On Wednesday March 10th at 1am in the morning a fire started that destroyed a major data centre that provides cloud services from OVHcloud. Thankfully no one was injured but this should be a wake up call for cloud service users to check that they have factored the use of cloud services into their business continuity plans.
Digital Transformation must include Business Continuity Planning
As organizations go through digital transformation, they increasingly turn to using cloud services. These allow them to develop new applications and create new ways of doing business without the need for capital expenditure or procurement delays. However, digital transformation also increases the dependency of the organization on these new digital services. One aspect of the digital transformation plan that is often forgotten is ensuring business continuity.
A key objective of IT services is that systems, data, and applications are available to authorized users when and where they are needed. The requirements for availability and the consequences of non-availability are increased by digital transformation.
Responsibilities are shared
Organizations often believe that because their applications are running in the cloud their data is automatically backed up and that the cloud service is always on. Neither of these assumptions is correct. The responsibility for security and compliance is shared between the tenant and the CSP (Cloud Service Provider).
The CSP provides an SLA for the availability of their service and the tenant is always responsible for their data. Typical SLAs by major CSPs are around 99.99% - that may seem very high but that could mean on average 52 minutes per year that the service is not available. That does not include the additional time that you may need to reconfigure and restart your business-critical applications after an outage.
CSPs take significant steps to protect their tenants’ data including holding the data on multiple physical devices. However, if the service holding the data is down you may not be able to access it. In addition, if you delete the data by mistake you cannot expect the CSP to recognise this was an error.
Many possible causes
Natural disasters: earthquakes, floods and fires could have long term consequences on cloud service data centres. Loss of power or other utilities could render the cloud service unavailable. Access to the cloud service as well as the service itself depends upon communications systems which are also vulnerable.
There are actually 4 buildings on that site, and these appear to provide some form of co-hosting rather than being pure cloud. Only one of the buildings was completely destroyed but the impact of the incident has spread to services in the other buildings. This emphasises the need to look at physical locations and what exactly is meant by availability zones carefully when planning.
End to End Service
Use of a cloud service depends upon the infrastructure needed being available from end to end. Not only must the equipment and services at the CSP be operational, but the network and the customer equipment must also be available and working. Therefore, the cloud customer, as well as the CSP, needs to ensure the availability of components under their control as well as including cloud services in their business continuity plans.
Tenant Responsibilities
Our advice to users of cloud services is:
- Ensure that the level of availability specified for the service meets the business requirements.
- Include the end-to-end infrastructure and any on-premises elements involved and not just the cloud service in this assessment.
- Use independent verification to assure that the service is designed, managed and run in a way that conforms with the claims.
- Design, implement and run applications using the service to exploit the capabilities provide by the cloud service to continue in the event of a point failure.
- Make sure that your data backup / recovery processes meet your recovery time objectives for data held in the cloud.
- Include the cloud service and the end-to-end infrastructure required in the organizational business continuity plan.