The Chain of Data Responsibility

  • Comments posted to this topic are about the item The Chain of Data Responsibility

  • This is the first time I've ever commented here. I was quite interested by Tony's editorial, because I used to work for an ISP who supplied, amongst other things, SQL Server services. Nothing in what I say now should be taken to represent official policy of my ex-employer, although I am sure that there are more than a couple of coincidences in our thinking....

    As a business, we felt that our responsibility to our customers extended to making certain that there was a reliable infrastructure in place, and that that infrastructure could be recovered / rebuilt in the event of disaster. ALL our production servers used RAID 1. All SQL DBs in shared hosting were backed up nightly, as were websites. This was not intended to remove the onus of safeguarding their own data from our customers but rather to ensure that we could put things back the way they were at close of play the day before. It did have a fringe benefit in that we were able on several occasions to restore DBs and websites that had suffered "finger trouble" (we charged about 40 bucks for that), but it was not why we did it.

    Some customers had their own (dedicated) servers and needed better data security and business continuity arrangements. This was always a chargeable extra. I recall having a spirited discussion with one potential customer who wanted us to accept complete responsibility for HIS data. I said "Fine,we can do this, it will cost you $n,nnn per annum." He couldn't understand why he should be doing that. I pointed out that what he wanted us to do was effectively to insure him against data loss, and that we would be charging an insurance premium for that service.

    I close by quoting someone (Neal Stephenson, possibly?) who said "Any data you don't have at least two copies of is data that you didn't want anyway." 🙂

  • I disagree with Tony on his assumption that backups should always be there as standard, it entirely depends on what Jeff was paying for. If you want to pay as little as possible for a VM, then a budget no thrills package may be just what you want, and I certainly wouldn't expect it to include backups since from the providers perspective they're an expensive component of a hosting plan.

    As with anything the devil's in the detail. Without knowing what Jeff signed up for it's impossible to judge, but saying that a cheap hosting deal must include backups is like those people who run their business e-mail on a free e-mail service like hotmail, and then complain when it goes wrong! If you pay peanuts you get monkeys, but you make that choice. For work I would never use a cheap budget service since in the long run it's not worth the risk, but for me personally, my time is free, paying someone else for backups costs money, if the server is just for fun then a little downtime doesn't matter. The important thing is I know and have weighed up the risks and made a choice.

  • I tend to agree that the devil is in the details of the service contract. If they didn't expressly say they were going to be doing backups, it would be up to him to arrange for those in whatever way works best for him. Like all DR/BC issues, if you don't plan for it, expect it to happen.

    Property of The Thread

    "Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon

  • Tony, if you have VPS'es out there you better go re-read the agreement on what get backed up and how... Most VPS hosting providers do not backup data for the customers. The ones that do, you pay for it one way or another. Either it's built in to the cost, or it's an option.

    The provider should be blasted... but not for the reason you chose. The lack of adequate redundancy on storage in a virtualized environment is outrageous. But if the subject cared about his data, he should have also been asking about server specs before putting his data out there.

    And yes you can back up a virtualized server directly. Just as you'd back up a non-virtualized server. And in some methods, it is more efficient. We chose to instead use an snapshot'ed image system. We sequentially put each vm filesystem in snapshot, and create an image from it. But as any dba can tell you this does not guarantee your database will not be corrupted. We strongly recommend that customers also run their own backups, and especially databases. We don't guarantee backups, but work hard to protect data (mainly because my medical IT background where data loss is unacceptable).

  • When I first read this article, my initial reaction was, "shame on the ISP for not properly setting any kind of fail-safe utilities for their customers."

    But upon further reflection (and reading other reactions), I do have to rethink that reaction. For one thing, you get what you pay for. For another thing, to paraphrase all the other comments, "the devil is in the details."

    I've been on the fence as to whether or not to sign up for an MS Azure account. Right now, I have no idea what I'm going to do with it. I will say that, if I do, I am very wary about storing critical and/or personal data on it. I still have concerns about security (even after reading Steve's articles[/url]) and data integrity.

    Not sure how to address the former (any thoughts, Steve?), but in terms of the latter, I realize it's up to me. In such a scenario, I'd likely use data that (1) I'm not overly-paranoid about losing, (2) I have backed up, or (3) I can recreate relatively easily.

    Check out my blog at

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply