Putting Your Enterprise Data in the Cloud? Top Considerations

Author: Chander Kant
Chief Executive Officer, Zmanda
Most discussions regarding the possible transition to the cloud tend to center around transition of on-premise applications to the compute cloud (e.g. Amazon EC2 or Google App Engine). In this article we will focus on transition of on-premise data to the storage cloud – specifically public storage clouds offered at the infrastructure layer (e.g. Amazon S3) – and the factors one should consider before making the switch.

Primacy of Secondary and Tertiary Use
Latency issues will keep the cloud from becoming the primary storage for most on-premise applications. On the other hand, the cloud is increasingly becoming a destination for secondary and tertiary storage (Fig 1). Instead of writing to a tape and shipping tape to an off-site secure location, many businesses are now sending their backup data and archives to a remote storage cloud. In the process, they acquire the risk profile of a much larger organization, such as Amazon, which spends millions of dollars to ensure robustness and accessibility of their data centers.

The recent downtime of clouds has grabbed the headlines, but fortunately, most secondary and tertiary applications of storage don’t require always-on service level agreements. In other words, if the storage cloud is not accessible right now, backup software should be intelligent enough to make it up in the next backup run. Of course, you may hit Murphy’s Law if you happen to be recovering a file simultaneously while your storage cloud vendor is down. Fortunately, sending data to multiple clouds is a far easier option than trying to send physical media to two different locations.
Just like the answering machines gave way to voicemail, tape libraries will eventually give way to cloud-based storage.

Over-provisioning: Expensive; Under-provisioning: Hara-kiri
A key reason to move to a storage cloud is provisioning, one of the most hairy problems for storage administrators. Storage capacity needs, especially for backup applications, can gyrate widely over time, making it nearly impossible to accurately provision physical storage for a particular application. Since under-provisioning tends to have significantly dire consequences, most storage subsystems are over-provisioned.

A storage cloud should be able to scale, based on changing needs. Let’s say, for example, that data retention policy changes, due to a new compliance requirement, requires an organization to maintain data for an extended period of time, the storage cloud being used for your backup archives should be able to easily scale to accommodate the increased need for storage capacity. On the flip side, if an organization decides to purge a set of backup archives that are no longer needed, the storage capacity and associated costs should reduce immediately.

The storage cloud should be elastic to your needs, both in terms of scalability and cost.

Security and Privacy
Our research suggests that security and privacy of data is a key concern for moving data to the cloud. A cloud vendor should provide documentation on the security and privacy measures that are taken in their data center. Ideally, if sensitive data is being transferred, it should be encrypted even before it leaves the data center. The U.S. government agencies, including the National Security Agency, consider Advanced Encryption Standard (AES) algorithm with 256-bit keys suitable for top secret documents. So, this is a good choice for encryption before sending sensitive data to the cloud.

Application of these practices makes most practitioners think of electronic keys to be stronger than physical keys.

Data management is where regulatory compliance obligations meet IT. The European Commission’s Data Protection Directive 95/46 restricts European Union (EU) businesses from shipping several categories of data to ‘third countries’, defined as any country outside of the EU. So, as a storage administrator you need to make sure that storing your data in a particular storage cloud meets the compliance needs of your industry or regional jurisdictions.

If you choose a storage cloud as the destination of your crown jewels, first and foremost it needs to be at least as robust as storing it on an in-house RAID array. A good storage cloud vendor should at least create redundancy within their main data center. Ideally, there should be geographic redundancy to protect against data center-wide meltdown or connectivity issues. Any single failure must be tolerated without causing downtime for the end-user application or inhibiting your ability to access your data.

Seamless Retention
Your storage cloud vendor should seamlessly support your retention policy – however long it may be. While underlying technologies of storage will change over the years, your data should always be accessible at the same URI. This is in fact a key advantage of leveraging a storage cloud for archives and getting rid of the hassles of moving from one media type to another every few years.

Location Matters
Another factor, which makes the location of the cloud a key decision factor, is availability of network bandwidth. For some geographies reliability, speed, and cost of transferring data to a cloud in another continent can be prohibitive. In this case, you may need to choose a storage cloud which is geographically nearer. The cloud vendor should also do asynchronous replication to a remote location in the background to provide geographic redundancy.

Advantage of Open
Locking up your data in proprietary formats and proprietary clouds comes with a huge cost and pain. When sending data to the cloud you need to make sure that you will always have access to your data, regardless of whether you are still using a particular vendor’s technology. This is where open source software plays a key role. Amanda, the world’s most popular open source backup software, is integrated with the storage cloud. Amanda uses an open format regardless of the media it is writing to (e.g. disk, tapes, or cloud).

In addition, Amanda supports up to 2048-bit keys with public-key cryptography as well as 256-bit AES encryption. Amanda’s scheduler is intelligent enough to gracefully pick up the backup cycle if you missed a cycle because of unavailability of the storage cloud. With a single Amanda server you can choose to store your backup archives to multiple media at the same time. You can maintain a repository of archives on a local disk for near-term recovery, and a set of archives on the storage cloud for long-term archiving and disaster recovery.

