Before we all get carried away and pick on Cloud Storage as a specific target; perhaps we should sit back and think. It is not Cloud Storage; it is the Public Cloud which is the problem; the most visible failures have been storage related, but let's be honest; without storage, you don't have a Cloud Environment.
Cloud providers of Storage, Compute etc need to be held up to the highest standards of availability. You would not outsource your computing environment to Accenture, Cap Gemini, IBM etc without doing your due diligence, or perhaps you would?
Actually, I can think of many cases where people have outsourced various key parts of their business without due diligence; web-hosting for example, lots of SMBs have hosted their websites on random web-hosting companies with very little in the way of investigation. We have simply got into the habit of trusting people and we have accepted the enthusiastic amateur who starts a business.
But this business has got too big and important; but it aint a Cloud Storage problem! Stop throwing bricks at Cloud Storage; start holding the whole hosted computing business to account. Demand SLAs, verify SLAs, check insurances, ask for references, ask for evidence of best practise operating procedures. Be an informed consumer!
However, also accept that if you pay peanuts; you'll get monkeys. So don't just look at the cost, consider the value!
I totally agree, especially with the last point about best practices – the number of companies out there that hide their infrastructure away from clients, claiming that it’s a “competitive advantage” is scary.
We’re not a large public cloud company, but we do host customers in our nichce and we’re happy to tell them that we run on IBM Blades with VMware virtualisation, the storage arrays that they’ll be running on, etc.
The fact that you run on IBM equipment over Dell or HP isn’t a competitive secret, they’re all high quality providers, but if you answered the question with “Well, you’d be running on a white-box PC with the cheapest components we could buy that wek in it”, then the cost advantage of a cheap provider just got explained fast.
SLA’s are a fundamental part of all cloud agreements, but an SLA is worthless if the cloud company is going to send 100s of clients an email saying “Sorry, all your data is lost, here’s 30 days refund” when the data is your business. You need to know things like that the are backups stored correctly, that recovery is possible, and that they’re not stored on the same disk array as the live data.
If the company can’t provide that kind of evidence, then you need to make your own arrangements with another supplier, or find a supplier who will meet your requirements, even if it’s not the price-point you saw advertised on a “cloud storage” google seach.
One of the important things about SLAs is they bound the agreement so you know exactly what you are getting. So if it doesn’t say that the data will be protected with backups, it isn’t. And a dose of realism for everyone, RAID means jack without backups. Multiple disk failures happen and data loss will occur; just because your Cloud Supplier says you are RAID protected, it does not mean you are protected from data loss!
Time to grow up everyone, the new dynamic infrastructures we are going to build in the future do not obsolete the age-old systems management disciplines of the past. They build on them, they enhance them but everything you have been doing, you still need to do or ensure is done.
Enough of the hand-wringing and the hand-washing; we need to make this better.