Here comes the FUD! Legacy vendors sure to jump on the Salesforce outage

One company's misfortune is another's lucky day. Salesforce isn't going to enjoy the upcoming anti-cloud FUD.

150914 salesforce dreamforce 2
Credit: Martyn Williams

Salesforce had an ill-timed outage recently (particularly painful is that it occurred on the eve of the company's Dreamforce user conference). While any outage is bad, and this is especially the case for cloud-based solutions which demand connectivity to be operational, it isn't a case of the sky falling in. So given that the next few weeks will no doubt see a host of vendors jump in and go on the attack suggesting that cloud is a flawed delivery methodology, here's some clarity around the issues.

First some information about what actually happened. One of Salesforce's 45 U.S. instances was shifted to a new site on May 10. This shift was caused by a power failure at its previous site in Herndon, Va., resulting in the need for a quick move to Washington, D.C. So far, so good.

The problem was that service degradation occurred, resulting in Salesforce suspending some functionality for users on that instance. The root cause of the outage, while still unknown, looks to be an issue with Salesforce's core database, in this case, an Oracle tool (ironically, Oracle is potentially a beneficiary of the press around this outage).

Unfortunately, the fix that occurred had a harsh side effect: the loss of potentially five or more hours' worth of customer data. The resolution to the error, while resolving the file integrity issues, meant that anything written to that particular database instance in the period between move and rewrite would be lost. Loss of data is an absolute poison pill for cloud vendors, which go to great lengths to not only build robust systems but also to ensure the message is well understood that customers' data is inherently safe.

Naturally the Twitter-verse was awash with customers complaining about the situation and venting their frustration at anyone who would listen. And rightly so -- as mentioned, SaaS vendors live and die on the continuity and reliability of their service. But conflating an outage (as regrettable as it is) with an existential issue around the delivery methodology is another thing altogether.

The very nature of cloud applications highlights outages

Make no bones about it: On-premises applications suffer regular outages. Even the largest enterprises have issues, whether it is their email servers, their ERP systems or their e-commerce solutions.

The difference with these issues (excluding, perhaps, e-commerce solutions) is that these outages are predominantly hidden from view. If an enterprise exchange server goes down, the employees of that enterprise might moan a little, but the extent of the issue is far smaller than with a cloud system that might be servicing hundred of different companies.

So when legacy vendors suggest that the Salesforce outage calls cloud into question, they tend to ignore the fact that their own systems suffer regular outages. They just rely on the fact that few people know about them.

SaaS vendors live and die by continuity

If an on-premises application goes down, there are perhaps a handful of employees who may lose their job. Heck, even when a large e-commerce vendor gets hacked, beyond the PR issues the ramifications on the business tend to be minor.

That isn't the case for cloud vendors. Salesforce, Amazon Web Services and other cloud vendors live and die by customer satisfaction. And they're well aware that any outage or security issue gets noticed, and mentioned, en masse.

That is why large cloud vendors invest incredible amounts of money in building robust and secure systems. I've visited some of these companies' data centers and seen how seriously they take security and reliability. As an apples-for-apples comparison, the average cloud vendor has systems and infrastructure far more reliable than that of the average enterprise.

Sunlight is the best disinfectant

When Salesforce suffered its first major outage back in 2006, the company set up a standalone website, Salesforce Trust, to enable customers, partners and the general IT public to have a fully transparent and real-time view of service levels.

There is no hiding behind a corporate veil -- this is transparency, front and center. I know many executives within SaaS companies, and performance and availability is absolute a core metric upon which they are judged.

FUD is just that -- but lessons need to be learned

As mentioned, there will no doubt be significant amounts of fear, uncertainty and doubt spread by legacy vendors who see this outage as a chance for them to gain some more customers or prop up their existing business. Such is the way the industry works. But don't confuse marketing spin with reality. Dollar for dollar, cloud vendors deliver better security, availability and reliability than traditional on-premises IT.

That's not to say that Salesforce should get off with no consequences. It lost customer data, and that is a line that should never be crossed by cloud vendors. I expect to see a full and frank assessment of what went wrong, alongside significant strategies to ensure that something like this never happens again.

Salesforce and its executives have significant work to do to rebuild trust and articulate clarity about what went on. But having some gaps to fill is different from negating an entire business model. And no amount of FUD will change that.

This article is published as part of the IDG Contributor Network. Want to Join?

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon