Forgot your password?
typodupeerror
Cloud Data Storage Hardware

What Happens To Data When a Cloud Provider Dies? 262

Posted by CmdrTaco
from the up-in-smoke dept.
Lucas123 writes "When cloud storage providers shut down, as four have done in the past year, users are left wondering how they'll get their data back and whether they'll be able to migrate it directly to a new service provider. More importantly, analysts say, what guarantees do they have that the data stored offsite will be deleted after the shutdown. Currently, there is no direct way to migrate data to another provider, and there are no government rules or regulations specific to data managed by cloud storage providers."
This discussion has been archived. No new comments can be posted.

What Happens To Data When a Cloud Provider Dies?

Comments Filter:
  • by Nerdfest (867930) on Tuesday April 26, 2011 @10:31AM (#35941898)
    Does it dream?
  • by Anonymous Coward on Tuesday April 26, 2011 @10:33AM (#35941922)

    As if people weren't losing any data when "the cloud" was called "shared hosting".

    • by russlar (1122455) on Tuesday April 26, 2011 @10:51AM (#35942186)
      really. the cloud is just a new name on an old concept, that's become viable because bandwidth is cheaper than in the past.
      • Re:MOD PARENT UP (Score:3, Insightful)

        by mcavic (2007672) on Tuesday April 26, 2011 @11:54AM (#35942990)

        the cloud is just a new name on an old concept

        Pretty much. And the increased visibility means it's now being used by people who don't understand the need for a backup.

        • by somersault (912633) on Tuesday April 26, 2011 @12:06PM (#35943136) Homepage Journal

          Or people who do understand the need for backup, and use this as a convenient way to do so. As long as you're not just storing the files on a solitary machine and the "cloud", it seems like a pretty nice backup system to me. Something like Dropbox or Ubuntu one is a nice way to keep working areas in synch on different machines. With stuff stuff like code for work I tend to keep it off of these services and back it up onto work's servers, but not much of what I have is that important.

    • Migration (Score:4, Informative)

      by sourcerror (1718066) on Tuesday April 26, 2011 @11:04AM (#35942364)

      On shared hosting you can migrate from one service provider to the other without major pain, because there are a lot of providers offering LAMP/J2EE/ASP.net etc.
      In the case of the cloud, you depend on the cloud APIs which aren't standardized and because cloud servers aren't a commodity. You can't migrate from Amazon cloud to Microsoft cloud without writing your own abstraction layer on top of proprietary cloud APIs.

      • by bberens (965711) on Tuesday April 26, 2011 @11:12AM (#35942464)
        If you're not writing your own abstraction layer on top of the proprietary cloud APIs you're doing it wrong. Also some of the cloud solutions (like Google's) use JPA as the interface which should translate nicely for many users to an alternative data store.
      • Re:Migration (Score:3, Insightful)

        by Anonymous Coward on Tuesday April 26, 2011 @11:19AM (#35942564)

        Meh apis blah blah. When the shared hosting was at its peak during the second dot-com boom, you had at least several flavors of unix, several versions of apache with minor api differences, various databases with various options compiled or not compiled in, gd with or without gif support, and don't even start me on the php or perl module availability. Migration was as much a nightmare then, as it is now.

        And the "big issue" was the same then as now -- in the end, the data is the responsibility of the entity that needs it most. It is a safe assumption that no one else will care about your data but yourself. It is also a given that the SLA will have a liability limitation that will top at what you have actually paid.

        The rest is just bullshit and sensationalism.

  • Well... (Score:5, Insightful)

    by MightyMartian (840721) on Tuesday April 26, 2011 @10:33AM (#35941926) Journal

    You take your chances if your hosting your data somewhere outside of your control. Unfortunately, when any company goes broke, customer concerns tend to go out the window as the major creditors swoop in to grab what value they can.

    • Re:Well... (Score:4, Insightful)

      by Pieroxy (222434) on Tuesday April 26, 2011 @10:37AM (#35941978) Homepage

      Right on spot. If you give your data away, you give your data away. It is not yours anymore. What the providers guarantees while online dies with the company as people are busy updating their resumes. Whatever means you may have to get to them (legal for example) is usually moot as well since the company is no more.

