While the cloud can be a good place to store data and backups, you need to make sure you can quickly get it when you need it. Restoring data is a critical component of any disaster recovery planning initiative. In case of a disaster or unforeseen occurrence that requires you to recover your data, you need to ensure that you can bring it back online within a time frame that meets your business needs. A few weeks ago, Amazon suffered several days of outage in its EC2 and RDS service, bringing down dozens if not hundreds of services along with it — including such high-profile sites as Reddit, Heroku, Foursquare, Quora, and many others. Although the cause of that outage has been analyzed extensively in many forums, the discussion is interesting and relevant because it brings attention to the lesson that wherever or whomever you entrust your data to—be it in the “cloud” or to a big company like Amazon — it pays to be smart about how you manage your data, especially if it’s critical to your business. Understand your options. When someone else is managing your data, it’s easy to leave the details to them. However, making sure that you at least have some understanding of what your options are in what different service providers can offer you will pay dividends later if something goes wrong, since you’ll be better equipped to make an informed decision on the spot. Things you should look at include: Who is the service provider? What is their history? Who is behind them? What is their track record? Where do they store your data? Do they own the servers where your data is stored or do they rely on someone else? Is your data stored within the local area (i.e., a drive away) or is it distributed all over the map? Do they provide a mirror of your data within your own server, or is everything in their data centers? What measures do they employ to make sure your data is safe? What methods do they employ to ensure you can get to your data when you need it? Do they provide service level assurances or guarantees to back up their claims? These are just some of the basic questions you should be asking of your service provider. Do a test drive. Often you will not know exactly how a service works until the rubber hits the road, so to speak. Ask your service provider for a demo or a trial period. Test how fast it is to back up your data, but more importantly how fast you can bring it back when you need it. This is especially important if you’re talking about gigabytes of data. Understand that doing backups in the cloud can be hampered by your bandwidth and many other components of your system and theirs. Don’t put all your eggs in one basket. Some service providers give users the option of storing data in multiple sites, to ensure that your data is safe if one site goes down. But why rely on just one service provider when you can get the services of multiple providers instead? Or perhaps better yet, why not manage some of your data on your own? While it may be complex and costly to reproduce what many service providers can provide today, it is relatively easy to set up a simple system to keep at least some of your really, really important data locally by using an unused computer or a relatively cheap, network-attached storage device or secondary/removable drive that you can buy at your local store. Create a plan and write it down . Unforeseen occurrences can and will happen — not only from your side but from your service provider’s as well. When they do happen, you will need to have a contingency plan ready, often referred to as a Business Continuity Plan. Make sure to document your plan in writing, and communicate it to everyone in your organization so they will know what to do in case disaster strikes. With its promise of unprecedented efficiency, reliability, scalability, and cost savings, cloud computing and storing your data in the cloud is the topic du jour these days. However, it’s sometimes easy to overlook the basic due diligence that’s necessary regardless of how or where your data is stored. Ultimately, it is your business on the line—and being prudent and proactive about how your data is stored, managed, and (most importantly) recovered in times of need will save you much grief when you actually need it.
Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits. “ Cloud computing ,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model. First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party? Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues? Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives. Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.
As we begin to store more and more of our data on the Internet and in the “Cloud,” the threat of that data being accessed and used by someone or something outside of our knowledge or control becomes very real. Data such as credit card information, banking transactions, work history, private addresses and numbers, email and much more are now stored and searchable in everything from Facebook, Google, Twitter, and a host of other applications. In a June report titled “ Assessing the Security Risks of Cloud Computing “, analyst firm Gartner recommends that businesses work closely with their IT department or trusted IT services provider and consultant to understand the risks of storing data in the cloud. Not stopping there, Microsoft has called for even greater government oversight. Recently, Microsoft General Counsel Brad Smith travelled to Washington to urge the US Congress to enact legislation that would protect information that’s stored in the cloud. Microsoft is proposing legislation that would call for: Reforming the Electronic Communications Privacy Act Modernizing the Computer Fraud and Abuse Act Helping consumers and businesses manage how their information is collected and shared Addressing data access issues globally The move coincides with Microsoft’s recent efforts to offer cloud-based services not only for its consumer and corporate customers, but the government as well. Is your business ready for the cloud? What security and privacy policies do you have in place regarding your employees’ use of cloud-based services? Not sure? Contact us today to find out how we can help. Related links: Microsoft’s thoughts on cloud computing (microsoftontheissues.com) Challenges of cloud computing (techsling.com) Gartner: Seven cloud-computing security risks (infoworld.com)
SaaS has several characteristics that set it apart from other services: SaaS allows the access and use of commercially available software through a remote, network, or internet connection. This means that the software is not installed in the subscriber’s computer, but rather on the SaaS provider’s server. This also makes the software accessible to the subscriber regardless of his or her location. SaaS provides commercially available software, not custom made software, meaning that a particular software service is made available to multiple clients, so customization is limited to only what the software or SaaS provider allows. The SaaS provider shoulders the responsibility of updating the software, and subscribers can request updates, upgrades, and additional features. Regarding implementation, SaaS architecture is classified into four “maturity” levels based on factors such as configurability, multi-tenant efficiency, and scalability. Level 1 is the “ad-hoc/custom” level, in which a modified version of a particular piece of software is offered to subscribers, which is then run on the provider’s host server. This level is requires the lowest maintenance. The second level offers more customization and allows subscribers to configure the metadata of a program. This then allows a customized version of the same software, based on the needs of the subscriber. Multi-tenant efficiency is added to the third maturity level, which means that the SaaS servers are made more conducive for subscribers to use separate instances of a single application. The fourth and most “mature” SaaS architecture offers all four factors, with the service reaching optimum efficiency. Considering SaaS for your business? Let us help you sort through the details.