Feeds

Cloud backups: Where's my get out of jail card?

Quis custodiet ipsos custodes?

Remote control for virtualized desktops

Numbers game

If you have bought into the cloud that is a problem for you. The continued existence of a cloudy service depends entirely on economies of scale. If you have become dependent on a service that is not meeting the needs of enough people to keep the numbers up then your business could end up getting Google Readered.

I acknowledge that there is some value to BaaS as a solution to the badly designed other-things-as-a-service problem, but more research needs to be done. A BaaS vendor is highly unlikely to run that service on its own hardware. Most likely it runs a virtual datacentre on one of the major public cloud vendors.

If you use Amazon's EC2 and feel a need to seek out a BaaS vendor to cover your proverbial, said backup vendor might well be hosting its outfit on Amazon's EC2. I am not entirely sure how that is useful. It gets more complicated when looking at SaaS vendors.

It does not take a certified nerd to grok that Office 365 runs on Microsoft's cloud and Google Apps runs on Google's cloud. Off the top of your head, where does Salesforce run? Spanning? Your favourite cloudy mobile device management provider?

Even if you go to all the trouble of using an S+BaaS approach it still might not save you. The public cloud looks far from simple and seems like it still requires thought and planning to implement.

Who is the owner?

None of this addresses vendor lock-in concerns. There is really nothing except bad PR preventing an American cloud provider (and let's face it, most are American) from simply not letting you download your data. Data ownership is a fuzzy concept in the US. End-user licence agreements can be magic get-out-of-jail-free cards for corporations in some states, effectively worthless in others.

A SaaS vendor could cheerfully decide that it will allow partner vendors to provide backup services on condition that the partner only allows you to restore that data back into the SaaS vendor's cloud. You can have as many copies as you want, you just can get access to the data in those copies in a manner that would allow you to migrate to a different SaaS vendor.

While to my knowledge nobody has actually tried this yet, the cynic in me says that is only a matter of time. What is the difference between a SaaS vendor with "limited (or no) API support" and a vendor locking your data in for eternity?

Vendors can also try the terms of service approach; how many times have image companies tried copyright land grabs that would have given them ownership of your photos?

That is why I dislike the idea of cloud services I can't control. I am happy to let a vendor stand up an application on any random public cloud and sell it to me, but we can't even begin discussions until I can download that data to a backup application that I control.

If I store those backups online, I need to be able to store them with trusted managed service providers to ensure my data is at all times only under the laws of my own nation.

The modern backup vendor must be increasingly cloud aware, as must we. It is too easy to use public cloud service. Click here, tap there and suddenly your business could become totally dependent on something you do not have a handle on.

I hope this has got some of you at least thinking about your own backups. Are you sure they are working? Are you sure they back up all of your company's data?

There are plenty of considerations I have missed when putting this together so please take to the comments and add more to the discussion. After all, it is hard to be too careful about backups. ®

Beginner's guide to SSL certificates

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.