      What you have on YOUR hard drive, on YOUR dvds, YOUR tapes is in YOUR control. Note that it is not necessarily better.

    • by Joce640k (829181) on Tuesday April 26, 2011 @10:41AM (#35942040) Homepage

      Anybody who didn't think of these things before signing up was Doing It Wrong.

    • Re:Well... (Score:5, Informative)

      by mlts (1038732) * on Tuesday April 26, 2011 @11:44AM (#35942866)

      Don't forget that all SLAs, privacy agreements, and other items are not worth the paper they are printed in come a liquidation. We all heard the adage that possession is 9/10s of the law. It applies here too.

      After a bankruptcy, the new holders of the servers can do anything they please with the data on the boxes. PII data about bank accounts and HR records? It can be put as a torrent for all to download, sold to a firm offshore for ID theft, sold to advertisers. There is not one single thing anyone can do about it, provided there is no confidential or classified data present. Trade secret? By law, it isn't a trade secret anymore.

      One of the downsides of cloud computing is that all data, be it E-mails on a cloud system, offsite storage, or applications in house can easily be made public to sell to all comers should a cloud provider go bankrupt or change hands. No amount of paperwork can ever go to assure against that.

      Only real protection? Encryption, with keys stored with the client, and ONLY with the client. Even then, it still isn't good for cyphertext data to be made public for all and sundry to try to figure out the contents.

      • by MightyMartian (840721) on Tuesday April 26, 2011 @11:51AM (#35942956) Journal

        This really identifies an area where there needs to be a legislative solution to the problem. At the moment, your offsite provider goes bankrupt, any remedies you have are going to be expensive and hit-and-miss. There needs to be some law created around this to assure that when a company goes down, the data remains firmly the property of the user.

      • by Golddess (1361003) on Tuesday April 26, 2011 @01:21PM (#35944014)

        After a bankruptcy, the new holders of the servers can do anything they please with the data on the boxes.

        You mean like how when a physical storage place goes bankrupt?

      • by TheRaven64 (641858) on Tuesday April 26, 2011 @01:23PM (#35944040) Journal
        Only in the USA. In the EU, doing that would be a massive violation of various data protection directives. If the liquidators didn't blank the drives before letting anyone else touch them, then they'd be liable for massive fines in the UK and the rest of the EU. These same laws make using a US-based host a tricky legal proposition for a lot of EU-based companies, although a lot seem to do it anyway and just wait to be sued if anyone notices...
      • by Dogtanian (588974) on Tuesday April 26, 2011 @07:04PM (#35947872) Homepage
        Ob.-disclaimer: I don't live in the US, and IANAL- but unless I see clear evidence that you are too, you'll excuse my scepticism...

        After a bankruptcy, the new holders of the servers can do anything they please with the data on the boxes.

        I'm going to say "[citation needed]" here, because it damn well is(!). Even though AFAIK the US is generally more laissez faire and less strict with info in general than the EU- where, as the other poster mentioned, they'd get smacked into a pulp for doing anything approaching what you describe- I'm still not remotely convinced that any new owners would be legally permitted to sell bank account details, HR records et al with no comeback, simply because they happened to have got their hands on some old hard drives that had that info on them.

        The info doesn't belong to the liquidated company, but to the company that had hired that company's services. I don't know the legal position with respect to such info, but I'd be damn surprised if it was okay to sell it.

        Trade secret? By law, it isn't a trade secret anymore.

        "By law?" Are you sure? And if you're implying that it wouldn't be a trade secret because it was leaked (and we accept that what you're saying is true), would this make the original *cause* of that leak- i.e. random-new-owner-of-the-server-hard-drives releasing it, possibly for money- legal?

        One of the downsides of cloud computing is that all data [..] can easily be made public to sell to all comers should a cloud provider go bankrupt or change hands. No amount of paperwork can ever go to assure against that.

        No paperwork can protect against leaking in the process of a sell-off, or stop someone selling it off, even if it's illegal, so that should be borne in mind. However, the main thrust of your argument, that activity like this *wouldn't* be illegal- is more questionable.

        I'm not saying that you're definitely wrong, just that I'm not taking what you're saying on trust... and also that I'd be pretty shocked if it were true(!)

