{"id":10180,"date":"2021-03-30T05:03:11","date_gmt":"2021-03-29T19:03:11","guid":{"rendered":"https:\/\/nsrd.info\/blog\/?p=10180"},"modified":"2021-03-30T05:03:13","modified_gmt":"2021-03-29T19:03:13","slug":"data-protection-and-the-cloud-shared-responsibility-model","status":"publish","type":"post","link":"https:\/\/nsrd.info\/blog\/2021\/03\/30\/data-protection-and-the-cloud-shared-responsibility-model\/","title":{"rendered":"Data Protection and the Cloud Shared Responsibility Model"},"content":{"rendered":"\n<p><em>I promise this blog post has everything to do with data protection and the cloud shared responsibility model and nothing whatsoever to do with container ships in the Suez canal.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">You&#8217;re probably familiar with the Cloud Shared Responsibility Model<\/h2>\n\n\n\n<p>It seems like everyone knows the &#8220;shared responsibility model&#8221; popularised by <strong><a href=\"https:\/\/aws.amazon.com\/compliance\/shared-responsibility-model\/\" target=\"_blank\" rel=\"noreferrer noopener\">AWS<\/a><\/strong>. Certainly, for any cloud (or even managed) service you use, there&#8217;ll be a similar model. As a reminder, it looks like this:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1206\" height=\"731\" src=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model.png\" alt=\"Example: AWS Shared Responsibility Model.\" class=\"wp-image-10182\" srcset=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model.png 1206w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model-300x182.png 300w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model-1024x621.png 1024w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Traditional-Shared-Responsibility-Model-768x466.png 768w\" sizes=\"auto, (max-width: 1206px) 100vw, 1206px\" \/><\/a><figcaption>AWS Shared Responsibility Model<\/figcaption><\/figure>\n\n\n\n<p>The purpose of the model is to provide customers of cloud service companies with some scope around what they are still responsible for, even when their data is hosted on someone else&#8217;s infrastructure. While shared responsibility models are focused on security, they also serve as a good grounding point for other areas, such as data protection. After all, &#8220;Customer Data&#8221; sits squarely in the purview of &#8220;Customer&#8221; responsibility, right?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">But the Shared Responsibility Model Lies When it Comes to Data Protection<\/h2>\n\n\n\n<p>The shared responsibility model only gets you so far with data protection, however. Yes, customers have to be responsible for their data \u2013&nbsp;it&#8217;s clearly shown in the model. And I 100% agree with this: any business making use of the public cloud is responsible for its data in the public cloud.<\/p>\n\n\n\n<p>Imagine, if you will for a moment, a car that takes petrol (&#8216;gasoline&#8217;, if you use USA-centric terminology for fuel). If your manufacturer produced a &#8216;shared responsibility model&#8217; for vehicular ownership, <em>putting petrol in the car<\/em> would be pretty high on the list of customer responsibilities.<\/p>\n\n\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:75%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/SreAp5WMZHfhK\" title=\"gasoline\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\n\n\n<p>But what if the vehicle manufacturer didn&#8217;t actually <em>provide<\/em> a mechanism for efficiently filling the car with petrol? Indulge me a moment here \u2013&nbsp;what if, every time you wanted to fill the car, you had to pop open a small cap, and pour a quarter cupful of petrol into a little reservoir, then wait a few minutes for that to happily gurgle down a pipe, before putting the next quarter cupful of fuel in?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Putting the &#8216;Shared&#8217; in Shared Responsibility Model<\/h2>\n\n\n\n<p>So you probably get where I&#8217;m coming from, on this. In order for a customer to fill their car with petrol, there is a base level of work required of the car manufacturer to ensure the customer <em>can<\/em> fill their car with petrol, and in a way which minimises inconvenience.<\/p>\n\n\n\n<p>So if I leave the world of fossil-fuelled vehicles behind and return to cloud, there&#8217;s a comparison waiting to be had. Yes, customers are responsible for their data. However, in order for customers to properly exercise their responsibility, there is a fundamental level of work required by the cloud vendors, too.<\/p>\n\n\n\n<p>This is not always exercised. <strong><em><span style=\"text-decoration: underline;\"><span style=\"color:#a31200\" class=\"has-inline-color\">Do not @ me with &#8216;snowball&#8217;.<\/span><\/span><\/em><\/strong> If you think back to an earlier article of mine this year, <strong><a href=\"https:\/\/nsrd.info\/blog\/2021\/01\/18\/the-9-essential-properties-of-backup\/\" target=\"_blank\" rel=\"noreferrer noopener\">9 Essential Properties of Backup<\/a><\/strong>, 2 of those properties were:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Sufficiently consistent<\/li><li>Repeatable<\/li><\/ul>\n\n\n\n<p>Any snowball-esque egress technology fails both of those properties.<\/p>\n\n\n\n<p>Why is this such a regular failure on behalf of the public cloud providers? Well, there are two key challenges at play, here:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Data protection is boring<\/strong><\/h3>\n\n\n\n<p>I&#8217;ve been in the industry for more than 25 years now, and if there&#8217;s one thing I&#8217;ve learnt is that there is only a <em>very small subset<\/em> of the industry that finds data storage protection interesting. Regardless of whether you&#8217;re a developer, business user, infrastructure or application administrator, most people in and around tech industries find data protection to be <em>at most<\/em> a necessary evil. In the same way I still have people start a conversation with &#8220;no-one thought about backup when planning for this service&#8221;, it&#8217;s no wonder that cloud companies find it much more fun to release new services than they do to go back and add appropriate data protection hooks into existing services.