Newsflash: Placing your mission-critical data in “the cloud” may be hazardous to your health. You are at an increased risk if you are elderly, pregnant, or wish to keep your IT job.
So, the news on the street is that Flickr may accidently delete your data now and then, but that Flickr has no convenient way to restore this data. To summarize the incident: A photographer used Flickr for over five years, along with the accumulated notes and comments on his 5000+ pictures, and Flickr accidently deleted his account, along with his photos, notes, and comments. Flickr is scrambling to restore the data, but whether that proves to be possible is anybody’s guess.
At my day job as CEO of Puryear IT, I am constantly working to help our clients manage their mission-critical data, whether that data resides onsite, at a remote site, or in the cloud. And there is one thing that I constantly find myself having to preach when it comes to the safety of data: The cloud is not Heaven. It’s not sacred. Bad stuff happens.
Alas, the marketing for “the cloud” is so well done, and the details of what vendors are offering so often vague, that people just assume that if their data is in the cloud that it’s safe. Protected. Free from being accidently deleted.
So not true.
If anything, if your data is in the cloud then you are at increased risk if you don’t take the right steps. And what steps are those?
* Ensure the vendor has a backup & restore policy that covers not only your account settings but the data within the account.
* If your data is truly mission-critical, maintain a local backup. (Although this isn’t always possible.)
* Ensure the vendor has General Liability coverage in case something goes horribly wrong.
So let’s discuss these in more depth.
Backup & Restore Policy
The photographer in the Flickr story fortunately has copies of his photographs on his own PC. So great, he has a local copy. However, what if he didn’t? Well, he’d be SOL. (As we say in the US.)
If you have critical data being managed by a cloud provider, then be sure that the provider has a written and published Backup & Restore Policy. Depending on how frequently your data changes, the Backup & Restore Policy should offer the following features:
* Frequent backups, ranging from daily to real-time (Continuous Protection)
* You should be able to request a restore of your data for free if provider makes a mistake
* You should be able to request a restore of your data for a nominal fee if you make a mistake
If you can restore the data yourself without provider assistance, all the better.
Maintain Local Backups
Life gets real easy if you maintain local backups of your data. How does this work though? It’s not always easy. For a service like Flickr, you can’t actually backup the data—you simply maintain local copies of your photographs. But if the data is lost, and Flickr isn’t being helpful, then you will still lose metadata, comments, notes, etc.
Alas, not many services actually allow you to maintain a local backup, especially if it’s a consumer-facing service, so workarounds are common in this space. (I’d love to hear how you maintain local backups of data in the cloud.)
Here’s a big one. If the provider does toast your data, and is unable to restore your data, what then? This is where General Liability (or possibly Errors & Omissions, depending on the relationship) comes in. The provider should be able to cover your losses due to the loss of your data if the loss is the providers fault.
That being said, if you review the EULA that is included with your cloud-based service, chances are you are not covered. More to the point, the EULA probably limits the provider’s liability, possibly to the amount of exactly $0.
So how are you keeping your data safe?