    • by rpdillon (715137) on Tuesday April 26, 2011 @11:45AM (#35942872) Homepage
      And, you take your chances if you're hosting it somewhere within your control. I mean, I get the whole "my data, my drives" concept, but I have seen exactly zero evidence that clouds have less downtime than internal solutions. And, if the cloud is the only place you have your data, well, that's just as bad as storing it in any other single place.
      • by MightyMartian (840721) on Tuesday April 26, 2011 @11:49AM (#35942940) Journal

        That all may be, but at least when you have the data in hand, you know what's happening to it. If a cloud provider goes down the tubes, even if you have backups (which, as you say, you should) you still can't guarantee what will happen to that data. Will it be erased? Will it be warehoused? Will it end up being someone's unofficial severance package?

  • Risk Reward... (Score:5, Insightful)

    by BoRegardless (721219) on Tuesday April 26, 2011 @10:34AM (#35941940)

    A cloud based form of backup or duplicates can only be one leg of a system to protect data. Gotta have at least 3 legs to stand on.

    The reminder that 4 services closed in one year is fair warning.

  • by cozzbp (1845636) on Tuesday April 26, 2011 @10:35AM (#35941950)

    there are no government rules or regulations specific to data managed by cloud storage providers.

    While there is most likely a solution to this problem, it does not lie in government regulation.

    • by wjousts (1529427) on Tuesday April 26, 2011 @10:55AM (#35942236)
      Actually, I'd say when a company collapses, government regulation is the only way customers (and investors and creditors) are going to have any hope of protection. That's why we have bankruptcy laws in the first place. The free market can't regulate a company that has collapsed, it has nothing to lose. What's going to happen? Another company is going to out compete it at collapsing?
    • Re:Hmm... (Score:4, Insightful)

      by jedidiah (1196) on Tuesday April 26, 2011 @10:57AM (#35942268) Homepage

      That information is my personal property.

      It is the government that usually sorts out property issues (and contract issues). There is a VERY long history of this.

      Sorry to rain on your psuedo-libertarianism parade but the government is exactly the right entity to help sort this out. This is a simple property issue.

      • by MBGMorden (803437) on Tuesday April 26, 2011 @11:17AM (#35942530)

        Most opinions on Slashdot tend to skew towards information not being "property" at all. It's a bunch of bits. A cloud storage provider is simply a storage device, and like all storage devices it CAN fail. You need to plan for that possibility and have a contingency plan in place. If you are so naive as to place your data solely onto one of these services then if it fails you're SOL.

        Instead, use them as a supplement to your other backups. I use Dropbox pretty extensively myself, but if it goes under I'll just switch to another provider, as my data is still on my drives too and still gets copied to DVDs fairly regularly .

      • by 0123456 (636235) on Tuesday April 26, 2011 @11:30AM (#35942716)

        Sorry to rain on your psuedo-libertarianism parade but the government is exactly the right entity to help sort this out. This is a simple property issue.

        If you lend your car to Joe Bob Inc and then the company goes bust, what do you think will happen? Hint: they won't drive it back to your house and give you the keys.

        I remember when a company I worked for years ago in London went bust with large debts, the bailiffs took away all kinds of hardware that was on loan from various companies and they then had to try to get their property back. Why do you expect data to be any different?

    • by slick7 (1703596) on Tuesday April 26, 2011 @11:19AM (#35942552)

      there are no government rules or regulations specific to data managed by cloud storage providers.

      While there is most likely a solution to this problem, it does not lie in government regulation.

      That's what the airline industry said, same goes for the bankster industry, as well as the oil industry, oh, and don't forget the utility industry and commercialized penal system.
      And last but not least, an unregulated government. The voters should demand a balanced budget, term limits, reasonable campaign funding, accountability of office-holders, the outlawing of corporate special interest groups, a re-affirmation of the separation of church and state and a separation of business and state.

    • by gutnor (872759) on Tuesday April 26, 2011 @11:25AM (#35942666)
      Actually that's exactly what government should be there for. The government is not there to pour cash on some failing business model or rain missiles on another one uncooperative business partner - it should put regulation in place so that the business can be left to die. Proper regulation opens the market.

