The Myth of Moving to the Cloud

This is the 2nd in a series of articles examining the “myths” of today’s Business Continuity Management industry.

The emergence of “Cloud” technologies in the past decade has created both benefits and risks.  Whether simply backing critical data up in the cloud, moving applications there, or implementing a full-fledged DRaaS (Disaster Recovery as a Service) program, it is important to remember Murphy’s “law” that says “Anything that can go wrong, will” supplemented with MacGillicuddy’s corollary: “At the most inopportune time”.

The ‘myth’ in the case of the Cloud is simply set it and forget it.  C-suites all over the world have been lulled into the belief that they no longer have IT risks because their data is in The Cloud.  It’s not that simple – or that easy.  Potential risks in the Cloud are no different than those in a corporate data center: cyber security, data corruption and potential data loss or breach.

Some make the mythological assumption that clouds don’t fail.  They do – and more often than you think.  A similar assumption is that data in one of the major player’s clouds is immune to failure. The reality is   Microsoft, Apple, Verizon, Google, Fujitsu and Adobe Clouds have all had failures.  And that’s just in 2015 (so far)!

Unfortunately, we’ve begun to see organizations that have abandoned/shelved their Business Continuity Programs (planning for recovery of Business Processes) because of the Cloud.  After all, they claim, if we can never lose our ability to access our critical data, we don’t need to waste time on planning for physical disasters.  It defies logic, but it exists nonetheless.

And finally, there is the phenomenon you might call ‘one-way DR’. That’s where there’s a comprehensive plan to shift all user applications to the Cloud in the event of a data center meltdown or infrastructure disruption – but no plan for returning from the Cloud once the disruption is over.

Is the Cloud a viable tool for DR? It could be; perhaps it should be.  But that doesn’t absolve DR planners of the need to test their strategy, or plan to pull back operations from the Cloud after the smoke clears. And it certainly isn’t a fool-proof, no-risk, turnkey strategy that allows anyone to throw out their Plans for recovering Business processes and functions.  It could mitigate one of the ‘holy trinity’ of BC planning assumptions: Loss of Technology.

There are serious considerations that must be made before (and after) adopting a Cloud DR strategy. As the prevalence of Clouds grows, their reliability may grow with them – along with their security.  But for now, don’t believe the myth (propagated mostly by supplier hype) that The Cloud is a substitute for Business Continuity Management and IT Disaster Recovery planning.

The Cloud myth just got busted.  Check out the upcoming Myth Buster article next Tuesday which will focus on the Myth of BC Plans for Departments.

SHARE:
eBRP Thoughts

eBRP Thoughts

eBRP Thoughts, eBRP’s Blog voice, represents 50 + years of cumulative BCM knowledge gained through experience in corporate BCM program management, consulting & program implementations. We've worked hand-in-hand with governments and private enterprises to develop viable BCM programs. eBRP is an active participant on LinkedIn and Twitter. The opinions expressed in our eBRP.net blog are ours and are intended to engage resiliency planners in conversations about the BCM industry, its standards and its future.

Related Posts

Enterprise Resiliency: Navigating Through Disruptions

Enterprise Resiliency: Navigating T...

In today’s threat landscape, the ability of an organization to…
Orchestrating BC/DR Testing: Virtual – Emergency Operations Centers

Orchestrating BC/DR Testing: Virtua...

  Enhancing Planning and Logistics Management  Coordinating BC/DR tests involves…
Insights into creating a successful Disaster Recovery Test – Part 2: Preparation

Insights into creating a successful...

Insights into creating a successful Disaster Recovery exercise – Part 1: Objectives

Insights into creating a successful...

Aligning Cyber Incident Response Planning with Your BC/DR Program

Aligning Cyber Incident Response Pl...

Cyber disruptions – and their impact on both reputations and…
What Can You Do when your BCM software Relationship Falls Apart

What Can You Do when your BCM softw...

“This isn’t working.”  “I’ve changed.”  “I don’t see a future…
Aligning BC/DR to CSIRP Challenges

Aligning BC/DR to CSIRP Challenges

The immediate reaction to a cyber-security incident is the FUD…
Technology Modeling – the eBRP Way

Technology Modeling - the eBRP Way

Definition: Technology modeling is a point-in-time snapshot of an Enterprise’s…
eBIA – The eBRP Way

eBIA - The eBRP Way

Definition: A Business Impact Analysis (BIA) is the cornerstone of…
Threats, Impacts, BCPs

Threats, Impacts, BCPs

Within Business Continuity circles there is ongoing debate about the…