The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud. https://www.bbc.co.uk/programmes/m001hzb3 and https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
You might examine a proposed contract carefully, to see if the hosting company will acquire any rights to the data. Once upon a time,
customers' email was considered confidential, and email hosts made a
point of saying the email was guaranteed private and was never read
by the host. After some years, some people started noticing they were
getting adverts connected with their emails and it turned out that many
hosts had quietly dropped that guarantee.
On 10 Apr 2024 at 21:42:33 BST, "Joe" <joe@jretrading.com> wrote:
You might examine a proposed contract carefully, to see if the hosting
company will acquire any rights to the data. Once upon a time,
customers' email was considered confidential, and email hosts made a
point of saying the email was guaranteed private and was never read
by the host. After some years, some people started noticing they were
getting adverts connected with their emails and it turned out that many
hosts had quietly dropped that guarantee.
I would have said that the other thing to beware of is where the data is >actually hosted and what path it takes to get from you to there. The Yanks >have form for being officious that if the data is hosted in the US, or perhaps >even only passes through the US to get to the server, they give themselves the >right to have access to it if ordered by some tuppeny-ha'penny court in >Armpit, Nebraska or similar.
On 10 Apr 2024 at 21:42:33 BST, "Joe" <joe@jretrading.com> wrote:
You might examine a proposed contract carefully, to see if the hosting
company will acquire any rights to the data. Once upon a time,
customers' email was considered confidential, and email hosts made a
point of saying the email was guaranteed private and was never read
by the host. After some years, some people started noticing they were
getting adverts connected with their emails and it turned out that many
hosts had quietly dropped that guarantee.
I would have said that the other thing to beware of is where the data is >actually hosted and what path it takes to get from you to there. The Yanks >have form for being officious that if the data is hosted in the US, or perhaps >even only passes through the US to get to the server, they give themselves the >right to have access to it if ordered by some tuppeny-ha'penny court in >Armpit, Nebraska or similar.
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud. https://www.bbc.co.uk/programmes/m001hzb3 and https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where),
so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud. https://www.bbc.co.uk/programmes/m001hzb3 and https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
On 10/04/2024 20:57, Chris Hogg wrote:
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
I have copies on multiple computers, as well as the cloud.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
Not much different. Modern social-engineered attacks are designed to
persuade you to run something with elevated privileges which encrypts
your data.
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is
generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud.
https://www.bbc.co.uk/programmes/m001hzb3 and
https://www.bbc.co.uk/newsround/64625655
I would say this is "green washing"
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
That depends on your cloud contract. I would say in the case of the free
ones no, but then how good are your existing backups? Have you ever done
a cold restore? Can you re-build the server Operating System? In the
event of a fire or lightening or power surge are you good to go.
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is >generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case.
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud. https://www.bbc.co.uk/programmes/m001hzb3 and https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
On 10/04/2024 20:57, Chris Hogg wrote:
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is
generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud.
https://www.bbc.co.uk/programmes/m001hzb3 and
https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
So you have all your eggs in one basket.
I would back up on multiple DVDs written at very slow speeds for the
deepest of laser pits, stored in hermetically sealed correct
,maybevacuum, environments to minimise corrossion of the Aluminium , in different sites in case of flood or fire and also multiple external HD
stored on different sites and also multiple datasticks.
Even the pro York Data Services the premier UK store of UK archaeology
data, you cannot find how they store it. Assumed to be RAID array which
can be infected with malware and brought down.
--
Global sea level rise to 2100 from curve-fitted existing altimetry data
<http://diverse.4mg.com/slr.htm>
The term "cloud" is a bit nebulous (yeah, I know :-)
It could just mean a lone physical server sat in a data centre, but more likely these days it will be a virtual server, storage for which will
likely be on some kind of shared fault tolerant storage device (SAN
etc), and the actual virtual machine image will be deployed with many
others onto physical hardware. So a server going tits up or suffering a
disk failure is unlikely to even be noticeable at your end, and things
can be automatically migrated to working hardware.
Cloud storage normally allows multiple ways to download data - many also offer the option of sending out physical media for quick disaster recovery[1].
