Wikileaks & The Financial Crisis: Lessons For Managing Risk With Cloud Hosted DAM
This article originally appeared on the Daydream website in December 2010.
Recently, I was a having a conversation with a partner in a professional services business Daydream has dealings with (although they are not a client of ours). We discussed the Wikileaks disclosures where diplomatic cables were copied and released to embarrassment of various governments. My associate explained that currently, they ran the backup for their practice overnight to tape and he or another partner took the cartridge from the previous night home with them to ensure they had an off-site backup. This is a fairly common technique and I have encountered a number of SMEs who do the same.
Not long ago, my associate had a engaged the services of an IT consultant who had recommended they switch to a Cloud based backup facility which would automatically transfer the files off-site every night, avoiding the need for tapes and the need to physically transport them off-site.
They had quite seriously contemplated taking out the service, but after hearing about the Wikileaks disclosures, they decided to abandon this idea and stick to the tapes. Why? He and his colleagues determined that if a group of hackers were able to get around high security defences used to protect diplomatic cables then it would have to be quite easy for someone to break into a commodity Cloud service of the type they were being pushed to recommend. Since their backups contain gigabytes of extremely sensitive client data and they had no way of telling how well protected the service really was apart from the vendor’s own claims, the perceived risk was unacceptably high for them.
There are some mitigating circumstances that weaken the validity of this as an argument to avoid using a Cloud service provider. For a start, the Wikileaks diplomatic cables appear to have been leaked by an insider using some simple techniques that owe more to social engineering rather than advanced hacking. Also, if you store tapes in your own home, unless they are held in a safe, there is still a risk of the data being stolen and sold on by an opportunistic house burglar – albeit one who would have to understand the potential value of a backup tape how to get the data off it.
Trust and Control Issues With Cloud Service Providers
Cloud hosting certainly has appeal and we do recommend including it in any consideration of hosting options for client digital asset management projects. The Cloud offers seemingly limitless scalability, simplified redundancy and a charging model which is usage based and therefore highly cost efficient. For Digital Asset Management it appears the perfect delivery platform. Furthermore, being able to avoid all the hardware issues with hosting your own kit such as holding inventories of parts, redundant servers and constant monitoring for potential faults are massive benefits in themselves.
Like my associate, however, my enthusiasm is tempered with some doubts about whether a wholesale move completely into the Cloud is advisable. The key issues are trust and control: trust because the Cloud requires you to put near absolute faith in the provider; control because you implicitly cede management of the security and integrity of the data to the Cloud provider and more or less have to just hope they won’t be compromised.
The description ‘Cloud’ is unusually apt for an IT concept as it does hint at the nebulous and opaque nature of the service offer – which is both its strength and weakness. As I write, there has been no serious business failure of a significant Cloud provider that I am aware of. This has to be question of ‘when’ rather than ‘if’ though. While it seems unlikely that any of the major players are in imminent danger any time soon (quite the opposite), the recent financial crisis has also demonstrated how rapidly apparently wealthy corporations can be reduced to bankruptcy because of some poor senior management decision making that was covered up until it was far too late to rectify. So (in my mind at least) size and highly recognisable branding are not necessarily any reliable indicators of stability or propriety.
As well as the possibility of business failure, there is the ongoing risk they may merge or be sold to other providers. They may decide to hike their prices and remove smaller or less profitable accounts. Most importantly, what do they actually do with your data and how can they protect it in practical terms?
All of the Cloud vendors will pinpoint their best practice guidelines and possibly even IT audits that prove their stability and cross-border compliance with data protection legislation in a variety of jurisdictions, however, the financial crisis has demonstrated that it is unwise to base your risk analysis solely on the findings of a third party agency or auditor alone.
Balancing Technology, Risk and Cost When Considering Cloud Services
I would stress I do not want to write a FUD piece about how risky Cloud hosting is and that we should all invest in mass redundant storage devices and private data centres etc, I do believe the Cloud is a great concept with a lot of worthwhile benefits that make it highly suited to Digital Asset Management requirements, however, like any kind of IT investment, risk management and a critical evaluation of the pitfalls and how to avoid them is absolutely crucial.
When assessing with clients about how best to handle their DAM hosting needs, we consider three main factors: available technology, risk and cost. These each have to be balanced to ensure the provision is appropriate, safe and affordable. The Cloud offers a highly cost effective method to bypass some of the scalability problems associated with conventional hosting and also help reduce risks from equipment failure – but only if used in conjunction with other techniques and you take some direct personal responsibility for managing the risks inherent in each of your choices.
IT (and Digital Asset Management by association) is often characterised as being a ‘fashion’ oriented business where bursts of hype and over-exuberance for a new fad or technology mask some inherent limitations that have yet to be fully revealed. It strikes me that DAM consultants and vendors who strongly associate themselves with a Cloud based hosting delivery platform as the definitive answer to redundancy, data security and scalability problems are setting themselves up for a fall and a potential PR disaster when the inevitable happens and one of these services is badly compromised or becomes a commercial failure.
The ‘eggs in one basket’ argument is logical, however, the benefits of migrating everything to the Cloud are highly compelling and appear to offer their own form of common sense, i.e. that they offer simplicity and low maintenance. However, they come with a fairly significant premium in the form of higher risk if you rely upon them exclusively. While I won’t be asking my colleagues to take tapes home with them like my associate who I referred to at the top of the article, we will be mitigating our risks by not relying on a single vendor, retaining existing conventionally hosted external servers and arranging our own methods of protecting data.