Terabytes Missing From The National Archives: Would the Cloud Be Safer?
Cloud computing might strike fear in the hearts of some, but at least your employees can't walk off with your hard drives. Since May, the National Archives and Records Administration has offered a $50,000 reward for a missing Clinton-era hard drive.
As of Sunday, it's been revealed that thousands of electronic devices containing sensitive and historically important data are missing from the nation's most important public repository. While IT tends to have a knee-jerk reaction in favor of traditional data centers, the situation at the National Archives shows the sense of false security they impart.
The Back Story
In May of this year, the National Archives issued a press release that admitted an external hard drive with two terabytes of data had gone missing. Within days of the disappearance, the agency was offering $50,000 dollars for its return.Months later the money is unclaimed and the hard drive is still missing. Now, a criminal investigation by the inspector general of the Archives has revealed that thousands of electronic storage devices have been lost or stolen. From external hard drives to entire servers, exactly how many devices and how much data has been compromised is unknown.
Conclusion: It's Hard to Steal A Cloud
What is clear is that if the most important archival system in the country can't protect its data centers, it's likely that the enterprise is going to have problems too. The similarities between enterprise data management and the agency run deep. With facilities in 20 states, the National Archives deal with the entire spectrum of nightmare situations when it comes to data security.What if, instead of a chaotic jumble of devices and data centers, the Archives simply put everything in the cloud? True, it would be vulnerable in many ways. But they'd be different ways than what plagues them now. It's hard to steal the server holding someone's social security number when you have no real idea where it is.
At this point, it might be ludicrous for anyone to put their most sensitve data in the cloud as a security measure. But the dire straits at the National Archives should stand as a warning for those who think traditional data security measures are without vulnerability.
0 TrackBacks
TrackBack URL for this entry: http://www.readwriteweb.com/cgi-bin/mt/mt-tb.cgi/12052
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
In NARA's defense: the people at the National Archives **are** working on the national level data management problem and have been for years. But like all questions of long-term importance, esp. the preservation of digital data for the indefinite long term, figuring out the best solution takes time. Assuming that preservation includes some kind of replication, once the data is preserved, missing drives and other material will be an issue "only" of security, not also of data loss.
See: http://tinyurl.com/m5ehnd
"The National Archives and Records Administration (NARA) Transcontinental Persistent Archive Prototype (TPAP) is a data preservation environment using the Storage Resource Broker (SRB) and “/i/ Rule Oriented Data Systems” (iRODS) data grid technology to develop, implement, and test a seamless, nationwide data management infrastructure."
E.g., the people at NARA have been examining using "the cloud", and a secure cloud at that; this project has been going on for a few years. Unfortunately, certain items have managed to grow legs and walk...or, perhaps, been misplaced or miscataloged in the first place, just as they would in any environment.
Posted by: J.Ward | July 6, 2009 7:23 AM
I hate articles like this -- it's like the marketing department went outta control...
The cloud IS NOT a real cloud. It will to some extent, be a form of data center. To echo J. Ward, sure data could still be stolen, but at least not lost.
So no, you can steal from a cloud. Let's not pretend the cloud is a panaceas when poor planning and administration are the culprits.
Posted by: marketingISay | July 6, 2009 7:53 AM
The cloud solves no actual security problems, and instead just creates a load more. The cloud is nothing more or less than a collection of data centres. The difference being they are data centres that belong to someone else, so you have no actual control over them.
I have tried, and I can't find a single coherent point in this entire article, just some gigantic gaffs:
"Cloud computing might strike fear in the hearts of some, but at least your employees can't walk off with your hard drives."
Indeed, YOUR employee can't walk off with your hard drive, SOME ONE ELSES EMPLOYEE can! Which is far worse, because you don't have any say in their hiring.
"What if, instead of a chaotic jumble of devices and data centers, the Archives simply put everything in the cloud?"
What precisely do you think the cloud is? Do you think it's magic of some sort? The cloud is just a collection of traditional data centres with a fancy PR makeover. A new name for old tech.
I could go on, but I think I've made my point.
Posted by: Bart Busschots | July 6, 2009 8:25 AM
What if the employee whips out a credit card buys some unlimited storage via Amazon S3 and then copies your database and files shares to his cloud? The employee does not want to steal the hard drive (he/she can get 1TB at Best Buy for $99), he or she wants the data on the hard drive. Cloud computing does not mitigate that risk.
Posted by: http://khurt.com/blog/
|
July 6, 2009 8:56 AM
Check down Sandy Berger's pants for that missing hard drive.
http://www.realclearpolitics.com/articles/2007/01/sandy_berger_what_did_he_take.html
Posted by: Rounin | July 6, 2009 9:07 AM
"Cloud people" are snake oil salesmen.
Posted by: Matthew Hardy | July 6, 2009 9:23 AM