A survival guide to cloud storage failure white paper


Published on

White paper from http://storageswiss.com, Storage Switzerland. The recent implosion of public Cloud Storage Provider (CSP) Nirvanix has sent shockwaves throughout the industry. A well funded company with established OEM relationships with major industry juggernauts like IBM and Dell, didn’t seem to be a likely candidate for bankruptcy. This raises some critically important questions for businesses that are considering a public cloud deployment. The most obvious of which is, what is the best way to manage risk when adopting cloud storage? In this report Storage Switzerland Analyst Colm Keegan provides some guidance on mitigating that risk.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

A survival guide to cloud storage failure white paper

  1. 1. A Survival Guide to Cloud Storage Failure Prepared by: Colm Keegan, Senior Analyst Prepared on: 10/15/2013
  2. 2. A Survival Guide to Cloud Storage Failure The recent implosion of public Cloud Storage Provider (CSP) Nirvanix has sent shockwaves throughout the industry. A well funded company with established OEM relationships with major industry juggernauts like IBM and Dell, didn’t seem to be a likely candidate for bankruptcy. This raises some critically important questions for businesses that are considering a public cloud deployment. The most obvious of which is, what is the best way to manage risk when adopting cloud storage? Cloud Commotion Perhaps the most ominous question for organizations that are already utilizing cloud services is if their existing data reclamation contingency plans, assuming they have any, are adequate in light of recent events. Approximately 1,000 customers were given a paltry 4 week window (initially it was 2 weeks) to remove their data from Nirvanix’ cloud infrastructure. It is likely that many of these customers will not be successful in retrieving 100% of their data. And for those that do, there may still be lingering concerns over whether or not their data has been fully sanitized off of Nirvanix’ storage infrastructure. Despite this new wall of worry over public cloud storage, there are many ways that organizations can mitigate risk while reaping the benefits of cloud infrastructure. The first step is to identify what the risks are with deploying data into the cloud and then develop a plan to offset or eliminate these risks entirely. Cloud Congestion As evidenced by the Nirvanix Chapter 11 filing, the primary risk is the loss of control over your business data. Once data is moved into a provider’s facility, it is difficult to pull it back out, at least en masse. Even when there are relatively large network connections between the provider’s facility and your own, it may still take a long time to move even a modest amount of data. For example, it could take up to 2 weeks just to move 150TB’s of data over a 1Gbps link. Now imagine trying to move data while hundreds of other clients are scrambling to recover their information at the same time. Cloud Contingency Planning Another concern is that once data is moved into the cloud, you are relying on the good will of the provider to protect your information. While most providers replicate data between facilities or employ some kind of data protection scheme, ultimately you are assuming that they are following best practices and being good stewards of your data. While some CSPs may have established service level agreements (SLAs), ultimately these are just words on paper. Providers can be sued for breach of contract but this will not bring your data back. 10/15/2013 Page 2 of 5
  3. 3. Storage Switzerland, LLC For these reasons, it is critical to have an alternate way of accessing your information should it become unavailable due to an outage at the provider’s facility, or worse, the provider themselves unexpectedly close their doors. Lastly, maintaining ultimate control over the security of your data is essential. If the CSP goes out of business, there may be no viable way to fully audit that your data has been completely purged across all of the provider data center sites. Consequently, end point data encryption, where you hold the keys to unlock access to the data, is of paramount importance. That way, in the event the provider goes out of business, the keys can be destroyed, rendering the data inaccessible. Controlled Cloud Data Fundamentally, businesses need ways to retain control and security over their data while still maintaining the ability to leverage low cost cloud storage capacity. The right blend of high performance storage capacity for real-time business data and low cost storage for inactive data, could be the ideal scenario for many organizations. To this end, a locally cached copy of active data combined with a mechanism for seamlessly porting inactive data into a CSP facility, could offer the best of both worlds. Furthermore, mirroring data between disparate CSPs would help mitigate the risk of a provider going out of business as the data would be accessible in two separate and distinct facilities at all times. A lower cost alternative to mirroring data across two different clouds is to create a backup policy whereby any data that is scheduled for migration to the cloud is also archived to tape. This would not only satisfy data redundancy requirements but would allow for a much faster restore as data would not have to be pulled down through the cloud over congested networks. The question is what solutions are available which allow businesses