Feeds

Cloud backups: Where's my get out of jail card?

Quis custodiet ipsos custodes?

High performance access to file storage

Numbers game

If you have bought into the cloud that is a problem for you. The continued existence of a cloudy service depends entirely on economies of scale. If you have become dependent on a service that is not meeting the needs of enough people to keep the numbers up then your business could end up getting Google Readered.

I acknowledge that there is some value to BaaS as a solution to the badly designed other-things-as-a-service problem, but more research needs to be done. A BaaS vendor is highly unlikely to run that service on its own hardware. Most likely it runs a virtual datacentre on one of the major public cloud vendors.

If you use Amazon's EC2 and feel a need to seek out a BaaS vendor to cover your proverbial, said backup vendor might well be hosting its outfit on Amazon's EC2. I am not entirely sure how that is useful. It gets more complicated when looking at SaaS vendors.

It does not take a certified nerd to grok that Office 365 runs on Microsoft's cloud and Google Apps runs on Google's cloud. Off the top of your head, where does Salesforce run? Spanning? Your favourite cloudy mobile device management provider?

Even if you go to all the trouble of using an S+BaaS approach it still might not save you. The public cloud looks far from simple and seems like it still requires thought and planning to implement.

Who is the owner?

None of this addresses vendor lock-in concerns. There is really nothing except bad PR preventing an American cloud provider (and let's face it, most are American) from simply not letting you download your data. Data ownership is a fuzzy concept in the US. End-user licence agreements can be magic get-out-of-jail-free cards for corporations in some states, effectively worthless in others.

A SaaS vendor could cheerfully decide that it will allow partner vendors to provide backup services on condition that the partner only allows you to restore that data back into the SaaS vendor's cloud. You can have as many copies as you want, you just can get access to the data in those copies in a manner that would allow you to migrate to a different SaaS vendor.

While to my knowledge nobody has actually tried this yet, the cynic in me says that is only a matter of time. What is the difference between a SaaS vendor with "limited (or no) API support" and a vendor locking your data in for eternity?

Vendors can also try the terms of service approach; how many times have image companies tried copyright land grabs that would have given them ownership of your photos?

That is why I dislike the idea of cloud services I can't control. I am happy to let a vendor stand up an application on any random public cloud and sell it to me, but we can't even begin discussions until I can download that data to a backup application that I control.

If I store those backups online, I need to be able to store them with trusted managed service providers to ensure my data is at all times only under the laws of my own nation.

The modern backup vendor must be increasingly cloud aware, as must we. It is too easy to use public cloud service. Click here, tap there and suddenly your business could become totally dependent on something you do not have a handle on.

I hope this has got some of you at least thinking about your own backups. Are you sure they are working? Are you sure they back up all of your company's data?

There are plenty of considerations I have missed when putting this together so please take to the comments and add more to the discussion. After all, it is hard to be too careful about backups. ®

High performance access to file storage

More from The Register

next story
Seagate brings out 6TB HDD, did not need NO STEENKIN' SHINGLES
Or helium filling either, according to reports
European Court of Justice rips up Data Retention Directive
Rules 'interfering' measure to be 'invalid'
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.