Cloud backups: Where's my get out of jail card?

Quis custodiet ipsos custodes?

High performance access to file storage

Double or quits

This layered approach is important. If your data doesn't exist in two locations then it doesn't exist. Just as it isn't good enough to simply trust my data to two different Amazon "zones", putting a Unitrends appliance in my datacentre and using that as the single point of backup isn't good enough either.

A fire, a flood or some jerk driving a truck into the side of the building could take out the working set of data and the backups stored on the local appliance.

Backing up to a local appliance and then mirroring those backups to another location – one you own, a managed service provider you work with or a public cloud provider – is pretty much the only way to go.

This is easy to understand in the context of workloads running on your own infrastructure, but how do you back up public cloud data?

And isn't avoiding exactly this sort of tomfoolery supposed to be the big selling point of the public cloud in the first place?

The truth is that most of the online providers are really quite crap at the sorts of versioned backups discussed above. Salesforce is a great example.

Salesforce uses tape backup and ensures that your data is backed up on average once a day. That sounds reasonable until you get to the part where restoring that data from backup is a minimum of $10,000.

When I consider the above in light of the high cost of Salesforce my brain simply kernel panics and reboots. Salesforce is no longer a phenomenal deal, as everyone keeps trying to convince me, and starts looking like some very typical buck-passer in new as-a-service clothing.

Saleforce's recommended solution to this problem – and you will get the same sort of answer all across the industry – is to purchase backups-as-a-service (BaaS) from a partner company. So to use that software-as-a-service (Saas) application in anything like a safe-enough-for-business-use fashion you will incur additional costs to back it up.

To kick you while you are down, those costs probably use a different costing model from the application or service you are trying to back up.

The backup service is probably per gigabyte of data with a trickle charge for bandwidth and separate charges if you ever need to actually recover something. Explaining the costing model to the bean counters suddenly takes more than one slide in the presentation.

Picking on Salesforce is easy, but it is an almost universal problem. I don't exactly have versioned access to my Gmail or Office 365 email. For that you need to turn to Live Office (now owned by Symantec) or similar applications. (I used Spanning with Gmail before I started my migration off US cloud services.)

When you get your hair cut you don't have to bring in a third-party hair removal service to sweep the floor afterwards

This whole model is dangerous. IT people trained in the dark arts of the tinfoil hat look at any network and start pulling it apart for single points of failure.

When you go to a barber you expect to pay the tithe and get your hair cut; you don't have to bring in a third-party hair removal service to sweep the floor afterwards.

Technologists are good at technology but have a tendency to simply say that problems outside their core expertise are not their problem. Whether the issue they are trying to pass the buck on is security or backups, this leads to trust issues. Over time, after enough people have lost data, confidence in the entire concept of the public cloud could well erode.

High performance access to file storage

Next page: Numbers game

More from The Register

next story
Seagate brings out 6TB HDD, did not need NO STEENKIN' SHINGLES
Or helium filling either, according to reports
European Court of Justice rips up Data Retention Directive
Rules 'interfering' measure to be 'invalid'
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
USA opposes 'Schengen cloud' Eurocentric routing plan
All routes should transit America, apparently
prev story


Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.