      Of course, that would require a government that regulates for the good of its citizen rather than the corporations. Cloud market is still young, there is some hope that good regulation can be passed.

  • by sheepofblue (1106227) on Tuesday April 26, 2011 @10:36AM (#35941972)

    The cloud has immense uses but "trust me" is not something you ever want to here from the government or a company. Anyone that puts there assets out in the ether with no alternate location is asking for trouble.

  • by oztiks (921504) on Tuesday April 26, 2011 @10:39AM (#35942004)

    Oh Slashdot, this is not news. IT lawyers have been addressing this for ages. If the SPA doesn't have clauses in place to protect customer data, simple, dont go with them.

    The bigger concern is where the data is storred and who's viewing the data. Any buyer out there who is looking at Cloud must ask all these questions before signing up.

    If you pay peanuts you get monkies, I think that sums this up!

  • by dmomo (256005) on Tuesday April 26, 2011 @10:42AM (#35942054) Homepage

    I'd think these issues are general so far as storing your data "anywhere but here" is concerned.

  • by Scareduck (177470) on Tuesday April 26, 2011 @10:42AM (#35942056) Homepage Journal
    The Cloud is a great deal for the provider, and a terrible deal for the customer. No data security, and no guarantees in case of a catastrophic provider failure.
  • by l0ungeb0y (442022) on Tuesday April 26, 2011 @10:43AM (#35942068) Homepage Journal

    Storage is cheap. Just get something like a dRobo, throw some barracuda HDs in it and you have a multi-terabyte raid array.
    Just SCP your files down the net into the black box and you're all set. Question is, why aren't you doing this already?
    Just leaving your files up on your host and NOT backing up to local storage is classic dumbfuckery.

    For databases, most cloud users use MySQL anyway, so just use the admin tool to back up and replicate to a local server. Don't have a suitable machine for a local server? Get a mac-mini, they are rather inexpensive and come with MySQL5 pre-installed and configurable through Apple's server admin interface.

    • by LordLimecat (1103839) on Tuesday April 26, 2011 @11:16AM (#35942520)

      General idea seems good, but I dont really understand the fascination with drobos for anyone who does any kind of serious IT work. A freenas box with a proper hardware RAID card can be had (sans drives) for about half the price of an equivalent (sans drives) drobo, is faster, supports ZFS, and has built in Unison | Rsync | ftp.... etc. It also doesnt use some poorly documented "kind-of RAID".

      Why would I want a drobo?

      • by LWATCDR (28044) on Tuesday April 26, 2011 @11:38AM (#35942784) Homepage Journal

        Did freenas fix the ZFS performance issues? And why would you want a hardware raid? If you controller dies you will have to get a compatable replacement to rebuild the array. Also might I suggest Openfiler as also worth looking at.
        Oh and this would IMHO make a nice NAS http://www.newegg.com/Product/Product.aspx?Item=N82E16813182234 [newegg.com]

        You get 6 sata ports 2 x 1000Mbit network ports plus it uses VGA and PS/2 so KVMs are cheap and easy with this. It even has a serial port if you need it. Put FreeNas on a USB drive and you have a crap load of storage with this. Or use the PCI slot to add more SATA ports and really increase you storage space. If they just made a 1 U case that could fit an mini itx and 6 drivers.

        • by 0123456 (636235) on Tuesday April 26, 2011 @11:43AM (#35942850)

          And why would you want a hardware raid? If you controller dies you will have to get a compatable replacement to rebuild the array.

          Battery backed cache. And with mirroring you should be able to mount the drives directly if you can't find a replacement controller... with RAID5 you're probably screwed, but if you're using RAID5 you presumably don't much care about your data anyway.

          • by LWATCDR (28044) on Tuesday April 26, 2011 @12:20PM (#35943290) Homepage Journal

            I was thinking RAID 6 but yes if you are just doing mirroring you will be good. As to battery backed cache yes but only for a high end system other wise I would consider the UPS as the battery backup for the cache. If you are going to go with a battery backup cache then I would also go with redundant power supplies and dual independent UPSs but then you are in a way different category than a DROBO IMHO. Again it all depends on what you want to pay for. If I could get way with it I would use a RAID 6 where I work with a hot standby and once every 3 months swap out one of the datadrives put the spare into service and swap in a new spare drive. Thse days drives are cheap and data is expensive.

