get geographic
diversity, one must ACTIVELY put data in various data centers, and must
code to ensure wide area replication.

It makes sense to me that they might provide a service that provides
'automatic geographic diversity' but there isn't one that I know about.  They do
however, provide information about how to do this.

Do various services use this?  You must ask them and then we 'believe'
their answers.  Not much of a way to 'trust but verify' like the big customers
could do.

If you are 'big enough' to run your own data centers, this has been an
issue 'forever'.  EMC, IBM, and other vendors sell SAN and other software,
and options in their backup systems, database systems, etc that would allow
this, but you must still provide a secure 'network' (either private, VPN,
or secure tunnels) to ensure secure connectivity and pay for 'sufficient
bandwidth' with reliability to be able to support the service.

Other cloud services may provide 'automated geographic diversity' but
as far as I know Eucalyptus and Amazon don't (they share an almost
identical API - they are co-developers of the API they use).

After working for 'big companies' for many years, disaster recovery and
business continuation assurance is a 'big deal'.  One major oil, while I
was there, had multiple geographically diverse data centers.  To keep
from having 'enough idle capacity' laying around to back themselves up,
they purchased cold data center capacity from a major DR company.
At the time, we still made backup tapes, shipped them offsite to a
separate company facility (I was told they owned an old salt mine somewhere
in Kansas where we shipped tapes from all data centers, but I never
saw it or knew where it was exactly.  We shipped out containers of
9 track tapes or cartridges, and got 'old' containers back.)

When doing a 'disaster test', we had a 'disaster date' in the past, we had
containers shipped to our 3rd party recovery site (the DR company's data
center), and went there.  We could restore, test, be audited, and
clean up (write
erasing data patterns multiple times to all disk drives touched), and have
the tapes ready to ship back to the 'salt mine' in 48 hours.

It took several times to ensure the 'system worked'.  Some data centers never
had a good 'test'.  The one where I was took 3 times before we had a 'fully
successful' test. -- All that being said, doing good disaster recovery is hard.
We got some stupid T-shirts that said 'the only thing worse than Disaster
Recovery is no Disaster Recovery'.  That has a lot of truth in it.

One time I had bosses whine about the cost involved.  I suggested we
just don't do it.  But first, go get at least 3 bids from large insurers to find
out the cost of an insurance policy to cover the business risk involved.
If the policy costs less than doing DR and business continuity planning,
testing, including the overhead costs of equipment, service, and people.
The lower cost option should win.  They also need to be able to explain
their decision to auditors and shareholders. ... I never heard back from
that suggestion.  But it was heart felt, not tong in cheek.  ... sorry
a real soap box that I carry around in my baggage.

All in all, cloud computing decision is similar to the DR decision above.
Many companies are choosing 'cloud vendors' without understanding,
or choosing actively or passively deciding to ignore, the value and liability
options related to it.  They just see the apparent 'cost cutting' portion.

All that being said, I am not against cloud computing.  Just need to
understand what it really means before betting the company on it.

Now, to your question about 'what happens'.  IMHO, the data center
will probably be dismantled, and the data will, if they are good, be
discarded by over writing or better low level re-formatting, drives.
Worst case, a new owner would get it, and will probably format it so they
can put their data on it instead.  They are 'probably' not interested in
your data.  If you are sufficiently paranoid (like we all 'should' be),
keeping data encrypted is a good idea, IMHO.  Most cloud based
web sites have no need.  You are putting your data on the web without
encryption, so why encrypt? (A rhetorical question, there are good
reasons both pro and con).

Oh yes, one of the 'very large' companies I worked for had a 7 year
cycle of 'centralization' vs 'diversification'.  That was true even back
in the mainframe days.  They had 2 major data centers in the 'centralized'
times, and about 13 in 'decentralized' times.  Depends on whether
'cutting cost' or 'responsive to customer departments' was the focus.
Better networking generated a major 'centralization' especially
when 'pc's or 'workstations' put more computing power on the desktops.

Sorry for the overly long response.

><> ... Jack
Whatever you do, work at it with all your heart... Colossians 3:23



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org