Avoiding mishaps with Data in the Cloud

What might happen to your data while it is in the cloud?  In the last article, we discussed why you might want to have software and data in the cloud.  In this article, I list 9 things you can do to keep your data safe

What can happen to my data when it is in the cloud?

Most of these things can also happen to your data while it is on your desk or in your own data center.  It’s not necessarily the fault of the cloud that mishaps occur.  The focus of the following is choosing the best countermeasures to cloud-based data mishaps.

Here is a list of things that could happen to your data while it is in the cloud:

Mishap #1: My data is temporarily inaccessible

When your data is in the cloud, you may not be able to access it.  This can also happen when your data is in your own data center.  The reasons for inaccessibility can be any of these:

  1. Scheduled maintenance (downtime) — The system is offline for maintenance that was planned & scheduled.
  2. Unscheduled maintenance (outage recovery time) — The system is offline while recovery is performed for an unscheduled outage.
  3. Administrator error (system offline) — The system is offline because an administrator of the system made a mistake.  The specific causes range from configuration errors to improper responses to simple failures that would normally be recovered quickly.
  4. Failure of a storage system (but there is a backup copy) — Your data is temporarily inaccessible while the system switches over to the backup copy.
  5. Loss of internet access — You can’t get to your data because you have no access to the Internet.
  6. Overload on a cloud server.  Causes of this (overload) mishap can be any of the following: (a) Inadequate resource planning at cloud vendor; (b) The storage servers ran out of capacity (for storage or for accesses) due to inadequate planning for growth; (c) Denial of service attack (general) — A malicious person or entity has created excess demand for service from the servers your data is stored on.  The attack is aimed at the service provider or one of the provider’s other customers, without regard for the fact that you and your business are affected; (d) Denial of service attack (specific to me and my data) — A malicious person or entity created excess demand for service from servers your data is stored on, and the purpose is specifically aimed at disabling your business.

Mishap #2: My data is lost forever

  1. There was a failure in a storage system and the data was not backed up.
  2. There were multiple failures, and both the primary copy and the backup copy are gone.  This very unlikely, except when there was an administrator error after a storage system failure.

Mishap #3: Accessed by unauthorized person

  1. Accidental access from within the cloud vendor’s domain. — Someone in the cloud vendor’s data center accessed the data by accident.  Typically, this does not result in any loss, but the event should be reported so that it can be avoided in the future.
  2. Malicious attack — Someone outside of your company and your cloud vendor accessed your data, usually with the intention of misusing it.  This is a serious breach that may have to be reported to state or federal authorities.

Mishap #4: Data was corrupted by storing the wrong information

This can be caused by human error or by software error.  Human error may be as simple as someone entering the wrong data into a form, or by someone misunderstanding the meaning of some data.  It can also be caused by software error, either by some sort of error termination, or by a database transaction that fails to complete and leaves the data in an inconsistent internal state.

Things to do to prevent or minimize losses

Here are 9 things you can do to help your organization keep your data safe.

Understand how data is stored in virtual environments

Be sure your IT people know what sort of storage is provided in the virtual machines and cloud-based storage that your organization is using.

Plan for failures

Follow the rule that everything that can fail will fail.  Use regular disaster drills, including actually taking live data offline to see how the systems and people react.

Know your SLAs

Understand the implications of your service-level agreements in your cloud vendor’s contract.  Make sure that you are not putting critical data in a storage system that has only “normal” uptime commitments, such as you might get with a single disk drive.

And read the fine print of your contract.  Is an “outage” defined as more than 10 minutes of unavailability?  Can your business stand to have multiple outages that are 9 minutes long?

Know where your data is

Be aware of your cloud data storage vendor’s locations, levels of redundancy, and what the backup and recovery procedures are.

Also, since data is often corrupted by human error, it’s not enough simply to have backup copies – they will all be wrong if someone has entered the wrong information.  You also need checkpoints where the whole consistent set of data was backed up and can be retrieved after something has gone wrong.

Data recovery service

Since many cloud and virtual storage vendors don’t include recovery from software or human-caused data corruption, add a data recovery service provider in your contingency plans.

Arrange for education & education

Ask your cloud storage vendor to train or educate your staff on how to recover from a data disaster or handle data recovery in the cloud.

Prepare for vendor switching

Make sure that you have a plan for moving your data from one cloud vendor to another.  This includes knowing what it takes to download your data from the current vendor (or your backups) and then to upload it to a different vendor.  Anything less than this will leave you locked in to the current vendor and vulnerable to their shortcomings.

Implement stringent system access controls

While you want everyone who needs it to have access to data, you should restrict access to the data center systems, software and applications to the few people who need to manage those systems.

Don’t underestimate the cost of cleanup

After you suffer a security breach in your data, you have a lot of things to do to clean up and re-secure your data.  There may also be reporting to be done.  A recent survey found the cost of this kind of cleanup to be over $200 per data record.  Take this into account when you are justifying training and/or other security measures for your data storage.

Don’t let all of these potential disasters keep you from storing data in the cloud.  You can count on cloud vendors to be highly motivated to keep your data safe, and often they will spend much more on security than you would in your own data center.  But arm yourself with information, so you know what could happen and what to do about it when it does.

Like this post? Share it!
    About John Levy

    John Levy works with senior managers in mid-sized organizations who are responsible for development and delivery of major software or hardware/software products. He helps them gain confidence that their projects will succeed.

    Development projects can fail in many ways. You need a guide who speaks the language of business and is knowledgeable about technology. John aligns Development with the organization's strategy so it will contribute efficiently to the success of the enterprise.

    John has been consulting for over 20 years. His book on managing high-tech teams, Get Out of the Way, was published in 2010.

    For more information, email him at johnlevyconsulting.com, or call 415 663-1818.
    And check out John's profiles on LinkedIn and Twitter!

    Comments

    1. John
      Here’s a lost back-up horror story. This happened to a Business Group member. Lost all data despite triple backups:
      — Main server knocked out of commission by flooding–overflowing toilet in the office upstairs.
      — The regular automatic offsite backup system had never actually been tested. They discovered that they could not do a restore from it.
      — Portable hard drive kept offsite, on which they did weekly backups. The person charged with restoring that data to the new server had difficulty making it happen, and somehow managed to erase the disk!

      Now they were able to recover most of the data from the erased disk by using a drive saver service, but at large cost and major delay.