    • by rgviza (1303161) on Tuesday April 26, 2011 @11:48AM (#35942906)

      more important than "here" and "there" multiple backups is offline storage. Keeping your data backed up to a share (onsite or offsite) only helps until one of your employees decides to go bonkers and delete the live data _and_ backups on your network to really fuck the company. If you have an up to date tape locked up in a safe somewhere you can still get your data back in this scenario. If you are only backing up to SANs and an employee does this you are truly fucked.

      The most dangerous (and most often overlooked) threat to your data is a malicious rogue employee.

      The only protection from this is physically secured offline storage media which is updated/offloaded daily.

  • by MagikSlinger (259969) on Tuesday April 26, 2011 @10:43AM (#35942072) Homepage Journal

    Dear Cloud entrepreneurs and VC's:

    If you are wondering why businesses aren't trampling themselves to go to a public cloud, here is half your answer. The other half was the Amazon outage. A CIO does not like depending on an outside company for his uptime metric. He wants total control. If there is an outage, he wants HIS people on it reporting to HIM. He doesn't want to go back to the CEO, "the cloud provider is working on it and there is nothing I can do to make it go faster."

    If clouds happen, it will mostly be private clouds under the company's control. Sure it may not have as high uptime or be more expensive, but at least it's under their control. You surrender control going to an external cloud.

    • by codepunk (167897) on Tuesday April 26, 2011 @10:57AM (#35942256)

      Running in the cloud has the same implications of running any other successful IT operation. The organizations that experienced long term outages during the amazon issue had no failover or disaster plan.

      • Running in the cloud has the same implications of running any other successful IT operation. The organizations that experienced long term outages during the amazon issue had no failover or disaster plan.

        But how many times has "the cloud" been pushed as taking care of that stuff for you and that it couldn't possibly have outages? Move to the cloud! It'll take care of all that pesky need for disaster planning, redundancy, fail over and backups across its multiple datacenters! Can you afford our complex infrastructure? No? Then you must suck and need the cloud to succeed! Yet it failed in exactly the way they said it wouldn't.

        Meanwhile, I've seen colocated servers doing fancy stuff and running things like DRBD have far better uptime than "the cloud" (although I guess a bunch of colo servers running DRBD or other clustering would be called "private cloud" now). Even my nothing special colo'd Atom server for personal stuff still works better.

    • by LWATCDR (28044) on Tuesday April 26, 2011 @11:45AM (#35942888) Homepage Journal

      Please yes they really are. The problem is that people are taking the wrong lesson from this.
      1. Machines fail.
      2. Don't expect things to not fail.
      3. Don't be stupid.

      NetFlix did not go down. Amazon did not go down. Both use E2C. Foursquare and Redit went down. So what was different?
      Simple NetFlix used E2C to build a distributed system with redundant nodes. Foursquare and other did not.
      Just like every other discussion where people talk out their but about how distributed systems are more reliable they failed to understand that you must plan very carefully and plane to build reliable distributed systems. Otherwise you create a systems with many points of failure and little control.

  • by gstoddart (321705) on Tuesday April 26, 2011 @10:45AM (#35942092) Homepage

    Once your data is in the cloud, you don't really control it anymore. And, some of the TOS for these things more or less say "we get to keep it and use it if we want to".

    The fact that these fold an go under is hardly surprising ... and I bet the legal status of your data is a little bit murky if the assets get sold off to someone else.

    The cloud has always seemed a little bit sketchy in some places ... both because it's poorly defined, and what's to say your data doesn't end up in a country with rather liberal "all your data are belong to us" laws?

  • by lavagolemking (1352431) on Tuesday April 26, 2011 @10:46AM (#35942108)
    It rains down your data, everywhere.
  • by epp_b (944299) on Tuesday April 26, 2011 @10:57AM (#35942260)
    Until we have the utopia that is our phones as our primary computers that can be used on the go and then seamlessly transition to desktop use with keyboards and monitors, storing data locally, planning ahead and synchronizing what you need will continue to be the way you should manage your data. Cloud services should be a last resort backup ONLY.

