When a cloud service vanishes: How to protect your data

Nothing lasts forever, and that includes online services. We look at some dangers in trusting your data to the cloud, and how to prevent problems.

1 2 3 Page 2
Page 2 of 3

Look for these features

If you're currently deciding whether to use a specific Web service, it helps to know how it will handle your data and if it can provide you with ways to rescue your data or move the information offsite. There are several things to look for.

Data is available in open formats for easy download. The best sign that a website or service has the preservation of its users' data in mind is the ability for users to make a backup copy of their data through the service itself. If there's no back-end tool for downloading copies of your content, you may be forced to scrape the data manually, so anything that saves you the trouble of having to do so is worth noting. The wiki-creation site Wikia.com, for instance, lets you save whole wikis or individual pages into plain text files either for archiving or offline editing.

Interestingly, Google has been making major strides in this area. When it recently started beta-testing its Google+ social network, it added extensions to allow personal data (contacts, circles, etc.) to be exported via Google Checkout. The real test of such a feature, though, is how useful it'll be to transport your data into other services.

Data tools are provided by the service or third parties. If you don't have direct access to your data through the service's own Web interface, the next best thing is an application that can pull that data for you via one of the service's APIs. You might have to do some programming on your own to take advantage of those APIs, but it's a good idea to look around first -- someone else out there might well have done that work for you and made the results freely available.

Andrew Reichman, principal analyst at Forrester Research, says any service you use should be considered proprietary, even if the provider of the service advertises its own exit strategy. In other words, take any claims about data portability with a hefty chunk of salt. "Even with standards [for data interchange], you are still at the mercy of the administrators and policies of the company operating the equipment on your behalf."

Terms of service. The ToS for almost any service these days is worded to within an inch of its life, with almost every conceivable aspect of the service's functionality covered. "Paying close attention to the SLAs [service-level agreements], contracts and penalty structure related to non-performance of SLAs is critical," says Reichman. "Having an exit strategy, or at least some discussion about what would happen in the event the customer wants to pull out or the vendor cancels service, is an important preliminary step to take, prior to committing to a given vendor." The fewer details about such things in the ToS, the more wary you should be. (Later in this article, I'll talk more about what to look for in the ToS.)

George Hamilton, an analyst at Yankee Group, is even more insistent on this point. "Caveat emptor," he says. "Know how the service provider protects stored data and data in motion, and how it is backed up."

This is where services can afford to compete most aggressively: by allowing customers more freedom of movement with their data, even if it seems counterintuitive at first to let them leave. "Vendors should sell their functionality, not create lock-in with technology," says Hamilton, noting that the general movement in the industry is toward open standards of one kind or another.

Reichman, however, disagrees. "The most likely [scenario] is one vendor's proprietary structure becoming a de-facto standard that other vendors follow," he says.

Watch for warning signs

Is it possible to tell ahead of time if a service's plug is about to be pulled? Sometimes the best places to look for signs of that happening are not on the service itself.

The ArchiveTeam Web site maintains a list of sites that are in danger of being shut down or are already dying. If you use a site listed there (under the heading "Watchlist"), it's probably a good time to think about taking your data elsewhere or, at the very least, backing it up somewhere solid.

Reichman advises looking at the company's numbers. "You can't always discover that a potential vendor has financial problems, but some issues can be uncovered with a bit of due diligence in financial statements, if available, or funding history and any news stories about the vendor," he says. "Rumors of impending acquisitions or divestitures, layoffs or strategy shifts are all signals that there may be trouble looming."

Both Reichman and Hamilton say there may be few outward warning signs, even financial ones. "Companies in fiscal trouble typically don't pre-announce that kind of trouble," notes Hamilton. "You need to be proactive. If they're a public company, you can see their financials. If not, you should still watch to see if they're in the news. If you have questions about their viability, don't use them in the first place."

That said, again, it's hard to say no to a particular service if job requirements or peer pressure require you to do so, especially without viable alternatives. For a time it was difficult to spurn Facebook, for instance, despite its lack of data portability and questionable privacy practices -- everyone used it. Now that wall of dominance may be crumbling a bit with the appearance of Google+ and the quiet success of LinkedIn.

Other warning signs include:

Declining quality of service. An ongoing, chronic disintegration of the service -- "increasing service disruptions or performance issues", as Hamilton puts it -- is a major red flag. He adds to that, "a general lack of responsiveness to calls or emails."

Declining third-party support. Sites with APIs typically develop a culture of third-party apps -- image uploaders for photo-hosting sites, for instance, or applications that integrate directly into the service, such as Facebook's massive roster of games. If development of such applications has fallen off, that could be a sign the service is losing its user base. If the pace slackens not because of market saturation (you can only have so many photo uploaders) but because of genuine programmer alienation -- to the point where word filters out into the general user community -- that's a bad sign.

Changes in terms of service or arbitrary behaviors. Many people leave a Web service behind not because the service itself is endangered, but because of things the service has done. A common reason for this is changes to the terms of service, which can spark a massive user backlash. It doesn't help that terms of service are all too often pools of mud, where the implications of any changes are unclear unless spelled out with total precision. Think of the recent flap over DropBox's clause indicating it would turn files over to the government if asked -- which forced the company to add wording to the effect that your stuff remains yours and they won't mess with it unless they have no other choice. (In its own words: "These Terms do not grant us any rights to your stuff or intellectual property except for the limited rights that are needed to run the Services.")

Different folks have different thresholds of tolerance for such things, so what ticks off your neighbor may not seem as egregious to you. But if you hear about such a thing happening with a service you use, pay attention, and give the ToS a fresh read whenever you're asked to reconfirm your acceptance.

1 2 3 Page 2
Page 2 of 3
Shop Tech Products at Amazon