In a recent filing in the MegaUpload case, (detailed here in Wired, in case you missed it), federal authorities say they may shut down cloud-storage services without having to assist customers in retrieving data lost in the process. Uh, yeah. You read that right.
Setting aside how you feel about MegaUpload, it’s pretty clear that the second order impact and unintended consequences around situations like the government takedown of it have wide ranging consequences for all of us.
Standing Cloud CEO Dave Jilk broke down the practical implications of the situation in a recent guest post on Feld.com. And the short answer is that it isn't pretty.
According to Dave, the primary implication is that "there is a new risk to your data and your operations when you use multi-tenant online services." Sure, risks have always existed: If you don't have both an offsite backup of your data and a way to use that backup, then any number of black swan events, including human and network error, natural disasters and proverbial 'acts of god," could disrupt your operations in dramatic ways.
But what this particular case illustrates is "that a company that provides your online service is a single point of failure," notes Dave, adding that "simply offering multiple data centers, or replicating data in multiple locations, does not mitigate all the risks, because there are risks that affect entire companies." He calls the MegaUpload situation an example of a non-technical company-wide effect. Other non-technical company-wide effects might be illiquidity, acquisition by one of your competitors, or changes in strategy that do not include the service you use.
So, while this is a striking and unfortunate illustration, the risk it poses is not fundamentally new. Nor is the suggestion to have an offsite backup of your data and a way to use that backup. But, as the article makes clear, the situation where the failure to do this is most prevalent is in multi-tenant, shared-everything SaaS, such as Salesforce.com and NetSuite. With these services, Dave notes, "off-site backups are awkward at best, and more importantly, there is no software available to which you could restore the backup and run it. In essence, you would have to engage in a data conversion project to move to a new provider, and this could take weeks or more." While there are steps companies could take to mitigate this risk, they will only do it if they get enough pressure from customers. Alternatively, he suggests, "you could build (or an entrepreneurial company could provide) conversion routines that bring your data up and running in another provider or software system fairly quickly."
Another approach – the one Standing Cloud enables – is to use software that is automatically deployed and managed in the infrastructure cloud, but is separate for each customer; and further, it is backed up on another cloud provider or other location. In this scenario, there is no single point of failure or company failure. If the provider of the software has a problem, it doesn’t matter because you are running it yourself. If the cloud provider has a problem, Standing Cloud has your backups and can re-deploy the application in another location. If Standing Cloud has a problem, you can have the cloud provider reset the password for your virtual server and access it that way.
Whatever approach you choose, the bottom line is this: Make sure you have an offsite backup of your data and a way to use that backup. Because as long as governments violate rights, mother nature wreaks havoc, and humans make errors, one day you'll need it.
You can read the full article, which also appeared on Business Insider, here.