    What is the draw to cloud services anyway? Access to your data from anywhere?

    You can get 12" laptops with 500gb hard drives and decently-sized keyboards. Use standby instead of shutting down and you have pactically-instant startup and still lots of battery life

    Heck, most people need little more than Facebook, email and a place to store pictures. Any smartphone can do that.
  • by obarthelemy (160321) on Tuesday April 26, 2011 @10:58AM (#35942280)

    Hopefully semi-serious customers do have in-house backups, and semi-serious providers do give a bit of warning before pulling the plug ?

    That's a lot of effort and money down the drain for users, in any case.

    • by jimicus (737525) on Tuesday April 26, 2011 @12:07PM (#35943152)

      Depending on the circumstances surrounding their closure, not necessarily.

      A lot depends on how business law in the country where they're based. In the UK, for instance, once a company enters administration, the directors are all sacked and administrators come in to run the business while looking for some way of disposing of it.

      This means that no matter what guarantees you were given about the safety and availability of your data, those guarantees are out of the window the minute the administrators are called in. If you are very lucky, they'll keep everything running while looking for a buyer for the company as a whole - or at least for long enough for you to migrate off. If you are fantastically lucky, the buyer will keep the system running either in the long term or as long as it takes for them to transition you to something else.

      Knowing this, you might wonder why anyone in their right mind would ever use a cloud-based system?

      The answer is simple: Most businesses are already so thoroughly co-dependent on other businesses that they're basically screwed if specific others collapse. Adding another to the house of cards supporting your business is really not the end of the world. Furthermore, if you take any major cloud provider, all their customers have value. Most business would expect that their provider could find a buyer if they hit difficulty.

      Of course that's not guaranteed, so the sensible thing is to make sure you've got a plan B if the worst happens. Easy enough when the cloud provider is just handling the OS, databases and storage (eg. Amazon EC2), rather more awkward when it's a SaaS provider (eg. Google Apps, Salesforce.com).

  • by DutchUncle (826473) on Tuesday April 26, 2011 @11:05AM (#35942378)
    Note I didn't say "is", I said "should be". And we should NOT be creating new and distinct laws, beyond maybe a new law saying "This should be treated under the old law for safe deposit boxes". The problem has already existed for safe deposit boxes, post-office boxes, non-post-office boxes (like the former MailBoxesEtc). If a particular bank branch is closed (or moved), there is a whole protocol for notifying box holders and handling things if people don't show up in time.

    That said, I agree with other posters that if it's not already in your contract, you made a mistake putting your data there in the first place; and even if it is, you may find that bankruptcy court considers the data the server's because it's on their computers, or considers the data of no monetary value and just sells off the hardware. I also agree that I would not use abstract cloud services for sensitive data. Remote hosting, or remote co-location, where I own a specific machine in a secure location, is a different story (I hope).
  • by 140Mandak262Jamuna (970587) on Tuesday April 26, 2011 @11:09AM (#35942428) Journal
    What happens when the furniture store goes out of business, ok ok it does every Presidents day, so let me pick another example. What happens when the office supply store or the new italian restaurant opened by the very optimistic young couple goes out of business? Some liquidator gets all the "assets" and sells them off. So your data will be owned by liquidator and sold off to the highest bidder.

    There could be legal agreements between you and the provider that prevents the provider from selling it. But the liquidator could be acting as an agent to some creditor, who might not have all the incentives to be nice to you. So you put it on the cloud. Make sure it is not something that will embarrass you if it becomes public, something that will not cause you damage if it ends up in Nigeria.

  • by Kaz Kylheku (1484) on Tuesday April 26, 2011 @11:13AM (#35942476) Homepage

    The cloud's purpose is to serve your data without using your local pipe.

    You should maintain the main copy of that data yourself.

  • by Monoman (8745) on Tuesday April 26, 2011 @11:14AM (#35942496) Homepage

    How is this different than have your data stored in any single location?

    * Stand alone system w/o backups: lose the system, lose the data.
    * Stand alone system w/ backups in the same facility. lose the facility, lose the data.

