Trust the cloud with my PRECIOUS? You gotta be joking

Nobody has mentioned SpiderOak yet?

Just because so many cloud companies are getting data backups wrong doesn't mean you have to assume that everyone is. I don't trust the cloud with my data. But I don't trust my own local backups either. Any sysadmin who has even a half a clue knows that you need more than one backup technique built on different architectures, each of which is geographically separate by at least 10 miles. NEVER assume that one backup solution is sufficient. ALWAYS assume that there will be a failure in any design. This is Basic Backup 101!

A guy at work recommended SpiderOak a while back. After reading this page I was willing to drop $100/year to back up 100 GB:

https://spideroak.com/engineering_matters

My only affiliation with SpiderOak is as a satisfied customer. I've been using SpiderOak to provide a remote back up my wife's critical business files and my own personal files for about a year and a half. It's reasonably priced and has been remarkably stable. Only one glitch that lasted about 2 days, and that may have been due to a PEBKAC error on my part. All in all, I think they provide a very solid backup solution.

Given what I've said above, does that mean that I no longer keep a local copy of everything? Nope, of course not. In fact, I've got a couple of local backups driven by simple rsync jobs. But I'm damn glad I've got a solid offsite backup solution at a reasonable cost, too. In my view that's what a cloud solution really buys you.

To Cloud or not to Cloud, that is the question

Having read the comments here it appears the author has an axe to grind with cloud. Having been in the cloud arena for the past 8 years and sitting on the board of many cloud associations and organisations I have a more pragmatic view that users should choose the most applicable form factor (be it cloud, cloud/on network mixed or on network) for each applications use dependent on the need, cost and feeling about data held in each case.

Limiting yourself and avoiding cloud will put you at a disadvantage in terms of flexibility and adaptability and in business potentially lose your competitive edge. The customers are choosing with their feet and purses as many major historic bricks and mortar brand approaches have already found out to their peril. Take Blockbuster video, once the darling and now the gone or surviving against Netflix and lovefilm serving up online movies. Take Tower Records gone against the online music world, books stores, Kodak photography and many more join this throw.

Cloud with the demands of mobile access from any device delivers more flexibility than we have ever had and be it public or private cloud is here to stay. We will see an increase in the speed of innovation and new uses for hosted services and an increased demand as younger users expect and demand availability anywhere, anytime on any device at a low price point that traditional mediums cannot deliver.

If you are afraid of losing music in the cloud, buy it on standard media, ripit, upload it and gain the benefits of cloud with a localised traditional media copy for your peace of mind and safety. However bear in mind this will cost you more in money and time to achieve. Yes Cloud may have had outage examples in the past year, but one local device outage or loss later and a user will be switching to cloud and relying on it for backups quickly. There are bad stories in any medium, and the story of one user’s lost kindle files is rare and amongst the volume of users offers a low chance it will be you. You can argue this the same for any failure, I am sure there are those out there who have had their local device just crash and burn and not switch on as expected at a random moment leaving them high and dry.

Ian Moyse

www.ianmoyse.co.uk

Distrusted clouds before there was one

Back in 2001, being of limited resources, I used several free webhosting services to stash sundry files, as my laptop had a 2-GB drive and no CD burner. One of them must have had their operation in the World Trade Center, as the service disappeared without a trace one day in September. Other people had bigger problems and there was nothing mission critical there, but when the biz got going I was a believer in redundant backup methods I alone controlled. When the Cloud drifted over the horizon I wasn't even tempted.

Actually, my experience with stuff like this goes back further, to when I worked at a major monthly rag. The Powers decided to put MS Word on the server so we editors could run it over the LAN. I didn't trust that so I downloaded a copy onto my HD and renamed it . Came the day when we were nearing deadline and the server or the LAN or something blew up, and there was much screaming, tearing of hair etc in the halls, while I was able to keep working. The message, which all of you pro IT folks know is, you have to expect and plan for failure. If the Powers say, "What are the odds?," reach for the cattle prod and nudge them toward the elevator shaft.

Dave, you roxin my boxin!

