|Fear And Loathing In The Cloud|
|Written by Mike James|
|Wednesday, 04 July 2018|
The cloud has many advantages, but there is one very big downside - you hand over control of your major assets to a third party that you simply have to trust. Is the thought that you could be held to ransom for some supposed infringement of the terms and conditions keeping you awake at night? Perhaps it should.
Of course, you're the customer; but you have to accept that you aren't always right and you aren't even always welcome. Renting your hardware in the cloud is flexible, but what happens if it all goes wrong - and I'm not talking hardware failure.
It all started last Thursday, according to the Medium post outlining what happened when Google Cloud Platform decided to pull the plug on a large system monitoring wind turbines. Needless to say it was, and is, a mission critical system. The first indication that there was a problem was the system monitor sending alarms to the admin that the system was down. Apparently everything was off and, much worse, unreachable so there was no possibility of downloading databases and continuing to run on alternative hardware.
The problem, as indicated by Google Payments, was that suspicious activity had been automatically detected on the payments account. The account had been closed and this resulted in the shutting down of all of the machines. The solution offered was to sign in and verify the account information. This seems to have involved filling in a form and uploading a picture of the credit card and a government-issued photo ID. As the blog post suggests waking up the CFO to get access to the credit card wasn't a fun proposition, but essential in this case.
The worse thing about this particular nightmare is that Google didn't provide any phone contact point and stated that if the problem wasn't corrected in three days then the project would be deleted.
Is this ransomware or what?
Imagine if the cardholder was on holiday for more than three days; the potential loss is huge. In this case filling in the form brought the system back online in about 20 minutes.
Google isn't the only company potentially to create problems such as this, but it is particularly difficult to get hold of. Google customer service is almost non-existent when you go beyond automatic systems. Even as a technical journalist I struggle to get in touch with anyone who can comment or put things right that have gone wrong.
It isn't only the big companies that use strong-arm tactics to get customers to jump. Back in the early days of I Programmer, we used a low-cost hosting company that had been recommended to us. Everything was going fine until our traffic started to go up and the shared hosting started to fall over. We found ourselves offline and a phone call revealed that unless we upgraded to a more expensive service our VM would be deleted and good luck with retrieving the domain name. Clearly we had no choice but to pay. Having done so the site was then moved to another hosting service and that worked out well for all concerned.
Now, as you might have noticed, we use AWS and yes what if a middle of the night email informs the admin that a server is sending spam or serving malware or the registered credit card has been used to defraud a completely unrelated, in theory, Amazon department.
Yes there is as much potential fear and loathing in the cloud as there is in the app store - and thanks go to Lucy Black for letting me borrow her inventive title.
What is the solution?
Well it is obvious that you need to take off-cloud backups perhaps more often than you might think, but this isn't exactly easy.
The only one that I can think of is to break your assets up into different silos - but even then whoever you are paying to host your DNS is a single point of failure.
Fear and Loathing In The App Store
or email your comment to: firstname.lastname@example.org
|Last Updated ( Wednesday, 04 July 2018 )|