    Anyone that puts all of their eggs in a single basket without understanding the scope of the decision probably shouldn't be making those decisions. A proper risk analysis will weigh the risks, the costs, and the benefits.

  • by Crash Culligan (227354) on Tuesday April 26, 2011 @11:20AM (#35942570) Journal

    I had an idea which I thought at the time was novel. I haven't worked out all the kinks in it yet, but if it could be made to work, I think it could be awesome.

    It starts with a home server, web-facing and firewalled against casual intrusion. You keep your data on that in some standard configuration which lets outside companies tap into and add value to the data of everyone who registers their servers with that company.

    Example: Photo-sharing on a social network. You'd have your pictures on your home computer in a given format that the outside system could read. You'd register your server with flickronlylessskeezy.com, and users on that system could see your pictures, comment on them, etc. The second logical step would be to register your home server to hold the lists of friends and comments.

    Advantages: The data would stay on your computer. You control who does and doesn't access it by registering and deregistering outside services and controlling privileges, and if the service goes down, all that's lost is an accessor method; your data is still in your control. And if some organization decides they absolutely need to take down some incriminating or inconvenient data, an attack on a single server will take care of it without damaging the service for everyone else (beyond not seeing that special data).

    Disadvantages: It does require either static IP addresses or tracking back through dynamic IPs, and more than a little computer knowledge on the part of the user, including database management, although with some very specialized software, there might be ways to make this user-friendly. It would also benefit greatly from decent connection speeds and ISPs who don't throttle "power users" (which right now is damn near none of them). And some companies which get in on this might want to stifle competition by using non-standard or proprietary data formats, which means if the service goes down your data is stuck in a black box which you can't open.

    ...

    Well, once those problems are cleared, anyway, I think it could work. Thoughts?

  • Answer: TBD (Score:4, Insightful)

    by ErichTheRed (39327) on Tuesday April 26, 2011 @11:21AM (#35942586)

    In my experience, non-IT companies are falling all over themselves to move to (at the very least) hosted IT services. The true answer to this question will come out when the first major provider flames out. Think about this with a cynical eye towards the situation. CIOs and other decision makers are under immense pressure to cut costs, especially in companies where IT is not seen as a strategic investment. For every software company or non-IT company that uses IT to its advantage, there are 10x as many who use IT for file/print/email only, and see it as a cost like paying the janitor and building staff to keep the place running. Cloud providers win business by doing a shiny PowerPoint with animated graphics showing all those power-eating servers and local IT staff fading into "the cloud." At the same time, they promise the ability to get rid of your IT staff and replace the current IT spend with a monthly charge that can be completely written off as an operational expense. MBAs are seemingly taught on Day 1 that human resources are a necessary evil to be minimized, and that operational expenses are preferable to fixed asset spending. Therefore, this PowerPoint resonates with them and the decision is made.

    The problems come behind the PowerPoint. Every IT problem the business had before now becomes the provider's problem, including data storage/retention, bandwidth issues, server provisioning and all that stuff. How well does it work out? Everything depends on the competence of your provider. Even with ironclad SLAs in place, (a) Really Bad Stuff can still happen that makes them null and void, and (b) SLAs are only a piece of paper guaranteeing you free service or a payment in the event of an outage.

    Any business considering The Cloud needs to think of the following:

    • Do I trust my provider to handle my data? Is there anything so proprietary that I wouldn't mind having exposed on the Internet by a disgruntled cloud provider employee?
    • How much does it actually cost me to be down for X minutes? Am I willing to pay to have the provider properly architect the solution to work around this or am I willing to eat that much money? Is any SLA they can provide me going to compensate me for the full losses that downtime generates?
    • The Cloud can also be achieved locally through server consolidation, investing in more flexible network infrastructure and increasing internal operations efficiency. Would I be more comfortable doing that?

    (If this sounds like the list of questions to ask when considering an outsourcing agreement, it is. Cloud is just IT outsourcing without a directly accountable staff at the provider.) Businesses who want data integrity and decent service need to realize that they have to pay for it, just like they do in a traditional outsourcing/hosting scenario. If a CIO chooses to go with the equivalent of GMail for their internal messaging, just 'cause it was cheaper than the fully-hosted, DR'd, off-site backed up, SOX-compliant managed email service, then they deserve what they get.

