White paper from http://storageswiss.com, Storage Switzerland. The recent implosion of public Cloud Storage Provider (CSP) Nirvanix has sent shockwaves throughout the industry. A well funded company with established OEM relationships with major industry juggernauts like IBM and Dell, didn’t seem to be a likely candidate for bankruptcy. This raises some critically important questions for businesses that are considering a public cloud deployment. The most obvious of which is, what is the best way to manage risk when adopting cloud storage? In this report Storage Switzerland Analyst Colm Keegan provides some guidance on mitigating that risk.
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
A survival guide to cloud storage failure white paper
1. A Survival Guide to Cloud Storage Failure
Prepared by: Colm Keegan, Senior Analyst
Prepared on: 10/15/2013
2. A Survival Guide to Cloud Storage Failure
The recent implosion of public Cloud Storage Provider (CSP) Nirvanix has sent
shockwaves throughout the industry. A well funded company with established OEM
relationships with major industry juggernauts like IBM and Dell, didn’t seem to be a
likely candidate for bankruptcy. This raises some critically important questions for
businesses that are considering a public cloud deployment. The most obvious of which
is, what is the best way to manage risk when adopting cloud storage?
Cloud Commotion
Perhaps the most ominous question for organizations that are already utilizing cloud
services is if their existing data reclamation contingency plans, assuming they have any,
are adequate in light of recent events. Approximately 1,000 customers were given a
paltry 4 week window (initially it was 2 weeks) to remove their data from Nirvanix’ cloud
infrastructure. It is likely that many of these customers will not be successful in retrieving
100% of their data. And for those that do, there may still be lingering concerns over
whether or not their data has been fully sanitized off of Nirvanix’ storage infrastructure.
Despite this new wall of worry over public cloud storage, there are many ways that
organizations can mitigate risk while reaping the benefits of cloud infrastructure. The
first step is to identify what the risks are with deploying data into the cloud and then
develop a plan to offset or eliminate these risks entirely.
Cloud Congestion
As evidenced by the Nirvanix Chapter 11 filing, the primary risk is the loss of control
over your business data. Once data is moved into a provider’s facility, it is difficult to pull
it back out, at least en masse. Even when there are relatively large network connections
between the provider’s facility and your own, it may still take a long time to move even a
modest amount of data. For example, it could take up to 2 weeks just to move 150TB’s
of data over a 1Gbps link. Now imagine trying to move data while hundreds of other
clients are scrambling to recover their information at the same time.
Cloud Contingency Planning
Another concern is that once data is moved into the cloud, you are relying on the good
will of the provider to protect your information. While most providers replicate data
between facilities or employ some kind of data protection scheme, ultimately you are
assuming that they are following best practices and being good stewards of your data.
While some CSPs may have established service level agreements (SLAs), ultimately
these are just words on paper. Providers can be sued for breach of contract but this will
not bring your data back.
10/15/2013
Page 2 of 5
3. Storage Switzerland, LLC
For these reasons, it is critical to have an alternate way of accessing your information
should it become unavailable due to an outage at the provider’s facility, or worse, the
provider themselves unexpectedly close their doors.
Lastly, maintaining ultimate control over the security of your data is essential. If the
CSP goes out of business, there may be no viable way to fully audit that your data has
been completely purged across all of the provider data center sites. Consequently, end
point data encryption, where you hold the keys to unlock access to the data, is of
paramount importance. That way, in the event the provider goes out of business, the
keys can be destroyed, rendering the data inaccessible.
Controlled Cloud Data
Fundamentally, businesses need ways to retain control and security over their data
while still maintaining the ability to leverage low cost cloud storage capacity. The right
blend of high performance storage capacity for real-time business data and low cost
storage for inactive data, could be the ideal scenario for many organizations. To this
end, a locally cached copy of active data combined with a mechanism for seamlessly
porting inactive data into a CSP facility, could offer the best of both worlds.
Furthermore, mirroring data between disparate CSPs would help mitigate the risk of a
provider going out of business as the data would be accessible in two separate and
distinct facilities at all times. A lower cost alternative to mirroring data across two
different clouds is to create a backup policy whereby any data that is scheduled for
migration to the cloud is also archived to tape. This would not only satisfy data
redundancy requirements but would allow for a much faster restore as data would not
have to be pulled down through the cloud over congested networks.
