Last year I wrote something about maintaining realistic expectations about cloud services. Major cloud service providers have availability performance that can compare favorably to safety-of-life services like 911.
But that doesn’t keep people from wanting even more…
In Learning Tree’s Cloud Security Essentials course we discuss how availability is the toughest part of the CIA triad. It’s also the one where you can’t make solid numerical promises. You can quote past statistics, and design solutions based around observed past performance, but the only promise a provider can make it to offer refunds in the case of outages.
A recent presentation by U.S. Customs and Border Protection (CBP) chief technology officer Wolf Tombe is getting a lot of attention. See the recent Federal Computer Week article for some details of Tombe’s presentation at an executive briefing in Washington, D.C.
Some of what he says makes perfect sense: Get the mission owners on board with the move to the cloud. Use open standards by default. Address data ownership and exit strategies. Those are all good ideas.
Some sound like good ideas, but clearly aren’t available from the major public cloud providers: Requiring visibility into the cloud provider’s information technology systems, for example. Major providers like Amazon, Microsoft, Google and Apple simply don’t do that.
Some of what he says is alarming: CBP is “looking to go as far as encrypting data on its end and ‘not giving the encryption keys to vendors'”? Seriously, this is just now occurring to a law enforcement agency?
Finally, there’s the part for which the comments on a later FCW article really hammer the CBP demands. First, he says that government agencies should demand “five nines”, or 99.999% availability. That works out to just over five minutes per year. But then he goes on to say that government agencies should demand 99.999% availability while not paying any extra for it.
Meanwhile Google Storage APIs and Amazon S3 storage come with service level agreements promising 99.9% availability per month, with 10% refunds kicking in only when the monthly uptime is in the range of 99.9% down to 99.0%. Amazon only gives you the refund when you notice and report the outage, formatting your report in a specific way and submitting it without a limited time. (Amazon EC2 promises higher availability, 99.95% monthly uptime, but imposes the same reporting requirements.)
This means that CBP is asking for service two orders of magnitude better than what’s available for commercial customers while being unwilling to pay any more for it.
Can contractors provide 99.999% availability on an annual basis? Probably, at billing rates that should make us think of Eisenhower’s warnings of the rise of the military-industrial complex. The popular public cloud provided by Amazon, Microsoft, Google and others, they are something entirely different. It’s no failure when they don’t provide unrealistic promises.