I'm glad that I'm not the only one who groks this. I've seen it from the consumer end and from the inside. How many times do I have to cringe, as someone on the inside of a technology company, when a customers account get hosed by some internal error or issue from some botched entry on an account profile that wrecks the service in question. Then we find out when the customer calls in and can't repair the issue due to internal tools issues/limitations and the account has to be closed and a new one written up. God forbid there's a cloud storage or email attached to the account. The reality is that many of these accounts can lose all data at the push of a button on an account interface but the same tools can't retrieve what's lost. You go to Tier 2 or 3 only to find they don't even have server access and the company has so compartmentalized I.T. from the customer service techs that neither has contact with the other and lost data is just lost. Bottom line, no one can take care of your data better than you can. Thanks Dave for the common sense and reality check here.

If

one is good at remembering a long sequence of just two things, any lost data could be reconstructed using a simple two key input device.

Dude, it's too late

They already have you by the balls. You just don't realize it yet. And yes, they are buying and selling you to the highest bidder, that's the whole point.

If you know what you are doing, you are almost always better than cloud

The trick is "to know what you are doing". Majority of people don't. That's a fact. Some people do have staged backup policy with multiple geographic locations and/or use P2P backup but some other people who never lost their data will call this anal retentive and hence they will, inevitably, lose more data as a result (everyone does, the trick is to limit the loss, in other words to define the RPO).

The problem with cloud (as in Dropbox, Google and friends) is that it is far more susceptible to influences you cannot control and which you know nothing about (especially if you reside in a different country than your cloud provider). So the actual GUARANTEED availibility of cloud backup is for foreign natural person far, far lower than almost anything else (do you know what actual steps would you perform should a foreign company stop abruptly the service to you and as a result you'd lose access to your data? Remember, consumer organizations work usually within single country).

Cloud service is better than nothing, usually, but that's not what we can term as "good", right?

One aspect of this is privacy. Almost everyone has some kind of "unlicensed" material, should we say (grabbed CD or BD is such a case, even if you do that as a hedge against burglary). That's DMCA territory. The fact that no one does care what you have stored there NOW is no guarantee - cloud providers are actually centralized points for data storage (and those cloud providers will search the data for clues on what's popular). Before, investigators had tens/hundreds of millions of households to search (impossible). In the future they will have only a handful of datacenters to search (and their access actually depends on lawmakers and lawyers understanding technicalities - good for you if you really, really trust them).

In order to be reasonably safe and future-proof, you have to encrypt your data on the client and THEN send it to the cloud or use P2P backup with people whom you trust. But it means you have to employ some kind of key management and data preprocessing or slightly more complicated backup configuration you have to consult with others. This isn't a panacea either. Not mentioning the fact that fetching your HDDs for rotation from granny has often far higher bandwidth than uploading/downloading your data to cloud. And given the usual TB sizes, such a poor person geo backup is often cheaper and, if done sensibly, with RPO you are actually comfortable with.

"Would you like Google to remember..."

A few months ago I visited a website - perfectly innocuous and SFW - that required a login. Because it was a trivial site, I happily allowed Google to remember the ID and password. I missed the distinction - I was not giving Chrome the local browser, but Google the "cloud", the right to keep my data. This only became apparent a few months later when on a clean Linux install I visited the same site, and to my horror discovered the ID and password fields correctly populated. Google may have brainy engineers and security people, but would I trust them to protect sensitive data against all possible attacks? No.

I've yet to run across a cloud provider who could inspire me to leave my data security in someone else's hands. Especially someone I've never met, and who has zero regard for the content, or its replacement value.

Just put a HD in your own safe?

Being a lazy etc, I just back up my stuff to a portable hard drive and stick the hard drive in the safe - fire rated to fricking a lot. We can't really get flooded and the thing weighs way too much to move by tealeafs. Oh, and you'd have to contend with the floor bolts.

The added bonus of a safe is you can put, say, actual prints of old photos and other stuff in there. All safe and sound. No offsite, no NAS, no network required, just a hunk of steel.

Old skool (just don't lose the bloody keys!)