Recently,
evangelizing virtualization and cloud infrastructure saw me speaking to an
organization IT head who seemed to have the most insidious idea that by moving
to the cloud, companies won’t ever have to worry about IT issues ever again.
Various other chats reveal that people have somehow gotten into their minds
that since their data or their servers or their applications are somewhere else, all their
conventional technology issues are magically solved: cloud providers will back
up the data, update software, deal with security issues, and so on. I hate to
break it to you bud; nothing
could be further from the truth.
For every
layer of the cloud (Infrastructure-as-a-Service, Platform-as-a-Service or
Software-as-a-Service), the limits of the responsibility of the provider are
clearly defined. In the case of infrastructure (IaaS), this limit is the
hardware environment: the provider will guarantee network and hardware
availability, and nothing else. Any other functionality is the sole
responsibility of the user. You must set up backup for your servers, define and
enforce any security policies, keep the systems updated, and do any other
conventional server management task.
On the
platform layer (PaaS), their responsibility is expanded: vendors offer a
computing platform, roughly equivalent to an operating system, on the cloud.
Their responsibility, therefore, goes as far as the functionality they make
available. If you’re using a platform’s storage services, they will take
responsibility for the availability of the data, replicating it as necessary,
as well as for the performance of storage operations, and so on.
Finally, on
the software-as-a-service layer (SaaS), vendors will take full responsibility
for the entire application environment. This means not only the availability of
the application and the underlying data, but also all the necessary
infrastructure to make sure that they don’t lose your data, are hacked, or
suffer any other issues that compromise your ability to access and operate the
software.
Be that as it may, recent data
breach incidents have proven that no datacenter is out of reach.
Hence,organisations should get serious about their backup and restore
process.Assuming someone else is backing up for you is a sure recipe for
disaster.Some of the most notable incidents of 2012 were:
- Global Payments (credit card
processing), had hackers gain access to 1.5 million credit card
numbers
- LinkedIn had 6.5 million hashed
passwords stolen and published online
- eHarmony had 1.5 million
passwords swiped
- Yahoo had nearly half a million
usernames and passwords compromised
- New York State Electric and Gas
had 1.8 million customer records hacked
- Zappos had upwards of 24
million shoe-buyers impacted by a data breach
- U.S. Army records for 36,000
military personnel were hacked
While the security implications of
data breaches are clear, and tremendous damage was done, we also know that most
compromised records were not lost. Hackers don’t generally destroy data. For
the most part, they copy and keep the data they’re interested in exploiting for
future gain.
But that’s not always the case, as
we learned when Wired writer Mat Honan had his accounts, which had
been backed up to the cloud, hacked and deleted. As a result,
Honan lost all of the data on his smartphone, tablet, and laptop – all of his
e-mails,contacts, documents, and most unfortunately, the photos that recorded
the first year in the life of his daughter.
What made the Honan case
particularly compelling is that Mat, just like many of us, assumed that
he was covered by having multiple copies of his data. Between his smartphone,
tablet, and laptop, he had layers of data storage duplication. On top of this
he assumed that by backing up to the cloud he was safe. Who would think to ask
if the cloud itself is backed up?
MY ADVICE
A wise college professor once told me;
"To get new ideas, read old books", thinking of a solution
to this tech quagmire takes me back to my college Sophomore year; organizations
shouldn't break from the classic Father-Grandfather- Son backup strategy even
whilst enlisted in a cloud service. the surefire way to protect your
organization's data(whether you adopt a public cloud, private cloud or hybrid
infrastructure) is to take responsibility for your own backup.
Whether you do it yourself or use a
backup as a service (BaaS) strategy, the time to implement your backup strategy
is now!
For the love of Technology
As a friend of mine cared to remind me;The content above is simply "my opinion" to be weight alongside varying opinions and the facts therein.