On 10/04/2024 20:57, Chris Hogg wrote:
so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
The term "cloud" is a bit nebulous (yeah, I know :-)
On 11/04/2024 09:15, N_Cook wrote:
On 10/04/2024 20:57, Chris Hogg wrote:
The local history archive where I volunteer is proposing to put all
it's files on the cloud. I know very little about the cloud. As far as
my knowledge goes, rather than having your computer storage in your
own PC or laptop on an SSD or HDD, it's like having your data on
someone else's computer that can be anything from next door to
thousands of miles away, so I have questions.
How secure is it against 'bad actors' who may want to steal
information, or simply delete it or infect it out of malice? Is it
more secure than a domestic computer with reasonable anti-virus and
firewall protection?
One of the claims being made in our case is that it will reduce our
carbon footprint. While I can see that if our particular cloud
computer is based in Iceland for example, where all the electricity is
generated by renewables, then we may indeed reduce our carbon
footprint, but I guess in general that won't be the case. It may
reduce our electricity bills a fraction (we have one file server and
six elderly PC's in use, mornings only, four days per week, so not
many KWh's), but I guess that would be offset against charges to use
the cloud, and in most cases (Iceland excepted) that electricity would
not be renewable, just not generated in the UK. So is it actually
'green'? I see the Beeb, normally an ardent supporter of all things
aimed at reducing CO2, is critical of the cloud.
https://www.bbc.co.uk/programmes/m001hzb3 and
https://www.bbc.co.uk/newsround/64625655
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
So you have all your eggs in one basket.
I would back up on multiple DVDs written at very slow speeds for the
deepest of laser pits, stored in hermetically sealed correct
,maybevacuum, environments to minimise corrossion of the Aluminium ,
in different sites in case of flood or fire and also multiple external
HD stored on different sites and also multiple datasticks.
That would be nice, but challenging. I have nearly 400gb of data on my Microsoft OneDrive so that is a mere 40 DVDs so unless I had multiple machines I would pretty much have to dedicate my life to backing up my
data.
Even the pro York Data Services the premier UK store of UK archaeology
data, you cannot find how they store it. Assumed to be RAID array
which can be infected with malware and brought down.
Any writeable storage can be infected by Malware, even your DVDs. It can
lurk for ages before it activates and corrupts your live system. The
data is unlikely to be on a traditional RAID array. I would suspect its
some kind of SAN (Storage Area Network) hopefully with multiple copies.
If you build things properly you can have data replicated in real time
across multiple sites. If you also have multiple snapshots then you can
roll back the data after malware infections, that is assuming there is physical separation of the data stored in the SAN, and the "data" used
to load the software into the SAN which always used to be the case, but
its been a while since I worked with such stuff.
as with anything it can be expensive, but the ransomware may be even
more expensive.
--
Global sea level rise to 2100 from curve-fitted existing altimetry data
<http://diverse.4mg.com/slr.htm>
oh that brings back memories from working at NERC Bidston where one of
the things we did was to track mean sea level.
https://www.eea.europa.eu/data-and-maps/data/external/permanent-service-for-mean-sea
--
Global sea level rise to 2100 from curve-fitted existing altimetry data
<http://diverse.4mg.com/slr.htm>
oh that brings back memories from working at NERC Bidston where one of
the things we did was to track mean sea level.
https://www.eea.europa.eu/data-and-maps/data/external/permanent-service-for-mean-sea
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
Chris Hogg <me@privacy.net> wrote:
Is it backed up anywhere (if so, where), so that if the computer
holding it is destroyed either deliberately or by some natural event (Iceland gets volcanoes that pop up in unexpected places!), there
are copies elsewhere in another part of the cloud that can be
accessed to restore the original data?
Suppose you needed a database.
1. You could install MS Access[*] on a PC under your desk. We'd
call that 'on premises' or 'on-prem'. Maybe you'd rather put that PC
in a dedicated room in the basement, but that's the same thing.
Maintaining everything - the hardware, the software, the power
supply, the user accounts, ... is all up to you.
[*] not a recommendation for database software!
2. You could rent a server in a datacentre somewhere, install Windows
and MS Access on it yourself. That's Infrastructure as a Service or
IaaS. Here the hardware is now somebody else's problem but the data
stored on it (and security and backups thereof) is yours. You would
access it over the internet not over the LAN but it would work
roughly the same way.
