Can you trust the cloud in a crisis?
The cloud is about more than just data storage and 'anytime/anywhere' file access. It's also increasingly being used as an enterprise disaster recovery tool. The question is, though, can you really trust the cloud in a crisis? Davey Winder investigates...
The cloud is not, despite the claims of many who should know better, anything new. As a concept it has been around for what seems like forever, and some of us have been quite happily using what are referred to as 'in the cloud' applications for many, many years now.
Security is at the very top of the punch bag list, with the oft-repeated claim that you cannot trust the cloud with your data. Like many oft-repeated claims, this one is not actually based in fact.
However, like any technology which finds itself thrust into the business and media limelight, the cloud has become both a nay saying punching bag and bringer of budgetary miracles.
Security is at the very top of the punch bag list, with the oft-repeated claim that you cannot trust the cloud with your data. Like many oft-repeated claims, this one is not actually based in fact. Data can be as secure in the cloud as anywhere. Indeed, as with most things, the devil as always is in the detail. But, with increasing numbers of folk looking for inexpensive and quick to setup disaster recovery (DR) and business continuity systems, perhaps what we should really be asking is if the cloud can be trusted in a crisis.
Recovery silver linings or continuity storm brewing?
Dave Blakey, CEO of open source software user interface specialist, Snapt is convinced that for any tech business "the path is already clear" when it comes to increasing business resilience against failure at a reasonable price. At the same time, he admits that, like any network, it has downtime and problems. "The ability to deploy at multiple locations across the globe for a tightly controlled and predictable cost means disaster recovery is a more realistic option for businesses from small to large," he says.
"The option exists to have a DR setup within the cloud as well - with multiple locations on offer from all the main vendors you can co-locate your business assets with ease". But is he right? Is cloud DR really such a clear cut and no-brainer option?
View from the inside
As managing director of Memset, a cloud infrastructure and hosting business, Kate Craig-Wood should know a thing or two about the capabilities of the cloud. Indeed, she tells IT Pro that a key part of the business proposition has been investing in "massive resilience at all levels" from power and cooling in the datacentre to having hot standby servers in the racks so that its customers don't have to.
The idea being that if part of a customer's infrastructure fails then the hosting company can fix it quickly. "For our customers that have wholly embraced the cloud, their IT services are extremely resilient," Craig-Wood says. "This even applies to office infrastructure. Say staff can't get in to work because of snow, if their systems are all cloud-based their staff can work from home and the impact is minimal."
Chris Cowdry, a solution architect at fellow cloud hosting company, Pulsant, agrees that cloud DR is an increasingly popular choice for those organisations that have already embarked upon virtualisation. However, he also points out that most enterprises still have a mix of physical and virtual systems. As such, they need to account for both in any disaster recovery plan and the choices available to them in terms of physical like-for-like replication or using the cloud can be far from straightforward.
"For those with a mix of physical and virtual infrastructure, using the cloud for disaster recovery is not a case of simply replicating data; it largely depends on the size and scope of the production workloads to be protected, and selecting the disaster recovery solution that is the most suitable for its replication," Cowdry explains.
"Storage Area Network (SAN) strategies are often a preferred choice, but compatibility can cause complications as physical infrastructure may need to be adjusted to suit the cloud. It is essential that these issues are addressed early on to ensure the infrastructures work together. This then also dictates the selection of appropriate third party cloud vendors, as organisations cannot simply cherry pick a provider. The storage in use by both parties needs to be compatible".
The cloud certainly has its place in today’s disaster recovery strategies, providing separation between production systems and their disaster recovery counterparts. This, in turn, helps avoid knock-on effects in the event of a localised disaster, according to Cowdry.
He feels it is essential to stress the importance of proper planning and testing. "In an ideal situation, the entire production workload would be replicated," Cowdry says. "However, in reality, businesses have to accommodate their budget and prioritise critical systems that cannot tolerate downtime."
He adds: "Overall, when considering the cloud for disaster recovery it is critical that businesses work with a trusted provider with the expertise to design a disaster recovery plan that is specific not only to the organisation’s needs but also addresses the SLAs it has with its own customers. With the correct approach, disaster recovery in the cloud can be the perfect solution and often at a much lower cost point when compared to traditional models".
The view from outside
It would appear the view from inside the cloud hosting industry is fairly clear and in agreement that cloud DR can be trusted when implemented correctly, but what about the outsider view? What about those businesses actually taking the cloud route to business continuity?
Will Lovegrove, CEO at datownia, told IT Pro that he would "definitely trust the cloud in a crisis as a small business owner". He points to the natural resilience of the cloud, stressing that he feels there is "less likelihood of a crisis of my own making" such as servers failing or disk space running out.
Indeed, Lovegrove is happy to put his money, and his data, where his mouth is. "My company also uses a cloud disaster recovery solution to manage back-up of business critical internal systems like finance/source code/databases/software environments," he reveals, adding "We're a tech company, so we're confident about doing our own due diligence. The thing to look for in a cloud disaster recovery service provider is how they handle their crises."
Or, more specifically, he says, whether they store the data in multiple locations in the cloud to mitigate against acts of God such as super storms, for example. Lovegrove is a realist though, and is aware of the cons such as being screwed if the internet connection blows up or goes down. "I recommend businesses don't skimp on broadband providers and also buy hotspot technology from their mobile telco. Then you can fall back to 3G in a crisis," he says.
That said, you can never be quite sure if you will be able to recover from the cloud until you actually need to in times of crisis. But that's the same for all DR solutions and isn't exclusive to cloud DR. Hands up if you actually test your disaster recovery systems, if you run simulated DR scenarios regularly? I suspect there are not many hands up, and Lovegrove's isn't among them as he admits that his business doesn't either.
In mitigation, though, he does feel happy that the cloud is mature enough to be a reliable business continuity tool, at least for small businesses. "Larger businesses may want to be more involved in their DR processes and have the resources to be able to engage at that level," he says. "So rather than just use cloud storage as a DR backup for files they may actually run hot or cold copies of business critical systems in the cloud."
"In theory, cloud is an inherently resilient platform for disaster recovery," Alex Moore director of technology and engineering at NTT Communications in Europe, told IT Pro. "In practice, its effectiveness comes down to the performance characteristics and SLAs that are set by the business."
He adds: "The KPIs are the recovery time objective, or how fast service is restored following an outage, and the recovery point objective, which determines how up-to-date the recovered data should be. The shorter these objectives, the higher-performance, and more expensive, the recovery solution will be."
So a real-time, business-critical system like a stock-trading application may have recovery time and point objectives set in seconds or fractions of a second, while less critical applications may only require a recovery time objective of a day or so.
"Disaster recovery platforms, whether cloud-based or otherwise, generally fail not for technical reasons, but because the agreed KPIs fall short of the business’ expectations," according to Moore. "The business critical nature of the applications and data will determine the structure of the disaster recovery cloud, but planning is the key to successful crisis management," he suggests.
Mike Osbourne has forgotten more about disaster recovery than most IT admins know, which is hardly surprising as his job carries the impressive title of MD of business continuity at disaster recovery specialist Phoenix.
Unsurprisingly, Mike was happy to provide a sage conclusion to this feature. He warns that all too often people are unaware of the difference between resilience and recovery. While most cloud services are, by their nature, designed to be resilient "that doesn’t mean that in the event of an outage, you’ll be quickly back up and running with all your historic, backed-up data and applications."
"That’s because your business may be one of thousands of others affected by the outage," Osbourne explains. "If you have the same generic contract as most other customers, it’s a matter of luck how long it will take your provider to restore your data."
With most end users at the mercy of their cloud provider as to how quickly back-ups are restored, the granularity and scheduling of those back-ups and the ability to ensure proper encryption is in place, it looks like there is one big stumbling block as far as business critical continuity systems in the cloud are concerned. Osbourne reckons this will soon change as the cloud model evolves to allow proper ownership of data to be claimed.
"This involves a specialist IT recovery firm forming a relationship with the cloud vendor where the former can access a customer’s cloud-stored data through an API, taking independent responsibility for backing up a customer’s data to its secure data store, and therefore enabling customers to dictate the terms and conditions of that backup service," Osbourne told IT Pro.
He concluded: "Combined with the IT recovery firm’s standby infrastructure, capturing this data will enable users to restore their systems in minutes with a single click of the mouse, even in the event that their cloud provider has lost all their data or ceased to trade."
The Tsunami effect
During the Japan Tsunami last year, Microsoft used the cloud for contingency plans by moving customers’ data to datacentres located outside the disaster zone, including more than 10 million Hotmail and messenger accounts, shortly after the Tsunami hit.
This move also expanded cloud capacity to ensure that local organisations in need received extra space, and reduced the load on the national power grid. This ensured that customer data was kept secure; online services were kept active and available to help co-ordinate relief efforts and disseminate public service information; and Microsoft account holders were still able to communicate at a time when many other institutions and services were down.