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Data protection is data mobility<\/strong><\/h3>\n\n\n\n<p>Providing access mechanisms for data protection functions (backup and recovery, for instance) is also technically makes it easier to completely remove the data from the original location. <em>If you&#8217;ve ever watched a DBA refresh a development\/test database from a production backup, you know exactly what I&#8217;m talking about, here<\/em>. But herein is the problem: if cloud vendors made hooks for efficient data protection easily accessible across every service they had, it would also be easy to do it for workload repatriation, or workload relocation in a multi-cloud environment. <em>Hey, that&#8217;s funny, cloud service providers like to spin the story of &#8220;avoid vendor lock-in&#8221;. Hmmm.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Shared Responsibility Isn&#8217;t Just a Hyperscaler Problem<\/h2>\n\n\n\n<p>It&#8217;s easy in this to think I&#8217;m targeting AWS, Azure and GCP. But if I did that, I&#8217;d be creating a diversion for perhaps the worst offender in the cloud market.<\/p>\n\n\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:55%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/XdPsfqeG2LXZA6NOmf\" title=\"look over there\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\n\n\n<p>In so many ways, SaaS is the ultimate way to consume workloads within the public cloud. <em>Bring your own data, we supply everything else<\/em>.<\/p>\n\n\n\n<p>Yes, some SaaS providers are good at providing data protection links \u2013\u00a0Salesforce and Microsoft 365 are two excellent examples of this. But for every one SaaS provider that enables backup and recovery integration, there are thousands that don&#8217;t. SaaS is powerful and liberating \u2013\u00a0and perhaps a little <em>too<\/em> liberating. <em>With no power comes no responsibility.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">A Better Shared Responsibility Model<\/h2>\n\n\n\n<p>I&#8217;m not trying to be King Canute, here, telling the tide to stop coming in. I&#8217;m clearly a data protection fuddy-duddy. In a modern, cloud-oriented era, I&#8217;d love to spend most of my time educating cloud engineering teams on the importance of data protection. My personal attitude is that <em>if you can&#8217;t adequately protect the data, the service is useless<\/em>. But clearly, <strong>I&#8217;m in the minority<\/strong> on this crazy opinion.<\/p>\n\n\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:56%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/1oJRM4Yxye8g0zI1A7\" title=\"responsible\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\n\n\n<p>So, that means we need a new shared responsibility model, a more appropriate one. And it kind of looks like this:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1518\" height=\"731\" src=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model.png\" alt=\"Extending the Shared Responsibility Model to ensure it deals with Data Protection\" class=\"wp-image-10197\" srcset=\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model.png 1518w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model-300x144.png 300w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model-1024x493.png 1024w, https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/Expanded-Shared-Responsibility-Model-768x370.png 768w\" sizes=\"auto, (max-width: 1518px) 100vw, 1518px\" \/><\/a><figcaption>Expanded Cloud Shared Responsibility Model<\/figcaption><\/figure>\n\n\n\n<p>The challenges of data protection in the public cloud is not something that can be solved solely by the data protection vendors themselves. Any of them. Or indeed, all of them. And it shouldn&#8217;t be solved by finding private API calls or anything crazy like that. <\/p>\n\n\n\n<p>At the end of the day, any <strong>consistent<\/strong> and <strong>repeatable<\/strong> data protection activity in the public cloud, <strong><em><span style=\"color:#a30400\" class=\"has-inline-color\">like any other infrastructure<\/span><\/em><\/strong>, requires access hooks to be provided by the public cloud companies. (For instance, to backup Oracle databases consistently and repeatable, you rely on RMAN. <strong><em><span style=\"color:#a30031\" class=\"has-inline-color\">Don&#8217;t @ me about dump &amp; sweep<\/span><\/em><\/strong>.)<\/p>\n\n\n\n<p>So we have two <strong>new <\/strong>responsibilities introduced into the shared responsibility model:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Cloud providers have to provide bulk, high-speed data access functions for each service that creates data \u2013&nbsp;functions that can be used for data protection.<\/li><li>Customers need to shout at cloud service providers loudly until this functionality is provided.<\/li><\/ul>\n\n\n\n<p>Ten years ago, cloud was &#8220;the wild west&#8221; of the IT industry. That time has passed; cloud has grown up and that means doing grown up things, like taking responsibility for data protection.<\/p>\n\n\n\n<p>With that in mind, please remember to shout at your public cloud account managers. Politely, of course \u2013 but loudly.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The shared responsibility model in public cloud is well known. But does it work for data protection? In sort, no \u2013\u00a0there&#8217;s some work to do there.<\/p>\n","protected":false},"author":1,"featured_media":10203,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1133,1229],"tags":[230,282],"class_list":["post-10180","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-best-practice","category-cloud","tag-cloud","tag-data-protection"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2021\/03\/bigStock-Cloud-Conceptual-Held.jpg","jetpack_shortlink":"https:\/\/wp.me\/pKpIN-2Ec","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/10180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/comments?post=10180"}],"version-history":[{"count":5,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/10180\/revisions"}],"predecessor-version":[{"id":10211,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/10180\/revisions\/10211"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/media\/10203"}],"wp:attachment":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/media?parent=10180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/categories?post=10180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/tags?post=10180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}