The Other Cloud Issue – Availability – And What You Can Do About It
“It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.”
Even as the world moves to the Cloud, concerns remain. While for most stakeholders, its security concerns that keep them awake at night, but for many, the bugbear is availability. While security on the cloud gets a lot of coverage in tech media, and deservedly so, availability, which I call “the other cloud issue”, should also be given equal importance. And this is a topic that should concern not only cloud providers, but consumers as well.
The reason behind this is clear from the quote above – non-availability or downtime, in addition to obvious lost business, affects the reputation of the brand which has far-reaching impact beyond the quarterly revenue figures. A year back I had written an article on a report that put a low figure of $71 million on cloud failures since 2007, where I had mentioned my skepticism about that number. Moreover, with the pace of cloud migration increasing by the day, this figure, if calculated today and covering all the shortcomings that the aforementioned report admittedly had, would be considerably higher, in my opinion.
Now, cloud computing, with its inherent distributed nature, does offer redundancy against isolated incidents like earthquakes or solitary intrusions. However, what about an attack that can target the entire cloud network of an organization at once? Unfortunately, such an attack exists, and it’s called Distributed Denial of Service (DDoS). If you’ve been following the news, you must have read about the Internet vigilante (or activist, depending on your point of view) group Anonymous. One of their main weapons is DDoS through which they have managed to shut down several supposedly secure services like PayPal, MasterCard and Visa.
DDoS is a very real threat, and perhaps more so in the cloud. As this white paper tells us, “Due to the multi-tenant nature of these environments, DDoS attacks can have a cascading impact on, not only the targeted customer, but others within the shared infrastructure, not to mention the impact on the service providers themselves.”
The paper, titled Arbor Networks Enables DDoS Protection for Cloud Service and Hosting Providers, provides an overview of the latest DDoS attack trends, and offers examples of how cloud service and hosting providers can protect their data centers from DDoS attacks. Customers (and prospective customers) of such cloud service providers will also find this a knowledgeable read, educating them to ask the right questions.
In conclusion, I would like to reproduce a paragraph from my earlier article:
There’s another interesting set of numbers in this report – “cloud service availability show an average of 7:5 hours unavailable per year, or 99:9% availability.” The report pointedly states that not only is this figure a far cry from “the expected reliability of mission critical system (99:999%),” it compares very unfavorably with the availability of electricity (less than 15 minutes of downtime in a modern capital city), a utility cloud computing is often compared with.
As you can see, there’s a lot to be done. The white paper can give some useful pointers. Download it for free here
By Sourya Biswas