The dark side of the cloud is the risk of financial failure at your provider. At the end of October, Digital Railroad, a photo archiving and commerce site used by over 1,500 professional photographers, shut down without warning. Users had just 48 hours to recover images stored on the site. Even if all of them had been in a position to log on and tried to download their data, it's doubtful there would have been enough bandwidth to service the demand.
But surely if a site has a paying, professional customer base of that size, someone will step in and pick up the business? Hosting companies I've spoken to in the industry who specialize in SaaS hosting have said they'd rather keep a service alive until another owner takes over than wipe the systems clean and start over. But it depends who owns the hardware. In the case of Digital Railroad, after two failed attempts to find a purchaser for its image storage and retrieval assets, company representatives on November 10 announced this devastating news for anyone still hoping to retrieve images stored there (I've bolded the chilling three words that sealed their fate):
"Without a commitment for the purchase of its assets, DRR's senior secured creditor will move to take physical possession of the hardware on which the intellectual property of DRR and the copyrighted images of its customers and partners reside. The creditor will have all information erased from the storage devices and then sell the equipment at auction.
"Digital Railroad had hoped that it could preserve the images on the storage devices so that the owners of these images could recover them. Unfortunately, this was not achievable. We apologize for the difficulties that this has created but without additional resources we have no other recourse."
Does this example mean we should all stop using cloud providers and go back to the 'good old days' of running our own software and servers? Of course not. You're more likely to lose everything to a disk failure on your own machines than you are to a business failure of a thid-party provider. But it's still essential in either case to have a back-up strategy.
This is especially important while the ongoing credit crunch continues to create black swan eventualities that people haven't planned for:
- Venture-funded startups discovering their VC backers can't deliver promised funds because their limited partners default on commitments
- Big holes appearing in a company's finances when fraud is suddenly exposed
- Credit card companies unexpectedly shutting down or restricting card accounts that are paying for infrastructure services at Amazon or other cloud providers
I've said before that I think a SaaS code of conduct should include some assurance that a service will continue operating for long enough to put other arrangements in place even if the provider goes out of business. It's up to providers to work out how to set up an assurance of that kind, but I suspect the developing economic conditions will make it more and more of a selling point for those that do it. In the meantime (and irrespective of what providers do or don't do) customers have got to get into the habit of making sure their data is backed up either on-premise or at some other cloud provider, and they must prepare a recovery plan so that they know what to do if disaster unexpectedly strikes their provider.