In a previous article we looked at the gigantic amount of data being generated every year, and how easy it is to simply ignore the problem.
That’s problematic, as ILM – Information Lifecycle Management – was created to help us all establish best practice ways of working with data but also archiving and properly purging data when it needs to be, as defined by law in most cases.
Cloud tends to make this more complicated. It does this in two ways. One, the biggest mistake people make when they think about data in the cloud is to think that cloud is an infinite resource. It is in the sense you can buy as much as you want. But note the verb – buy. Of course you can buy more storage, but you have to pay per Gigabyte, even if it’s at a low cost. So it’s still a finite resource and an overhead.
The second and main reason cloud is a potential problem is to do with deletion. We talk a lot about the geography of sensitive data, but we don’t talk enough about making sure it’s totally deleted for good. That matters because if you don’t know where your data is, you can’t be sure it’s ever really gone.
Your biggest single issue here is a lack of clarity about where the data is. That is part of the USP of a public cloud; data lives in different geographies on a variety of media – that’s part of the way cloud providers make all this cost effective for you. The concern then is how sure can you be that it’s all deleted, everywhere, permanently, at the time you – or your regulator – need it to be. Public cloud multi-tenancy gives you some big data control issues in particular.
Of course, the only real way to permanently delete data for certain is to get the hard disk out and hit it very hard with a hammer. Alas, you can’t do that with the public cloud. Data is here, there, copied here, in transit there… But if you are a responsible company, you have to be sure that you have visibility and security of the management of that data, especially around archiving and retention policies. So in the case that you need data to be permanently deleted, how do you ensure your cloud provider has the right capabilities to do so?
The way forward: smart SLAs with a canny service partner
I do genuinely worry that public cloud is simply not a great destination for an organisation that has information at scale and for strategic issues has to be deletion focused. If you have to know data is deleted for good, when deemed necessary – then I wonder if either private cloud or a hybrid solution should be preferred.
If you are clear and up-front with your provider about the importance of data deletion, you can work with the cloud and get all the advantages of a lower opex you want. The key is partner choice and very focused SLAs and contracts. Smaller or younger cloud providers are focused on growing their footprint; they don’t really understand the full lifecycle story of information. That suggests that if you are a financial services firm, or a big government or public sector body, you can only really contract with a provider that has the experience to work with you on this issue to the level of satisfaction you need.
I would also suggest looking at the longevity of your supplier. What happens if they disappear after five years? If you have a pension database that needs to be accessed for decades, that’s simply not sufficient.
You can’t predict such a business failure. But it’s important to factor it in. A great back up here is to have a clear statement in the contract that your data is always your data – and that you can always take it back, in the form you need it in, at any time, which could help considerably if the company looks as if it could be struggling or you decide on another storage mechanism closer to your business goals.
However you do it, if data needs to be deleted in your business process, you simply can’t afford to be unclear about the way it’s routed and stored. Like it or not, this is likely to get more of a business problem as we lead more and more digital lives. And I would finally suggest to the DM community that this is a very hot topic that our customers and partners haven’t thought enough of yet, so let’s get out there and help.
The author is Howard Frear, Sales & Marketing Director at EASY SOFTWARE UK