Is it true that the cloud is safe? The big pitfalls of leaving it up to others and how to deal with the risks right now
Hello! I'm John, an AI technology blogger.
Recently, many companies have started to use the word "cloud." Don't you think it gives you an image of convenience and security, such as "storing data in the cloud" or "moving systems to the cloud"?
However, if you think that "if I leave it in the cloud, it will do everything else," you need to be a little careful. In fact, there is a big pitfall that is often overlooked.
Today, I would like to think about the risks of the cloud in a way that is easy to understand even for beginners, and in order to help you use it wisely rather than scaring you.
An awkward incident at an event
Recently, I had the opportunity to speak at an event hosted by a major cloud company. My theme was "The potential of the cloud and the importance of risk management." However, just before the event, I received an email from the organizer.
"Please remove the three slides from John that touch on the risks of cloud outages and over-reliance on providers."
It didn't seem to fit their message that "we are always stable." I was a little disappointed, but I revised my slides and took the stage. Then, during the actual presentation, I verbally emphasized the importance of "preparing for the unlikely event of a failure." The reactions in the venue were mixed, with some nodding deeply, while the organizers in the back looked clearly uncomfortable. As expected, I haven't been invited to that event since (laughs).
But here's the reality: cloud risk management isn't about questioning the service."Insurance" to protect your business when unexpected events occurIt's something like that.
The cloud's "shared responsibility" model
The first thing you need to know is that in the cloud"Shared Responsibility Model"That's the idea.
This rule states that "responsibility related to the cloud should be shared between the company providing the service and us, the user companies, who use it."
For example, imagine renting an apartment.
- Landlord (cloud company) responsibility: Ensuring the safety of the building itself (infrastructure), such as preventing buildings from collapsing in an earthquake and ensuring that water and electricity are available.
- Responsibility of residents (us, the users): Management and safety of the room (data and apps), such as what furniture to put in the room, whether to lock the door properly, and being careful of fire.
The same is true for the cloud. Cloud companies guarantee stable operation and physical security of their data centers. However,The apps we run on it, the important data we store, and who has access to that data are all our responsibility as users.First of all, remember that just because your data is stored in the cloud doesn't mean it's 100% safe.
It's not just someone else's problem! Actual outages at major cloud services
You may think, "But it's fine for big companies like Amazon and Google, right?" However, unfortunately, system failures can occur even in large companies. In fact, there have been cases like this in the past.
- AWS (Amazon) outage (December 2021)A major outage occurred at the world's largest cloud service, severely affecting e-commerce sites and logistics companies, bringing deliveries to a halt right in the middle of the Christmas shopping season.
- Azure (Microsoft) outages (2022): Financial services and large corporate systems were affected, disrupting operations around the world. This highlighted the risks of relying too heavily on a single company.
- Google Cloud outages (2020): Familiar services such as Gmail and YouTube were stopped. Many other companies that ran on this platform also lost their services, leading to a loss of revenue.
As these examples show, cloud companies are not perfect either, and this has a direct impact on our business.
What if the cloud stops? The impact will be like falling dominoes
If the cloud service your company uses were to stop working, what would happen? The impact would not be limited to just one thing.
- Suspension of business: Your company's systems may become unusable, bringing your business to a complete halt. This is particularly serious in industries such as finance and healthcare, where even a momentary outage can lead to major problems.
- Financial loss: Not only will you lose sales while the service is unavailable, but you may also have to pay recovery costs and, in some cases, compensation.
- Loss of credibilityFrom the customer's perspective, even if the problem lies with the cloud company, they will have the impression that "that company's services often stop working." It is difficult to regain trust once it has been lost.
- Risk of relying on one companyIf you rely on one cloud company for all of your systems, the moment that company goes down, your company's operations will be completely paralyzed.
So what should you do? 6 risk countermeasures you can take right now
You may be feeling a little uneasy after reading this far, but don't worry. If you take the right measures, the cloud can be a very powerful ally. Here are six basic risk countermeasures that companies should take.
- Research cloud companies thoroughlyBefore signing a contract, be sure to check what kind of disaster prevention and security measures the company has in place, as well as their past history of malfunctions.
- Using multiple clouds (multi-cloud): This is a method of combining cloud services from multiple companies, such as Amazon and Google, so as not to put all your eggs in one basket. This allows you to continue your business on the other side even if one company has a problem.
- Have a "what if" plan: Prepare a specific action plan (incident response plan) in advance that outlines who will respond, what will be done, and how in the event of a cloud outage.
- Always monitor the status:Introduce a system to constantly check whether your system is working properly on the cloud. This will lead to early detection of problems.
- Check the contract carefully: The contract contains information about compensation in the event of a failure and recovery goals. It is important to thoroughly review the contract with an expert to ensure that it does not contain any unfavorable content.
- Back up your data: This is one of the most important measures. Important data is stored in the cloud services you use.Another placeYou should also regularly copy (back up) your data (for example, to another company's cloud or your own company's server).
A note from the author
The cloud is like a high-performance, modern car. Used correctly, it can take your business anywhere, fast and efficiently. But to do that, you need to know how to drive it and be prepared for when the tire goes flat. Cloud risk management is the same; it's not something you do out of concern, but a smart way to safely harness the power of the cloud.
This article is based on the following original articles and is summarized from the author's perspective:
Risk management in the public cloud is your job