to implement a hybrid private and public cloud data deployment? Interestingly, there are several different technologies available that can suit the various needs of today’s data center environments. From individual software utilities that enable data migration into and out of cloud environments to offerings which enable businesses to build hybrid clouds while still maintaining full control over their data. Cloud Gateways Cloud storage gateway platforms allow data center environments to connect to cloud storage resources without having to integrate cloud application programming interfaces (APIs) into their existing applications. Installed as a physical or virtual appliance, cloud gateways natively present CIFS/NFS or iSCSI connectivity between applications in the customer premises to the storage resources in the CSP’s facility. This allows storage managers to move inactive data off existing SAN or NAS storage and port it to storage in the cloud. 10/15/2013 Page 3 of 5
  4. 4. A Survival Guide to Cloud Storage Failure By reclaiming storage capacity and enabling the underlying SAN/NAS array to focus on servicing up I/O requests for active data sets, local performance can be improved and organizations can save costs by extending the life of existing storage assets. Some storage gateway vendors are even bundling access to CSPs like Amazon, Google and Azure, to provide a fully bundled solution offering. What’s more, customers can choose to cross-connect to multiple providers, via their gateway appliances, so that their archived data isn’t captive to a single providers cloud; increasing resiliency and minimizing the exposure of data loss from an outage or a CSP financial collapse. Additionally, some gateway offerings integrate point-in-time data snapshots for data stored in the cloud. When paired with endpoint encryption that is fully controlled by the end user, this makes for an interesting way to bolster local storage performance and ensure data protection, while leveraging the economics of cloud storage capacity. One such example is a company called TwinStrata. Cache and Carry to the Cloud For those organizations that are at the end of their existing storage product’s lifecycle or that may be boot-strapping a new line of business, Storage-Infrastructure-As-A-Service (SIaaS) offerings, like those from Nasuni, may be of interest. This methodology consists of installing a local solid state disk (SSD) controller cache at the customer’s local premise and integrating it with cloud storage from one or multiple CSPs. Database applications and active user files are typically stored on the local SSD controller while the balance of the data is stored in the cloud. The advantage to this approach is that all active data is stored on high speed SSD, so application performance will be blazing fast. And since there is persistent connectivity with cloud storage resources, data is continuously synchronized and encrypted; ensuring that critical business data is always protected and secured in the cloud. Similar to the cloud gateway example described above, these solutions can also attach to multiple clouds but importantly, they can also facilitate the movement of data between clouds. For example, if a customer wished to migrate their data to another CSP, they could simply make the request from their SIaaS provider and it would be completely managed behind the scenes. In fact, an important distinction between SIaaS offerings and cloud gateway’s is that SIaaS solutions are totally turn-key and don’t require any up-front configuration work or ongoing maintenance by the end user. 10/15/2013 Page 4 of 5
  5. 5. Storage Switzerland, LLC ISV’d Cloud Control Attunity is a 20 year old software vendor with extensive experience in data replication and file transfer technologies, Their Cloud Beam offering is a software-as-a-service (SaaS) solution which enables end users to move data into, between and back out of cloud infrastructure. As outlined in the following briefing note, it also provides for elastic, burstable cloud computing. Still another example of how data center planners can deploy business data into public cloud infrastructure, while mitigating risk, is to employ software utilities which can seamlessly migrate application data into the cloud. Some data mobility software providers now offer their technology as a solution for porting data out of legacy infrastructure and into cloud storage environments. A company named Metalogix has some interesting capabilities in this space. Storage virtualization industry veteran, FalconStor, also has a suite of data mobility products which can be used to protect and recover data in private and public clouds. As a vendor agnostic software developer, FalconStor enables businesses to seamlessly move data into and out of public clouds. Their offering could be of particular interest to CSPs and MSPs that need data migration solutions which can work with any storage platform. Conclusion Even prior to the Nirvanix announcement, many end users that we at Storage Switzerland spoke to would often cite data lock-in, security and performance as three primary concerns about adopting public cloud infrastructure. While these are legitimate concerns, there are a multitude of options available which allow businesses to address all three issues to obtain the best of both worlds - high speed performance for critical local applications and secure cloud archived data that can be readily withdrawn from cloud infrastructure on demand. 10/15/2013 Page 5 of 5