3. Or you could pay Microsoft for the MS Access 365 web service.
There MS take care of both the hardware and the software and just
provide you with a login to the online version of Access. That's
Software as a Service (SaaS). MS take care of handling hardware
failure, and they also look after the data so if the hardware crashes
the data is maintained. They may also maintain availability, so that
if the datacentre in Ireland becomes unavailable for some reason,
your query gets routed to an alternative server in Germany which will
handle it. They also take care of some of the management overhead
(eg checking who has access, managing their passwords, etc etc)
As you go through the levels, the provider is doing more work for
you. Like-for-like they will cost more, but can often work well if
your needs are small (if you only need to store 10GB then paying for
0.01% of someone else's shared server is going to be cheaper than
buying a PC and only using 0.01% of it)
What you cede going up the levels is control to do things how you
please. OTOH they probably do a better job than you will, and maybe
you would rather get on with doing your job and not managing servers.
As I said in my other post there are risks for you in terms of the
competence of the cloud provider, their billing and/or price rises,
and the complexity of switching provider should you decide to move
elsewhere. Which might be set against your competence to manage your
own servers and the costs of doing so, plus the risk to the
organisation if you go under a bus.
Where you sit on the spectrum will depend on how much technical
competency and resources you have, as well as the particular business
needs.
Theo
John Rumm <see.my.signature@nowhere.null> wrote:
The term "cloud" is a bit nebulous (yeah, I know :-)
It could just mean a lone physical server sat in a data centre, but more
likely these days it will be a virtual server, storage for which will
likely be on some kind of shared fault tolerant storage device (SAN
etc), and the actual virtual machine image will be deployed with many
others onto physical hardware. So a server going tits up or suffering a
disk failure is unlikely to even be noticeable at your end, and things
can be automatically migrated to working hardware.
Cloud storage normally allows multiple ways to download data - many also
offer the option of sending out physical media for quick disaster
recovery[1].
It is a question worth asking as to what this service actually provides.
In this case it's quite likely that the service being rented is 'data storage' and not 'servers'. In other words somebody looks after storing the data, and how they do that isn't something you interact with - they must run some servers but where and how they run that isn't something you are exposed to. The service offer you ways to move data in and out.
This can be called 'storage as a service' (STaaS) but can also be combined with other services like online database tools which are more generally 'software as a service' or SaaS.
While it is possible to rent 'servers' and then run your own install of software, that's probably not something you want unless there's a
good reason you need to manage the software running on top of the servers that you rent. (cloudy people call this 'infrastructure as a service' or IaaS because you're renting just the hardware, and the software is your own)
The OP is dead right that 'the cloud is someone else's computer' so the questions to ask are about how much care the 'someone' takes with your data and how they manage failures, access and prevent data breaches. And
billing, and also what happens if they raise the prices too much and you
want to leave.
You will want to work out what the steady-state running costs are likely to be - while they may provide a better service than you could DIY, it may well be more expensive than whatever you are doing at the moment.
(there may be some introductory offer or whatever, but be aware it's another project to migrate data out of a cloud provider so it's not always straightforward to hop over to somebody else - which is why the regular pricing matters)
Theo
That would be nice, but challenging. I have nearly 400gb of data on
my Microsoft OneDrive so that is a mere 40 DVDs so unless I had
multiple machines I would pretty much have to dedicate my life to backing up my data.
error with the calibrations
On 2024-04-10, John Rumm wrote:
On 10/04/2024 20:57, Chris Hogg wrote:
so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
The term "cloud" is a bit nebulous (yeah, I know :-)
Good one!
Thanks for all the advice and suggestions. I'm told that we will be
using MS365, so from what Theo has recently said about it, a lot of my concerns should be taken care of. But still worth my enquiring from
the PTB here, if all those points have been taken into considerations.
Thanks again.
On Thu, 11 Apr 2024 10:15:55 +0100, Adam Funk <a24061a@ducksburg.com>
wrote:
On 2024-04-10, John Rumm wrote:
On 10/04/2024 20:57, Chris Hogg wrote:
so that if the computer
holding it is destroyed either deliberately or by some natural event
(Iceland gets volcanoes that pop up in unexpected places!), there are
copies elsewhere in another part of the cloud that can be accessed to
restore the original data?
The term "cloud" is a bit nebulous (yeah, I know :-)
Good one!
At first gance I read that as nefarious, not as clever but possibly
more accurate.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 299 |
Nodes: | 16 (2 / 14) |
Uptime: | 60:17:21 |
Calls: | 6,690 |
Files: | 12,225 |
Messages: | 5,345,454 |