Key advice: Being prepared for when the Cloud really fails

Cloud services are bound to fail. Some failures will be momentary. Others may be far more serious. What's important is that you're prepared.

Everything works well in the cloud, until it doesn't.

Consider the Microsoft so-called "Leap year" bug that crippled that company's Azure cloud services last month. Bill Laing, vice-president for Microsoft's server and Cloud division, described the system failure in a blog post and said that Microsoft will overhaul its disaster recovery efforts, as well as other aspects of the business.

Fortunately, in this case, services were restored and the outage was (relatively) short-lived.

Nonetheless, it's a certain reminder of how things can -- and will -- go wrong in cloud services and that each organization is responsible for their own business continuity.

Also see "The cloud security survival guide"

Until recently, that was a concern of David Wellington, IT specialist at Since 1994, Tragedy Assistance Program for Survivors (TAPS) has offered support to more than 35,000 surviving family members of fallen UD servicemen and women with casualty assistance officers and military chaplains. As TAPS moved increasingly to Cloud-based services, it wanted to make sure it had reliable access to its data -- even if the cloud services provider went down.

About a year ago, TAPS began moving away from its on-premise productivity and office software to Google's Gmail and Google Apps. "We were relying on our own services and virtual private networks, but it was clunky and sometimes the connection simply didn't work. Switching to cloud services made sense and is easier for our people to use," says Wellington.

More on Cloud computing and security

Cloud security predictions for 2011

Cloud Security Alliance updates controls matrix

Survey finds companies still struggling with cloud security

"We want all of our employees, wherever they are, whenever they need it, to be able to access the information they need. We also wanted to know that it's backed-up, so that we're always ready to help family members and serve those survivors," he says.

Having access to their data "no matter what" meant having backups that were not reliant on the Cloud services provider itself being available. While it may seem strange, at first, backing up applications and data that are in the Cloud - here service providers are widely expected to take care of backups and security for their customers - Wellington and TAPs aren't taking any chances.

To back up their cloud-based data, TAPS turned to startup Backupify, a provider of Cloud-based data archiving, search and restore services for online services such as Google Apps, and social networks such as Facebook and Twitter. Late last month, Backupify also released its Snapshot for Salesforce, which saves a copy of one's Salesforce backup on Backupify servers and also provides the ability to download the data for onsite backup.

Wellington and TAPS aren't the only businesses concerned about ensuring they have access (that isn't provider dependent) to their cloud data. According to Ben Thomas, vice president of product and security at Backupify, the company has more than 300,000 accounts for approximately 2,000 business customers and they protect approximately 250 TB of data.

"We wanted to be certain, even if someone accidentally hit delete, that our information is always there. That it's always backed up. Today we know there's a copy on Google. We know that it's backed up on Backupify systems, and we have local copies. We always know that data is going to be safe," says Wellington.

That goes to show one thing: While Cloud computing is more convenient and (in many cases) more cost effective -- it's certainly not without many of the same concerns as traditional computing systems.

George V. Hulme writes about security and technology from his home in Minneapolis. You can also find him tweeting about those topics on Twitter @georgevhulme.

Join the CSO newsletter!

Error: Please check your email address.

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by George V. Hulme

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts