It’s the stuff of nightmares.
Cloud storage service Wuala has announced that it’s closing, and that all of the data that it keeps for its customers will be deleted on November 15.
Obviously this is highly disruptive for businesses, who are now unexpectedly having to find another storage provider. They’ll have to meet time pressures for moving their data out, or face losing it. But Wuala is also extremely skimpy on the details of how seriously they’re taking their data stewardship.
It’s a sobering turn of events. I don’t know about you, but I’ve been living high on the cloud hog for a while. I’ve uploaded family pics to photo service Shutterfly for 10 years—and in many cases, that digital version in the cloud is the only version I have. I’ve all but stopped buying music, and instead have a premium Spotify account with all of my carefully curated playlists available anywhere I am. I use Google Drive to back up critical documents—and have, ever since I poured a Starbucks venti coffee with skim milk all over my beautiful Lenovo Yoga ultrabook, frying it completely—along with all of my half-written articles and notes.
The fact is, we very casually take on cloud services. And not just in the consumer realm—businesses are rushing headlong like a pack of starving hyenas into the fat bounty of lower-cost, lower-maintenance, productivity-boosting cloud services. But here’s the rub: There’s no reason to expect that a storage cloud provider will outlive you or your company.
It’s a good bet that few of us have adequately thought the ramifications through—unless you work for a huge corporation with compliance considerations. As for the rest of us…have you taken a good hard look at what’s at stake?
What would happen if Shutterfly suddenly, well, shuttered? Do I have recourse to recover my data? Can I expect that it would take the time and expense to ensure data continuity and safety, even as its employees face termination and execs are losing their shirts?
One wonders how Wuala is securing the confidentiality of their customers’ data, because there’s more than fuzzy cloudy bits at play in the mechanics of it all. When you dispose of an older computer at home, you need to clean out the memory to protect your privacy before you donate or recycle the computer. Similarly, when storage is in the cloud, we can’t forget about the hardware extensions that can still ‘remember’ our information.
Chenxi Wang, VP of cloud security and strategy at CipherCloud, noted in an email a few of the questions that spring to mind: “What measures will Wuala take when they delete data? Will Wuala literally overwrite the bits on the disks, or will they simply delete the handle to the data? Will the physical disks on which the data is stored be repurposed by another entity? And if so, customer data left on the hardware disks may still be accessible.” Wuala hasn’t said anything on this score. “Move it or lose it” seems to be the only message it’s delivering.
Companies, be they restaurants on the square or tech startups, open and fold every day. It’s no different in the cloud than it is on Main Street. And that should be a fundamental consideration when choosing a cloud provider. Due diligence on contingency plans in the case of a bankruptcy or closure on the part of the provider should be a part of any customer contract. Unfortunately, it’s a little-explored arena, legal or otherwise.
“If you are the Library of Congress, for instance, which commercial entity can you enlist to store data and be assured that they will have a similar longevity as you?” said Wang. “This is not an easy question to answer and, indeed, I am not sure the industry as a whole has a good answer today."