If a business loses a local back-up and needs to get another copy of their hosted files, any delay can be potentially threatening to profits. These experts say ensuring you know how quickly you can receive another copy of your files is crucial in choosing your hosting provider.
Ovum research director Steve Hodgkinson says you need to remember that whatever experience you have with your provider affects customers as well. “Your customers that are running on your services need to be given careful attention,” he says.
“Think about the mechanisms for getting data back. What are the timeframes of that? And it may not necessarily be about just your data. It could be about your transaction logs and system metadata that you need to get back in order to replicate your service.”
There’s another problem. Even if businesses can get their data back, there’s no guarantee that you’ll actually get it in a readable format. Karabardak says businesses need to make sure that when they actually retrieve their files, they’ll be easy to access.
“You really need to look at whether the data you are retrieving is in an encrypted format or not. The accessibility of the data can be a problem, and there are a whole lot of questions that need to be asked about that.”
But there’s another issue here as well. While many businesses are now viewing the cloud market as more of an opportunity, many are ignoring the risks. You only have to look at the past few months to see issues that have arisen from a failure to encrypt data in the Sony and Lush online store hackings.
Cocoon Data founder and chief executive Trent Telford says it is imperative that businesses start looking at how they can not only retrieve data that is encrypted, but how they should be making sure it is encrypted while stored on third party severs.
“The biggest issue with moving to the cloud is security, because at the moment it’s all within the organisation and businesses feel safe and comfortable with that.”
“You need to make sure there is no honey pot. Don’t put your data all in one place, and encrypt it. Make sure that data is protected.”
Experts also say you should make sure that your data is distributed across several different providers, so if a hacker manages to access one piece of the puzzle, they won’t be able to attack your entire infrastructure.
“Break up your responsibilities,” says Telford. “Keep some data in cloud A, and some in cloud B. If one part gets hacked, they have to get the others before they have access to anything interesting.”
When Distribute.IT was hacked earlier this year, many customers complained to SmartCompany and on the Whirlpool forums they were losing business because the hack had totally wiped out their clients’ websites. However, others said the hack – while unfortunate – was only a bump in the road and service to users was able to continue.
Backing up your data is crucial, not only for your own state of mind but for your customers’. If you aren’t able to keep multiple copies of databases and customer information, then one hack is all it will take to wipe everything out. And these hackers are indiscriminately targeting SMEs, so don’t think you’re immune.
Steve Hodgkinson says your need to think of a contract with a data centre as a marriage contract. “You still need to have your own prenuptial agreement,” he says.
“You really need to have a service agreement in place, because the problem with cloud computing is that even if everything goes out, it’s not just you who’s affected – it affects your entire set of customers.”
“Before you go into that cloud agreement, you need to give careful attention to your service levels and backups. You need to have a worst-case scenario in place about how you’re going to get data back.”
Finally, these experts say it is imperative that you speak to legal counsel before you sign an agreement in order to ensure you’re getting the best deal possible. Going over an agreement yourself may result in you missing some elements of your contact that could wind you up in trouble.
Ghosh says it is imperative that businesses at least have their contract given a once-over by a lawyer.
“They need to get legal advice. I always say this is more of a contractual transformation in the industry than a technical one.”
Steve Hodgkinson says you may not have recourse against a particular third party if your data goes down, so it’s crucial that you go through your agreement beforehand and identify any liabilities, or areas where your provider is claiming some particular freedom.
“If you think of a cloud service like a utility, when your electricity goes out you don’t immediately run to the company and accuse them of non-compliance. It’s really buyer beware.”
“You need to know that things fail, and you need to have practical strategies to deal with that. And you need to make sure that your contacts and service agreements account for that as well. Make sure you do your due diligence before you sign up, or you could get into trouble.”
Patrick Stafford is a freelance journalist and a former deputy editor of SmartCompany.
