This is a post by Dave Jilk, a long time friend, business partner, and CEO of Standing Cloud. While the words are his, I agree 100% with everything he is saying here. I continue to be stunned and amazed by both the behavior of our government around this and the behavior of “us” (companies and individuals) around their data given our government’s behavior. But Dave’s point is not only around the actions of government, but the broader risks that exist in the context of multi-tenant services that I don’t think we are spending enough time thinking or talking about.
While I was in Iceland a few weeks ago, there was a set of discussions driven by Brad Burnham of Union Square Ventures about trying to make Iceland and “Internet Neutrality Zone” similar to Switzerland and banking. While I have no idea if this is feasible, the need for it seems to be increasing on a regular basis.
I encourage you to read Dave’s post below carefully. While neither of us are endorsing or defending Megaupload, it’s pretty clear that the second order impact and unintended consequences around situations like the government takedown of it have wide ranging consequences for all of us. And – it’s not just the government, but mother nature and humans.
Suppose you live in an apartment building, and one day the federal government swoops in and takes control over the building, preventing you from entering or retrieving any of your belongings. They allege that the landlord was guilty of running a child prostitution ring in the building and, while you are not accused of any crime, they will not give you access to your property. They suggest that you sue the landlord to get your property back, even though the landlord no longer controls the property.
This seems like a fairly obvious violation of your rights, and it is unlikely that the government would be able to maintain this position for long. Yet this is exactly what it is doing in the Megaupload case, and in relation to the rather lesser crime of copyright infringement. Somehow – perhaps because of the pernicious influence of large media companies on the government’s activities – rights to your digital data are taking a backseat to any and all attempts to enforce the copyright laws. This is what the online community was trying to prevent with its opposition to SOPA/PIPA, and the government seems to have elected to implement a de facto SOPA by simply trampling on the Constitution.
While I could rant further about the government’s egregious behavior, let’s talk about the practical implications of this situation. The primary implication is that there is a new risk to your data and your operations when you use multi-tenant online services. Such risks have always existed: if you do not have both an offsite backup of your data and a way to use that backup then any number of black swan events could disrupt your operations in dramatic ways. Earthquakes, wars, power brownouts, asteroids, human errors, cascading network failures – yes, it reads like the local evening news, and though any one situation is unlikely, the aggregate likelihood that something can go wrong is high enough that you need to consider it and deal with it.
What this particular case illustrates is that a company that provides your online service is a single point of failure. In other words, simply offering multiple data centers, or replicating data in multiple locations, does not mitigate all the risks, because there are risks that affect entire companies. I have never believed that “availability zones” or other such intra-provider approaches completely mitigate risk, and the infamous Amazon Web Services outage of Spring 2011 demonstrated that quite clearly (i.e., cascading effects crossed their availability zones). The Megaupload situation is an example of a non-technical company-wide effect. Other non-technical company-wide effects might be illiquidity, acquisition by one of your competitors, or changes in strategy that do not include the service you use.
So again, while this is a striking and unfortunate illustration, the risk it poses is not fundamentally new. You need to have an offsite backup of your data and a way to use that backup. The situation where the failure to do this is most prevalent is in multi-tenant, shared-everything SaaS, such as Salesforce.com and NetSuite. While these are honorable companies unlikely to be involved in federal data confiscations, they are still subject to all the other risks, including company-wide risks. With these services, off-site backups are awkward at best, and more importantly, there is no software available to which you could restore the backup and run it. In essence, you would have to engage in a data conversion project to move to a new provider, and this could take weeks or more. Can you afford to be without your CRM or ERP system for weeks? By the way, I think there are steps these companies could take to mitigate this risk for you, but they will only do it if they get enough pressure from customers. Alternatively, you could build (or an entrepreneurial company could provide) conversion routines that bring your data up and running in another provider or software system fairly quickly. This would have to be tested in advance.
Another approach – the one Standing Cloud enables – is to use software that is automatically deployed and managed in the infrastructure cloud, but is separate for each customer; and further, it is backed up on another cloud provider or other location. In this scenario, there is no single point of failure or company failure. If the provider of the software has a problem, it doesn’t matter because you are running it yourself. If the cloud provider has a problem, Standing Cloud has your backups and can re-deploy the application in another location. If Standing Cloud has a problem, you can have the cloud provider reset the password for your virtual server and access it that way.
As long as governments violate rights, mother nature wreaks havoc, and humans make errors, you need to deal with these issues. Make sure you have an offsite backup of your data and a way to use that backup.