Many French websites using the .FR domain remain offline or with limited access after a fire at OVHCloud ravaged one of their four data centres last month. The incident knocked out government agencies’ portals, banks, shops and news websites, bringing French webspace to a standstill. The crisis is a timely reminder to organisations that putting important data and applications in the cloud does not guarantee security, especially when backups are stored in the same location as current versions, writes Chris Huggett, SVP Europe & India at Sungard Availability Services.
Over 3.5 million websites have been affected, more than 460,000 domain names were inaccessible, and millions of email boxes were left unusable. These are the direct consequences of a fire, the origins of which at this moment are still unknown, providing a reminder that disasters do happen. This isn’t an isolated incident or one-off event either. Data centres all face the same existing and new natural and human originated threats such as any other business or building – earthquakes, hurricanes, tsunamis, terrorism. All of these need repeated risk re-evaluation.
So how should organisations be implementing a contingency plan in place ahead of disasters striking?
Definitive loss of data
For some organisations, the consequences of a disaster hitting a data centre are much more serious than a domain name being inaccessible for a few hours or days. Indeed, for those who would not have subscribed to a backup option that was hosted elsewhere, and whose sole datasets were hosted on the servers that went up in smoke, their data and applications have been permanently destroyed. Today, these organisations can only cry over their losses and for some, their entire business may not be able to recover.
The illusion of protection
“My data is in the cloud; nothing can happen to it.” This is a very common misconception.
We readily associate the cloud with the notion that it is virtual, and therefore indestructible. Perhaps this is due to its abstract naming, but this attitude ignores the fact that even if data is accessed via the cloud, it is still hosted on a physical server. Even when using virtual machines, which are nothing more than parts of shared physical servers, data is still stored in one singular, physical location.
When a server fails or is destroyed, the notion of the virtual suddenly becomes physical and tangible again. The cloud is not virtual; it can definitely fail, and the whole company can be at risk.
The fire that occurred last month is no exception to this. And it is not the only type of incident that can affect a data centre and put its valuable files at risk. Floods or cyber incidents are two other examples of threats that can have the same dramatic consequences for business data and operations.
Having a backup plan
The cloud doesn’t exempt organisations from being prepared and having a backup plan in case disasters strike. Some of the organisations affected by March’s fire have experienced this bitterly. OVH’s data centre held both live and backup business data, a reminder that even if organisations have both covered, but both are stored in the same location, it isn’t automatically safe and protected
Years ago, forward-thinking companies regularly backed up their data to physical media (tapes, hard drives). This principle has not changed, except that today the data is much larger and needs to be accessed instantly via connected, highly available and secure infrastructures. Being in the cloud doesn’t mean you don’t need physical protection. On the contrary. As current events have shown, being in the cloud requires a solid disaster recovery plan that can be activated without delay in the event of an incident.
Several points are crucial to put in place an effective contingency plan in case of a problem.
First of all, the method, which is based on four pillars: business impact analysis or BIA (which processes are most critical in the company? And what are the impacts on the business if these processes are degraded?); risk assessment (which threats can cause the most harm to the company?); business continuity strategy and planning (in case of unavailability of the work environment, technology tools, partners and/or employees); and the testing program (making sure the plan works and that everyone knows their role).
Secondly, a recovery plan must respect two main principles. First, the plan should not be limited to restoring servers, the on-premises environment or the cloud environment. It must apply to the entire hybrid infrastructure and it must also take into account the company’s applications. Also, the backup plan should not focus on solving the problem, but on having backup resources that can be activated at any time, beginning immediately. For this reason, these resources must be physically separated from the company, but connected to its infrastructure.
At the end of the day, the cloud as we know it is just as real as the clouds in the sky – constantly changing and impossible to pin down, but just as real and important to the IT ecosystem as a cumulonimbus formation on the horizon.