There's no such thing as "the cloud"...
...it's just somebody else's computer.
You’ve entrusted your data to a cloud. This has allowed you to sell off (or scrap) your legacy hardware. You’ve got some new, up-to-date software applications. Maybe you have also outsourced all or part of your IT team. You no longer have to manage and maintain the bulk of your hardware, software and data. You are now enjoying …
you're assuming that the insolvency goes well.
This is all assuming it's BAU while the liquidation takes place. But staff will walk if the jobs are not safe, as you said power and comm's maybe killed, building owners may refuse access, security companies may not unlock the doors and so on and so on.
And no mention if a buyer is not found at all.
If you're also using your service provider's backup solution, unless you've got your backups stored to physical media outside of your service provider, even if they have separate tape copies, the physical media probably belongs to your service provider or upstream provider, and will be a tangible asset (and thus liable to lien).
This will be true unless you've got an ironclad contract that states the media reverts to your ownership in the case of your service provider entering insolvency, If you don't, you'll probably also lose access to your physical backups as well, and possibly any archival copies kept for regulatory compliance.
If a vendor goes bust, it's not enough just to have a backup of the data - you also need something new to restore your data to or you'll have a business suspended until you do.
This is one of the reasons there have been Open Forum Europe discussions about clouds and standards: it doesn't just facilitate choice, but it also ensures you have a place to migrate to if things go wrong.
Clouds may save money, but they do so at increased levels of risk. This ought to be addressed in your Business Continuity Management planning.
Exactly: plan ahead. Too late to start planning once it's happened...
Your handle reminds me of topic I keep throwing into the ring during discussions: jurisdiction. If your recovery plan involves a vendor in another jurisdiction you better have the legality planned as well. Data migrations from one jurisdiction to another contain all sorts of lovely problems, especially if you're migrating from the EU to the US (basically you'll be stripping the protection of personal data, and may thus not only fall foul of EU Data Protection laws but also set yourself up for an almighty mauling in the press if privacy conscious organisations or customers find out.
If you think you have challenges with technology, wait until you get to the legal side of it.
The legal side - particularly data laws - is often misunderstood. However, it is sensible to think about the legal issues upfront. But I would say that!
You and I should meet up - I am sure those would be long evenings over large quantities of combustable liquids :).
Vision Solutions has been talking about Cloud Risk Mitigation for some time, that is leveraging a secondary Cloud provider for DRaaS and I agree with some of the comments here it is all about the recovery not the back up. BCM needs to now take into account all of the additional risks that come with using the Cloud for production, making sure there is an exit strategy for when your chosen provider gets into difficulty or can no longer provide the services you need is key as well as having a DR strategy that allows you to have your systems up and running elsewhere in the event of sudden outage or insolvency.
Anything critical to your business needs to be managed with the least possible risk and that means taking ownership, not delegating responsibility and hoping for the best.
Legal remedy after the fact is all well and good, but not much help if your business has failed or incurred significant, unrecoverable losses n the meantime.
Yes, if you move some or all of your IT to a cloud you need to be aware of the potential pitfalls, and yes, your provider going bankrupt is one of those, but as the article suggests there are ways to mitigate the impact of this.
However, not moving to a cloud also has its pitfalls. People who don't perform the necessary checks have been losing data since about an hour after the first electronic computer was switched on. If you do things yourself then a variety of things go wrong: your server room could burn down; your servers could break down; your sysadmins could become disgruntled and screw you over.
"If you do things yourself then a variety of things go wrong: your server room could burn down; your servers could break down; your sysadmins could become disgruntled and screw you over."
And somehow, in your mind, "the cloud" is immune to same? What colo(u)r is the sky in your world?
I'll stick to managing my own electonic computer systems, ta you very much.
Biting the hand that feeds IT © 1998–2019