How safe is “the cloud”?
The trend in computers is to store all your files "in the cloud." That doesn't mean they're up in the sky; they're in a big hard drive somewhere. But that got me wondering: How secure is the cloud? Are we one good case of sunspots or an electromagnetic pulse away from losing it all?
All of it, no. But the situation is more complex than cloud promoters would have you believe.
One problem is the term “cloud.” It suggests that core computing resources — not just storage but also processors and communications infrastructure — reside in some unknowable realm, like Valhalla or the quantum foam. This is crap, as you know; the stuff lives on physical machinery. However, it’s not just “a big hard drive somewhere.” Rather, copies of your data presumably are distributed among multiple servers in widely separated locations, so no single disaster can destroy it or render it inaccessible.
But nothing in the usual definitions of cloud computing actually requires this. Rather, one abstraction — the cloud — is expressed in terms of other abstractions, such as “pooled resources,” “rapid elasticity” (meaning resources can be scaled up or down as needs change), and “measured service.” The metric cited most often is availability — the percentage of time the cloud is accessible. The higher the availability, the better. But it comes at a cost.
About that machinery. I once toured a data center, commonly known as a server farm. It was cool but spooky: a vast array of dimly lit server racks. No people, no activity except blinking LEDs, no sound but a faint whir.
The place was as impregnable as human ingenuity could make it — fingerprint scanners to gain entry, on-site generators to provide instant backup in the event of blackout. Still, somebody could nuke the place. The real security of the cloud is there are many server farms, and they can’t all go offline, can they?
Here we get back to availability. All some business types know about cloud computing is they should demand “five nines” availability — i.e., access to data, applications, etc. 99.999 percent of the time. This works out to downtime of about five minutes per year.
It’s possible to achieve this, or anyway get close. Amazon Web Services, currently the leading provider of cloud computing, offers a service level agreement (SLA) essentially guaranteeing your data will survive any catastrophe short of the end of the world. That means installing redundant instances of said data and related services on server farms around the globe, with 24/7 monitoring to spin up a new stack and copy everything over automatically if an old server starts to wobble.
But five nines is expensive, and for most businesses unnecessary. A cheaper option is 99.9 percent availability, in which redundant virtual servers are implemented on (say) three data centers scattered around Virginia.
This is riskier. In June 2009, lightning caused Amazon’s cloud computing service to go offline for four hours. That same year Rackspace had to issue customers around $3 million in service credits after a power outage took down its Dallas data center. In June 2012 a storm disrupted an Amazon data center in Virginia, knocking out Netflix, Instagram, Pinterest, and other sites for hours.
In these cases data wasn’t destroyed, just rendered temporarily inaccessible. But if all the data instances are in the same region, which is what many Amazon cloud customers wind up buying, they’re theoretically vulnerable to large-scale natural disasters and yes, even sunspots and electromagnetic pulse.
Other perils lurk. Since cloud computing is multi-tenant, there’s a nonzero chance somebody pulling down her data could get yours accidentally. You’ve got non-cloud-specific hazards such as hacking and Internet slowdowns. Or, commonly, an IT jamoke misconfigures something and . . . oops.
Am I warning you off the cloud? No, just trying to demystify it. Whatever the risk, the cloud is the only practical way to store data long term. Banks have downsides too, but nobody seriously thinks stashing cash in a mattress is better.
Bad things can happen to data: hard drives crash; laptops get stolen; backups are lost or become unreadable. That’s not all. Think of the storage technologies that have come and gone: punch cards and punched paper tape; Volkswagen-tire-sized platters for mainframe hard drives; half-inch magnetic tape and cassette tape; 8-, 5.25-, and 3.5-inch floppy disks; Bernoulli, Zip, and Jaz cartridges. Even CD-ROMs are starting to fade away. If you have vital data stored on one of these media but not the device to read it, you’re hosed.
The point is, data is fragile and the technology used to store it is ephemeral. You don’t want dealing with such things to be your problem, and the average person isn’t equipped to do so anyway. Better to turn your data over to experts who supposedly can make it safe and accessible. Does this have its risky aspects? Yup; so does giving your savings to an investment firm. Churchill famously said democracy was the worst form of government except all the others. Is it premature to talk that way about the cloud? Maybe, but that’s how it looks.