Posts

When UK mobile operator 02’s data network went down for a whole day in December, it brought home to many people just how interconnected the many services are that we take for granted. The inability to get email on the move or to use Google Maps to navigate to a meeting was an annoyance, but for thousands of Uber drivers it was more serious, leaving them with little choice but to buy Pay as You Go SIMs on other networks in order to continue making their living.

In fact Uber drivers were fortunate: the other networks were operating normally, and switching to another one took a matter of minutes. Things were not so easy for the tens of millions of people who rely on the availability of Microsoft’s cloud-based Office365 service when that experienced a prolonged down time of Multi-factor Authentication in November. Not only were they unable to access all their Office365 apps and data, but many also discovered that they were effectively locked out of other applications such as Smartsheet, Xero, and Insightly, which can share Office365 authentication. With a cellular network outage it’s easy to switch SIMs, but when parts of Office365 go down those that rely on it have no option but to wait for Microsoft to fix it.

This highlights two potential problems for organizations which rely on the availability of applications and services in the cloud. Firstly, cloud services do go down, and it’s not easy to switch to another cloud provider when that happens.

But perhaps more importantly, a huge number of companies are relying on the availability of a very small number of public clouds. (Of course to access them they also rely on a very small number of telecoms networks, but that’s another story.)

According to the Cloud Security Alliance, about 42% of application workloads run on Amazon Web Services, and a further 29% run on Microsoft’s Azure. And the fact that AWS and Azure account for well over two thirds of cloud workloads has become a cause for concern to regulatory authorities in many industries. For example, last July the European Banking Authority issued a report warning of the systemic risk arising from the international banking system’s concentration into such a small number of public clouds.

So what can be done to mitigate the risks presented by this concentration of computing resources in tiny number of huge public clouds, which will, from time to time, encounter availability problems?

A lot can certainly be done at the application level, by architecting them for the cloud to meet specific resilience requirements and specific RPOs (Recovery Point Objectives) and RTOs (Recovery Time Objectives).

Which means it’s important when moving to the cloud to conduct application-centric migrations and transformations that capture this type of information and determine information such as business criticality.

Indeed, it was in part for this reason that we created our AppScore product to capture, assess and plan at the application level in order to ensure successful cloud adoptions.

It’s also important to realize that putting an application or service in the cloud doesn’t free you from the responsibility of keep it running: standard, well established principles of redundancy and resilience still need to be applied. That means you need a disaster recovery plan in place that’s tested and proven.

The good news is that DR from one cloud location (region) to another can be far easier than switching from an on-premises data centre to an alternative site.  It’s important to use a multi-region strategy, and – where the cloud provider supports it (such as AWS) – it’s wise to reserve capacity in a specific availability zone as a disaster in one region could mean a large number of companies would be looking to recover to another cloud data centre simultaneously and you could get locked out.

The bottom line is this: the cloud may be a different world, but tried and tested resilience and redundancy principles still apply. When used effectively, the cloud provides greater resilience options at a better price-point than on-premises or co-located datacenters ever can.

Just remember to factor this into your cloud migrations and understand the criticality of the application to the business and their resilience requirements. Which means running cloud adoption at the application level rather than at the server level.

If you’re not already backing up onto the cloud, why not? It’s easy, incredibly cost effective and offers a range of other potential benefits.

One of the most welcome features of cloud backup is that it takes away many day-to-day IT chores, leaving your people to get on with more productive work. No need to back up onto tape, store the files in a fire vault or use an off-premises provider such as Iron Mountain, with all the time consuming process that goes with it.

It is likely to cost less than these old methods too, and there’s less risk of accidentally deleting the wrong information while carrying out a backup.

Cloud fundamentally changes the way backups get done in entirely good ways.

With the infinite storage cloud offers, you can stream all your backup and site data to the cloud, you don’t need to plan the amount of space required and you have none of the integrity problems that come with tapes. Cloud backups also happen faster than manual tape backups.

Backups in the cloud mean you can implement longer term storage solutions at lower costs, helping you stay on the right side of data compliance rules with greater ease.

Cloud backup options

While migrating applications to cloud typically takes some planning, there are some amazingly simple options when it comes to backups. For example, we helped one of our smaller clients with a network attached storage device to perform automatic backups to the cloud.

Here are some other examples of the options available to businesses looking to adopt cloud-based backups:

  1. Carry on using your existing backup software and use it for storage on the cloud via a “virtualized tape library”. Using the existing software licence you have already invested in entails minimal change and minimal cost.
  2. Use AWS and or Microsoft tools to manage backups and restore using cloud storage for your on-premise servers into the cloud. This entails no cost for using those services. You are simply paying for storage.
  3. For advanced backup solutions, third party products such as Commvault can be deployed providing a single consistent platform for protecting data and applications across on-premise and cloud.
  4. In addition to a protecting data using cloud backup you can provide DR capability by taking copies of your servers and streaming them onto the cloud. Microsoft Azure site recovery is such a tool, replicating near instantaneously into the cloud. This option essentially offers you sophisticated disaster recovery into the bargain because if you do have a failure of either data centre or servers you can restore that service into operation running in the cloud in a short space of time, it could be within minutes. In a worst case scenario where your premises are wiped out, you will not have to worry about losing your data stores as they are all off site. It also means that there is far less for your people to do in the event of a DR invocation.

In summary

As we’ve said before here, cloud blurs the lines between DR and backup and now enables organisations that could not afford more than basic backups to build holistic data and application  protection solutions, affording them far greater resilience.

One of the greatest emerging benefits of the cloud is the possibilities it offers in disaster recovery (DR). Some are even calling it cloud’s killer app. Read more

“When AWS flatlines like that, almost the whole internet is in trouble.” Read more