The Connected Web

Phil Wainewright

Can You Trust Your Cloud Provider?

user-pic
Vote 0 Votes

It turns out that size and brand value alone are not enough to assure the safety of your data when stored in the cloud. Last week, an outage at T-Mobile's Sidekick service, which is operated by a subsidiary of Microsoft, appears to have irretrievably wiped all user data.

So who can you rely on in the cloud, if you can't rely on two of the world's biggest IT and telecommunications organizations? Is this yet another illustration that cloud computing will never be dependable enough to trust with your most precious data?

I believe cloud computing will prove itself in the long term, but what this latest outage demonstrates is that most cloud providers can't be trusted. So how can you identify the minority that — in my view — can be trusted? There are three key questions to ask:

  1. Is cloud computing the provider's core competence? Clearly, in this case, neither of the main players rely for their core revenues on cloud computing. However huge the corporation, this should always throw up a big red flag for customers: most big, established software companies know diddly-squat about delivering on-demand applications. If cloud isn't a core focus of top management, then it won't get the investment it needs, further diluting an already weak culture of service delivery.

  2. Is the provider operating a truly cloud-scale infrastructure? Microsoft acquired the Danger subsidiary, which ran the Sidekick service, in February 2008, but there's been some speculation that the start-up's infrastructure has never been upgraded. Although start-ups can't normally afford their own cloud-scale infrastructure, there are plenty of third-party options out there these days. There's no longer any financial excuse for anyone putting customer data at risk in sub-standard infrastructure (Microsoft didn't ever have that excuse, of course, and is now paying a heavy PR penalty for failing to put Danger's infrastructure straight at the earliest opportunity).

  3. Does the provider adhere to this five-point code of practice? The lack of an option to download data from Sidekick for safekeeping elsewhere was a clear contravention of point 5 of the code, "Let customers leave whenever they like," and should have given any user signing up to the service pause for thought. Catastrophes do happen, and users of cloud services must always be sure they have access to a backup if the unthinkable happens.

The Sidekick disaster is, as many have said, a setback for cloud computing, even though it's a demonstration of 'how not to do it' that others will, I hope, heed and learn from. But it won't be the last such disaster because so many of the providers now starting to offer cloud services are doing so without the commitment and culture that is needed to do it right. Cloud services present enormous opportunities for buyers, but the risks of choosing badly are also high, and will remain so for several years yet.

1 TrackBack

I believe cloud computing will prove itself in the long term, but what this latest outage demonstrates is that most cloud providers can't be trusted. So how can you identify the minority that — in my view — can be trusted? There are three key quest... Read More

1 Comment

Nice article. I think a lot of 'trust' for service providers depends on experience. I would recommend to anyone who is trying out a new provider is...

1. Have a trial first, don't sign up to a long-term commitment without experiencing the quality of service they offer first hand.
2. See what other people have said about them, in particular, are there any high-demand real-time use customers on the system - and if there are, do they have any problems with the infrastructure side of things.
3. Consider how easy it will be to get your data out again, if you choose to switch providers, do they provide APIs that can download all your data easily.
4. What are their own internal backup and maintenance mechanisms. Do they own their own servers, or are they managed by a third party who has no interest in the data on it. The support technicians always seem to use the mantra 'wipe & reinstall' when things to wrong, as they don't care about the data, only about getting a server running again.

It comes as no surprise to me that Micro$soft botched up Danger; their software does have a habit of crashing.

Remember, that Microsoft has a policy against Cloud based services. They only support cloud + client software scenarios. Because if everybody used cloud software, nobody would use Windows, as they would only need a browser - something other OSs can offer for free. Their own Azure service is their attempt at control, as you have much more freedom with it when using client/desktop based software, than you do when using a web-interface.

I think Microsoft didn't bother to maintain Danger as an attempt to screw Clouds update in business environments. To say, if you had the software installed on your workstation in the office - you would have never have lost your data in the first place...

Phil Wainewright blogs about how businesses are using the Web to get better plugged into today's fast-moving, digital economy.

Phil Wainewright

Phil Wainewright specializes in on-demand services View more

Recently Commented On

Recent Webinars

    Categories

    Monthly Archives

    Blogs

    ADVERTISEMENT