2e2 Holds Customer Data To “Ransom” – How Safe Is Data Held With An Externally Hosted Provider?

Computerweekly report that distressed data centre service provider, 2e2 who are currently in financial administration are requiring their customers to provide £1m (approx $1.5m) in funding to allow ‘uninterrupted access to their data’:

While administrators have asked 2e2’s 20 enterprise-level users to pay most of the datacentre costs, smaller businesses are being asked to pay £4,000 plus VAT…In a warning letter to customers, the administrators from FTI Consulting said: “In the event that you do not provide a commitment to pay by 5pm on Friday 8 February 2013, we may be unable to continue to provide services to you with immediate effect.” [Read More]

The article continues:

If customers do not pay, “We will be unable to maintain the datacentre infrastructure and we will have no alternative, other than to cease all operations without any managed wind-down of those operations,” it warned.” [Read More]

“without any managed wind down” sounds like they are just going to pull the plug to me.

2e2 are not what I would have called a smaller player in this market, although their aggressive programme of acquisitions of IT service providers with established reputations like Morse has obviously contributed to their downfall.  This throws into sharp relief the dangers of holding data with third party service providers and why relying on one single company is an unacceptable risk, in my opinion.  The article does not say how many of the companies affected are service providers themselves, but a possible consequence is that the extra cost burden might also in-turn force some of 2e2’s customers into administration or bankruptcy as well.  This kind of domino effect has not been properly assessed and I have to wonder how much leverage Amazon and others are starting to acquire over their customers – which includes numerous SaaS DAM vendors too.

Last time I raised the subject of risks with cloud hosting and over-reliance on single providers, I drew a barrage of criticism.  Developments like this one do demonstrate the risks involved.  I should also point out that it is not just third party vendors who you need to be wary of, but also internal IT departments or consultants who may have recommended ‘cloud bursting’ or similar techniques where an on-premise deployment is scaled up using external server or storage service providers.

If you are planning to use a hosting service provider, unless you are prepared to suffer complete loss of the data held with them, they must allow you to back-up your data independently to a separate service provider of your own choosing on a regular, scheduled basis and you must audit and check that this is really happening.  If they cannot permit that, I cannot recommend them no matter what other assurances or certification they want to offer.  Ultimately, it’s your data, not theirs – and your boss or client who will want to know where it’s gone if the worst happens.

Share this Article:

Leave a Reply

Your email address will not be published. Required fields are marked *