After the Sidekick near-disaster, mobile phone users might be wondering if they should ever trust any cloud services to protect their vital data.
On the face of it, there are some obvious lessons to be learned from the Sidekick snafu, even as Microsoft Corp. reported today that most of the data that was missing will be recovered from servers at its Danger Inc. subsidiary.
The obvious lessons:
- 1. Back up your mobile phone's critical data independently - on a laptop, a desktop or a thumb drive.
- 2. Raise questions about cloud computing and related services.
- 3. Find out how your mobile device stores data, and make sure you understand it.
- 4. When in doubt, refer to number 1.
Forrester Research analyst James Staten said the Sidekick incident should serve as a reminder to users to back up critical data. "You can't rely on these [cloud] services to be 100% available all the time," he said in an interview. "This is not the first time something like this has happened and it won't be the last time."
Not only is a backup of critical data imperative, users need to have a way to retrieve the backed-up data. "You need to think about the value of your data and what happens if the service is not available," he said. There are many Internet-based services that can be a second backup version to the original backup, such as Plaxo, he said. Having the second one drastically reduces the odds of total loss.
At larger companies, data backups are commonplace and often include information contained on wireless phones as well as desktop computers, analysts said. The issue becomes more difficult when IT shops trust users who put critical company data on personally-owned wireless phones that aren't backed up.
Despite urging users to back up critical data, Staten joined three other analysts in remaining faithful to the mobile phone industry's strong push for cloud computing services, noting that the Sidekick case was relatively isolated.
Nearly every major smartphone provider is working on some version of cloud computing to back up data from smartphones and other cell phones. All those services could be vulnerable to data loss, and the Sidekick example is likely to prompt a broad re-examination of internal server backup procedures, Staten said.
"I'd say that any lesson that says not to trust cloud computing is too aggressive," said Kevin Burden, an analyst at ABI Research Inc. Wireless phones generally come with limited internal storage and some have removeable storage cards, but "they do rely more on backend services and servers in the cloud to provide information."
Burden noted that Nokia's Ovi, Research In Motion's BlackBerry Internet Service (for small business users), Motorola's MotoBlur and others are all backend services that "open you up to having data potentially lost, stolen or replicated somewhere that you don't have any knowledge of. It's a risk you run."
As a result of the industry trend toward cloud computing, and in particular, Google Inc.'s determination to offer many services that way, Burden warned users against overreacting in light of Sidekick's and Danger's relatively isolated problems.
"I don't think anyone should react and say, store all the data on your phone or PC," he said. "Doing that would push the mobile industry backward, and the industry is not prepared to go backward. We all want our data to be accessible wherever we are, and that's the motivation for cloud computing. Do you think this incident scares Google? No."
Ramon Llamas, an IDC analyst, agreed. "I don't think this problem is a warning to anybody to not trust cloud computing. The cloud is mobile's direction. Smartphones are very much about data, data, data, and everybody is going to want a record of what they do. The cloud is not just a nice thing to have; it's a basic expectation."
Llamas said more services are emerging to offer mobile backup, including Best Buy's recent offer to store data for free, called mIQ.
Both Llamas and Burden also said the Sidekick snafu should provide a lesson to mobile phone users to be aware of how their phones work and how their data is stored. To that point, they noted that the Sidekick has never been advertised as a phone for business users. "It's not up to snuff as compared to a BlackBerry or iPhone," Llamas said.
In fact, Burden said he doesn't consider the Sidekick a true smartphone, mainly because it derived as a single purpose device for voice calls about seven years ago into a voice device with texting added on. It doesn't have a third-party application development platform and doesn't offer a high-level operating system or a fast process to handle FIPS (Federal Information Processing Standard) certification, which supports stringent security requirements, the way smartphones typically do, he said.
"The Sidekick was never targeted to the business professional, and is really for the hip-hop generation and youth," Burden noted. "Security and secure storage was never its selling point." Danger originally owned the device, calling it the Hip Top, until the device was sold through T-Mobile-USA and the name became the Sidekick. Subsequently, Microsoft bought Danger in 2008.
"This recent incident exposes some of the deficiencies of the Hip Top/Sidekick," Burden said. "Certain things are not shored up because of the types of users they were going for." While it originally became a texting device atop a good voice phone, it has added other functions but not some of the security basics, Burden said.
Still, Llamas said the problems with the Sidekick will resonate for a while and should give mobile phone users pause about securing their data.
"The incident will make people owning a Sidekick question using a Sidekick, and then those who are thinking of getting one. And after them, everybody else will wonder, 'Could that happen to me?,'" Llamas said.
"Imagine if this happened across an entire carrier's servers. For Verizon Wireless that could be 90 million people. Everybody should think twice if these services could really save your data up in the cloud," Llamas said.
Computerworld's Jaikumar Vijayan contributed to this report.