    • Cloud providers win business by doing a shiny PowerPoint with animated graphics showing all those ...The problems come behind the PowerPoint ..

      But between the powerpoint and the emergence of the problems, there are bonuses for the top management. The gang has shown the powerpoint to the board and have already awarded themselves fat bonuses and have already left camp looking for their next chump. The board also does not care too much, they get paid, what 100K for six meetings in a year? and the free use of corporate guest houses, jet, club memberships and special boxes in the stadia...

      The stock traders don't care either. They buy before the conference call, wait for the "guidance" from the CEO and sell a day after the call.

      So who pays? The ultimate chump is the small investor and the taxpayers. The big investors would be bailed by the government.

  • by Lumpy (12016) on Tuesday April 26, 2011 @11:23AM (#35942626) Homepage

    IT get's sold on the server's hard drives on ebay or at the Liquidation auction.

    I have a friend that has a large chunk of the "pets.com" database from the old server he bought years ago.

  • by darthwader (130012) on Tuesday April 26, 2011 @11:30AM (#35942724) Homepage

    This video illustrates the problem with SLAs: http://www.youtube.com/watch?v=2RabecxZKmU [youtube.com] (probably safe for work, depending on how long you watch the clip for -- stop watching after the promise to be safe).

    Vendors want customers, and will do anything or say anything to get them. Especially vendors will promise something if making the promise will get them what they want, and there is absolutely no disadvantage to breaking the promise. Any customers who believe a promise that cannot possibly be kept are fools.

  • by hawguy (1600213) on Tuesday April 26, 2011 @11:34AM (#35942762)

    That's why I like Amazon EC2 - my "cloud" servers are Linux instances running in their cloud, and I can easily mirror the data to my own servers. While I use their cloud API to start/stop/provision servers, I'm not dependent on of their API's to host my application. If Amazon went away, I could have my servers up and running at another provider overnight. (I do take full advantage of Amazon's multi-region instances, so I wasn't affected by their East Coast problems.)

    Fortunately, I don't have terabytes of data locked aways in S3 - my database is a few GB so it's easy and cheap to mirror it to my own servers.

    I'd never host an app on Google's App Engine API - I'd never be able to migrate to another provide if Google changed their service offering to something I didn't like.

  • by ToxIk_Waste (1019424) on Tuesday April 26, 2011 @11:45AM (#35942884)
    family guy reference [youtube.com]
  • by NicknamesAreStupid (1040118) on Tuesday April 26, 2011 @11:49AM (#35942938)
    Co-Op Datacenters. Instead of Rackspace or Amazon, customers buy a piece of the datacenter, just like a co-op. It can still be run by Amazon or Rackspace, but the financial risk is spread across its customer base. Additionally, Amazon or Microsoft or Rackspace no longer has to carry the assets on their books. Hence, better operating margins. Win-win.
  • by MarkvW (1037596) on Tuesday April 26, 2011 @12:03PM (#35943106)

    Read the contract carefully. Providers generally exclude themselves for all liability in the contract that they post on the Internet.

    But there is one big time bomb in those cloud storage contracts that nobody talks about: The contracts often impose a "duty to defend" upon the customer. That particular little bedbug means that if a person sues the provider over the data you store on their site, that you have a duty to defend the provider. That means you pay for all the provider's lawyer, expert, and court costs. The person suing the provider may have a bullshit case, but you will still have a duty to pay for the provider's defense. The language is often written extremely broadly.

    Do you want to sign up for an indeterminate liability amount for a provider that you don't really know?

  • by Zaphod-AVA (471116) on Tuesday April 26, 2011 @12:22PM (#35943318)

    I'm not convinced at all this type of service needs government regulation. Data recovery and destruction policies should be part of the contract with the company, and existing contract law can deal with any problems. If you chose a service that didn't have good recovery and destruction policies, that is a poor choice on your part.

  • by ThatsNotPudding (1045640) on Tuesday April 26, 2011 @01:17PM (#35943944)
    All Bits Go To Heaven.

"A great many people think they are thinking when they are merely rearranging their prejudices." -- William James

Working...