“Just imagine if a major cloud service provider had a ‘Lehman moment’, with everyone’s data there on Friday and gone on Monday…”
That’s what the authors ask us to do on page 2 of “Beyond data breaches: global interconnections of cyber risk”.
It appears that some users of the Dedoose cloud-based application don’t need to use their imagination. Dedoose enables academics and students to manage research data online.
But during early May the system suffered a ‘“devastating” technical failure’, causing “academics…to lose large amounts of research work, some of which may be gone for good.”
For various reasons the last few months haven’t been great for some companies in “the cloud”:
eBay – Hackers stole the personal data of up to 145 million customers from the company in February but it didn’t notify customers until many weeks later
Adobe – For more than 24 hours users around the world lost access to ‘Creative Cloud’, the company’s online subscription for software and services
Joyent – An operator mistakenly rebooted all of the servers in the company’s datacentre, knocking out operations for over an hour.
That such incidents can sometimes happen in ‘the cloud’ is no surprise. Three years ago I wrote in “The Four Servers of the Apocalypse”,
“..we are going to see more of such incidents…Because there are no standards for flows of data.
That is why most, if not all, ‘cloud’ vendors have a clause in their contracts which states that they don’t accept any liability for your data…
But what does anyone seeking to use a cloud vendor get to see that lets them make a reasonably informed decision about the risks associated with giving the company their data?
Without any recognised standards for flows of data there is no way for the lay person to compare providers. Or judge what depth and breadth of expertise a company possesses…”
Today, cloud services may no longer just be ‘standalone’ – a cloud company may rely on other cloud companies to enable its own service.
Dedoose, for example uses Microsoft’s Azure.
Microsoft was not at fault for the recent problems at Dedoose. But this kind of relationship between companies provides an opportunity to reflect on the issues of risk management, resilience and liability in complex cloud systems.
David Rosenthal of Stanford University has done just that. He has written a great blog about the Dedoose incident and some of the potential risks ‘in the world of cloud services layered on other cloud services, each of which expressly disclaims any liability whatsoever for “merchantability or fitness for a particular purpose”’.
His conclusion is spot on:
“…the reliability actually delivered to the end user cannot simply be deduced from knowing that the “data is safe in the cloud”. It depends critically upon how defensive each layer in the system is with regard to failures in the layers below it, how much redundancy exists at each layer, and how frequently the redundant replicas are synchronized. This is something into which the end user has no visibility, over which he has no control, and which may change through time with no notice. It is all very well saying caveat emptor, but in the cloud the customer has no access to the information needed to make careful choices, and no guarantee that once a choice is made the basis for that choice remains in force.”