The author of the article is Chander Kant, Chief Executive Officer, Zmanda.
Previous  article
Write your comment now

Email    Password: 
Don't have SiliconIndia account? Sign up    Forgot your password? Reset
Reader's comments(5)
1: From: Mrs. Mary David

This mail may be a surprise to you because you did not give me the permission to do so and neither do you know me but before I tell you about myself I want you to please forgive me for sending this mail without your permission. I am writing this letter in confidence believing that if it is the will of God for you to help me and my family, God almighty will bless and reward you abundantly. I need an honest and trust worthy person like you to entrust this huge transfer project unto.

My name is Mrs. Mary David, The Branch Manager of a Financial Institution. I am a Ghanaian married with 3 kids. I am writing to solicit your assistance in the transfer of US$7,500,000.00 Dollars. This fund is the excess of what my branch in which I am the manager made as profit last year (i.e. 2010 financial year). I have already submitted an annual report for that year to my head office in Accra-Ghana as I have watched with keen interest as they will never know of this excess. I have since, placed this amount of US$7,500,000.00 Dollars on an Escrow Coded account without a beneficiary (Anonymous) to avoid trace.

As an officer of the bank, I cannot be directly connected to this money thus I am impelled to request for your assistance to receive this money into your bank account on my behalf. I agree that 40% of this money will be for you as a foreign partner, in respect to the provision of a foreign account, and 60% would be for me. I do need to stress that there are practically no risk involved in this. It's going to be a bank-to-bank transfer. All I need from you is to stand as the original depositor of this fund so that the fund can be transferred to your account.

If you accept this offer, I will appreciate your timely response to me. This is why and only reason why I contacted you, I am willing to go into partnership investment with you owing to your wealth of experience, So please if you are interested to assist on this venture kindly contact me back for a brief discussion on how to proceed.

All correspondence must be via my private E-mail ( for obvious security reasons.

Best regards,
Mrs. Mary David.
Posted by: mary lovely david - Monday 26th, September 2011
2: Hello Dear,
my name is sonia i saw your profile today AT and i
to write you as my my friend so that we can communicate to each
othere,please mail me through my email address
that i will send you my pic for you to know who i am for the love and
pleasure i have develpoed in your lovely profile i awaits your lovely
as soon as you get this mail.
please please please contact this email directly
Posted by: sonia wassa - Saturday 27th, August 2011
3: se the revenue model first
Posted by: Hari Nair - Thursday 16th, December 2010
4: Hello,
I explored my self to get on cloud computing.
And as my view for cloud computing is, use only services(applications) from the cloud and configure your database inhouse. That means you are using the UI part of the system through cloud and data are in-premises.

If you put data on cloud, then it is complex equation as privacy/security/compliance are bigger issues for the organization.

One bad news can waste your years of efforts.

I donot aware of any configuration which helps to get the data from in-premises infrastructure and available to cloud application. Any modification over cloud, saves the chanes back to in-premises databases. So, it solves privacy/security/compliance issues.

But here in article, you are saying about data storage on cloud.

Can you please let me know how feasible it is? How can I handle risk of privacy/compliance?

If I my Cloud provider do any fraud then what happened to me? (I am accepting that to stay in long business, no one is ready to do it but consider if some one hack data from cloud provider then?)

Can you please let me know what are risk management provisions in this case?


-Urvil Shah
Posted by: Urvil Shah - Thursday 03rd, September 2009
5: As a founder of a SaaS product company ( I believe that the Cloud is another superior form of deployment. All the objectiions for SaaS will continue here - Security/ privacy, adapation of Enterprise products etc.

Inpremise Enterprise Applications will continue to stay for Unique solutions and strategic Enterprise Applications. SME's which need standardized applications will use SaaS/ Cloud.

Seeing that Inpremise and SaaS/ Cloud will be here to stay we have are providing both inpremise and hosted versions of our products - depending on the customer need.Finally the customer is the king
Posted by: George John Vettath - Wednesday 05th, August 2009
More articles
by Kaushal Mehta - Founder & CEO, Motif Inc..
The retail industry is witnessing an increased migration of customers from traditional brick and mortar retail to E-commerce (online retail)...more>>
by Samir Shah - CEO, Zephyr .
You probably do because you are on the phone with them! For all of you working in some technical management capacity here in Silicon Valley,...more>>
by Raj Karamchedu - Chief Operating Officer, Legend Silicon .
These days are a mixed bag for me. Of late I have been considering "doing something bigger and better," in my life, perhaps seriously though...more>>
by Madhavi Vuppalapati - CEO of Prithvi Information Solutions .
IT Services Rise of Tier II companies The Indian IT outsourcing industry is going through very exciting phase in its business life...more>>
by Bhaskar Bakthavatsalu- Country Manager, India and SAARC of Check Point Software Technologies.
Data loss occurs every day through corporate email. In fact, given the sheer number of emails an organization sends every day, data loss inc...more>>