Datacenter power outage and DDoS attack cripples VoIP vendor

How many cloud failures have to happen before consumers take notice?

Ooma, a VoIP provider had the dual inconveniences of what they described as a "rare" partial power failure at their unnamed datacenter provider and what appeared to be asimultaneous DDoS attack on their corporate website, which left their customers unable to use their service, or even check on the status of their accounts while Ooma rushed to recover from the problems.

The service was only down for three hours, starting at 5:40 AM Pacific Time, which means that the issue was resolved by the time West Coast customers got to their offices, but anyone further east would have found their business impacted by the outage. Given that Ooma's primary marketing approach is for their free home phone service it is likely that their customers, who are home users, would have been somewhat in the dark about what was going on and tried to connect to the company website.  According to the Ooma corporate blog, it was the sudden rush of customers, that no longer had phone services, trying to access the corporate home page that caused what appeared to be a DDoS attack.

Of course, the explanation is of little value to customers who found themselves without service. This is true of any cloud-based outage; customers won't care why it happened, they just don't want it to happen again.  And it is the primary Achilles Heel of cloud based services; anything that can cause a service interruption eventually will, and it is next to impossible to prevent every potential failure.

In a short span of time where we have seen major cloud providers such as Amazon and Microsoft have significant problems keeping their services up and running, most people are taking careful looks at the SLAs that are coming along with their cloud based service providers. The more professionally paranoid are reminded of the old adage "Once is an accident, twice a coincidence, three times is enemy action."