The question is what solutions are available which allow businesses to implement a
hybrid private and public cloud data deployment? Interestingly, there are several
different technologies available that can suit the various needs of today’s data center
environments. From individual software utilities that enable data migration into and out
of cloud environments to offerings which enable businesses to build hybrid clouds while
still maintaining full control over their data.
Cloud Gateways
Cloud storage gateway platforms allow data center environments to connect to cloud
storage resources without having to integrate cloud application programming interfaces
(APIs) into their existing applications. Installed as a physical or virtual appliance, cloud
gateways natively present CIFS/NFS or iSCSI connectivity between applications in the
customer premises to the storage resources in the CSP’s facility. This allows storage
managers to move inactive data off existing SAN or NAS storage and port it to storage
in the cloud.
10/15/2013
Page 3 of 5
4. A Survival Guide to Cloud Storage Failure
By reclaiming storage capacity and enabling the underlying SAN/NAS array to focus on
servicing up I/O requests for active data sets, local performance can be improved and
organizations can save costs by extending the life of existing storage assets. Some
storage gateway vendors are even bundling access to CSPs like Amazon, Google and
Azure, to provide a fully bundled solution offering.
What’s more, customers can choose to cross-connect to multiple providers, via their
gateway appliances, so that their archived data isn’t captive to a single providers cloud;
increasing resiliency and minimizing the exposure of data loss from an outage or a
CSP financial collapse. Additionally, some gateway offerings integrate point-in-time data
snapshots for data stored in the cloud. When paired with endpoint encryption that is fully
controlled by the end user, this makes for an interesting way to bolster local storage
performance and ensure data protection, while leveraging the economics of cloud
storage capacity. One such example is a company called TwinStrata.
Cache and Carry to the Cloud
For those organizations that are at the end of their existing storage product’s lifecycle or
that may be boot-strapping a new line of business, Storage-Infrastructure-As-A-Service
(SIaaS) offerings, like those from Nasuni, may be of interest. This methodology consists
of installing a local solid state disk (SSD) controller cache at the customer’s local
premise and integrating it with cloud storage from one or multiple CSPs.
Database applications and active user files are typically stored on the local SSD
controller while the balance of the data is stored in the cloud. The advantage to this
approach is that all active data is stored on high speed SSD, so application
performance will be blazing fast. And since there is persistent connectivity with cloud
storage resources, data is continuously synchronized and encrypted; ensuring that
critical business data is always protected and secured in the cloud.
Similar to the cloud gateway example described above, these solutions can also attach
to multiple clouds but importantly, they can also facilitate the movement of data between
clouds. For example, if a customer wished to migrate their data to another CSP, they
could simply make the request from their SIaaS provider and it would be completely
managed behind the scenes. In fact, an important distinction between SIaaS offerings
and cloud gateway’s is that SIaaS solutions are totally turn-key and don’t require any
up-front configuration work or ongoing maintenance by the end user.
10/15/2013
Page 4 of 5
5. Storage Switzerland, LLC
ISV’d Cloud Control
Attunity is a 20 year old software vendor with extensive experience in data replication
and file transfer technologies, Their Cloud Beam offering is a software-as-a-service
(SaaS) solution which enables end users to move data into, between and back out of
cloud infrastructure. As outlined in the following briefing note, it also provides for elastic,
burstable cloud computing.
Still another example of how data center planners can deploy business data into public
cloud infrastructure, while mitigating risk, is to employ software utilities which can
seamlessly migrate application data into the cloud. Some data mobility software
providers now offer their technology as a solution for porting data out of legacy
infrastructure and into cloud storage environments. A company named Metalogix has
some interesting capabilities in this space.
Storage virtualization industry veteran, FalconStor, also has a suite of data mobility
products which can be used to protect and recover data in private and public clouds. As
a vendor agnostic software developer, FalconStor enables businesses to seamlessly
move data into and out of public clouds. Their offering could be of particular interest to
CSPs and MSPs that need data migration solutions which can work with any storage
platform.
Conclusion
Even prior to the Nirvanix announcement, many end users that we at Storage
Switzerland spoke to would often cite data lock-in, security and performance as three
primary concerns about adopting public cloud infrastructure. While these are legitimate
concerns, there are a multitude of options available which allow businesses to address
all three issues to obtain the best of both worlds - high speed performance for critical
local applications and secure cloud archived data that can be readily withdrawn from
cloud infrastructure on demand.
10/15/2013
Page 5 of 5