Balancing responsibility for maintaining data integrity is no joke for Cloud providers. Cost effective solutions are often disasters waiting to happen, and we all know that protecting the data is one of the crucial aspects of any Cloud hosting. Unfortunately, major data losses still occur daily. Everyone is at risk and could be effected by them, even though you are probably thinking – What are the odds of it happening to me… This is exactly why we are taking a closer look at the types of major data loss and are focusing our attention on whom is impacted and responsible for these major data losses when they do happen.
Three main types of data loss include; data destruction, data corruption and security breach (unauthorized data access). As for the types of data itself, there are certain general categories or data domains, since cloud environment has to deal with too many data types to name them all by name. This is why we nowadays have a new concept of data loss domains. These domains are the following: provider non-customer effective (PNCE), provider customer effective (PCE), and customer (CUST). Let’s dissect them, one by one.
Provider Non-Customer Effective (PNCE)
This data loss domain contains information belonging to the cloud service provider and has no effect on the customer. However, if this information is lost or damaged in any way, it will have a significant impact on the provider and their ability to conduct business. In case you’re wondering which data exactly goes under PNCE label:
- Business management data: Billing and metering information, Service quality data, IT Benchmarking data
- Environment management data: Development/DevOpS data, Inventory and configuration management data, Performance and capacity management data
- Security data: Security systems management, ID management, authentication and authorisation data
- Logging data: System logs, Network activity logs, Security logs
Provider Customer-Effective (PCE)
This domain represents that data which is owned by the provider and is significant to both the provider and the customer. Both provider and customer will be impacted in the case of major data loss, while the responsibility (although somewhat shared) primarily falls on the provider. Types of PCE data:
- Self-service portal data: Blueprints, Environment default settings
- Virtual infrastructure configuration: Virtual machine/compute configurations, Virtual networking (SDN, vRouting, vSwitching, VLAN, VXLAN)
- Orchestration and Automation: Provisioning and provisioning management, Promotion
Customer Data (CUST)
Although this type of data can take virtually any form, it primarily includes the data needed to run customer developed and/or deployed services. This information is owned by the customer, who is also responsible for its protection unless otherwise arranged with the provider. An agreement with the provider can provide the option for a customer to opt for a cloud service provider replicate, back-up or some other way of protecting customer owned data. These services are generally provided with a certain form of financial and service-level agreement between the two sides. There’s no free lunch, as they say.
As far as the preventative measures are concerned, even though the whole IT world is migrating to the cloud, the general rules of data protection haven’t changed. Recovery Point Objective (RPO), as well as Recovery Time Objective (RTO) still need to be measured, while we are also obliged to implement data protection solutions based on balanced RTO/RPO, the criticality of data and the cost of implementation. But more on these preventive measures some other time.