Thursday, May 19, 2011

Digicel's Cloud Backup Service and Tier III Certification - Data Integrity via CRC is the Devil's Advocate


Like Aesop’s fox, when he had lost his tail, would have all his fellow foxes cut off theirs

Burton, Anatomy of Melancholy

This morning I awoke to read an article that so offended my sensibilities, that I sent the draft for my blog post before I even posted on my blog! Cut off my tail indeed!!!

The article in question entitled “Telecoms aim for the clouds”, published Wednesday, May 18, 2011, The Jamaica Observer bears no name for the author – or any semblance of journalistic integrity whatsoever.

In short, this article is trash. Most likely sponsored journalism on behalf of Telecom Provider LIME and Triple Play Provider FLOW! Press Freedom does not give Newspapers or the Media at Large the right to twist the truth or present technical articles that are poorly researched.

Especially if it is with Telecoms Engineering, my field! Media, please speak to actual Technicians and Engineers with previous experience or a Research background (that’s me!! Reading and writing!!), NOT Managers, to get the real technical 411 back-story!

These as most of the Managers are performing Media Obfuscation and misrepresent technical information for the purpose of deceiving the public to sell them trash.

Short term financial gain with integrity thrown out the window will result in the entire situation blowing up in your face to quote Alanis Morissette Ironic when customers start having problems.

PR (Public Relations) nightmares are easily avoided by being upfront with customers as my Seventh Day Adventist girlfriend Audia Granston would often opine, as many customers are very litigious!!

Her opinions I have distilled in a must-read article entitled “Audia Granston, Jack Abaramoff and the Spirit of Creativity and Innovation in Jamaica”.

Good thing Fujitsu Caribbean CEO, Mervyn Eyre, who had announced their Data Center plans on Thursday May 12th 2011AD, a day after Telecom Provider Digicel as stated in the article Fujitsu invests billions in 'revolutionary' Cloud computing”, published Sunday, May 15, 2011 by JULIAN RICHARDSON Assistant business co-ordinator, The Jamaica Observer, is not jumping on the “I am Tier III” bandwagon, knowing full well the legal implication such a false declaration carries.

Legal implication? Yes Rasta, you hear me right the first time!!! The first blog article entitled “Digicel Cloud Backup Service and future Cloud-Based Services - V.S Naipaul's A House for Mr Biswas” was a technical article, describing the technical requirements of a Tier III Data Center.

This article will focus on the legal aspect of Data Backup and how Telecom Providers certification, especially Tier III, protects them from litigation in the event of a Client’s uploaded or Compressed Backup Archive or CBA failing via the use of CRC (Cyclic Redundancy Check) Certificates.

But first some clarifications!

Telecom Provider LIME has no Tier III or Tier IV Data Centers. Managing Director of LIME's Managed Services Ian Galt, (rather long-winded and strange titled!?) is being statistically incongruent (not telling the truth!!!). That is some serious grandstanding, from a purely legal point of view!!!

Telecom Provider LIME has Servers that can Host Static Data for Web 1.0 and email. That's it. They cannot guarantee QoS (Quality of Service) as their Data Network, even their Dedicated Frame Relay, goes down too often to achieve the five 9's i.e. 99.999% uptime as per requirement of the Uptime Institute’s Tier III.

As for Tier IV, that is no longer lying, that’s some serious bulls$!%&! Only two (2) such I know of exist personally, and they are owned by the Government of the united States of America, specifically the DOD (Department of Defense), namely the CIA (Central Intelligence Agency) Data Center and the NSA (National Security Agency).

That’s right folks……..the SS (Secret Service).

Just so you know, for Tier IV Data Center:

  1. They use independent power systems, usually Solar or Wind.
  2. Complaint to Tier III (see also my Geezam Blog article entitled “Digicel’s Cloud Backup Services – A deep Analysis”)
  3. All Environmental Control Systems, Servers and Building are independently powered using Alternative Energy. No PUC (Power Utility Company)!!
  4. Backup Power Systems are usually Fuel Cell Generators, such as Bloom Energy Servers

As for Triple Play Provider FLOW, ISO27001 and SAS70 are business certifications as it relates to quality of operation and documentation of procedures and practices. They are more about guaranteeing QoS (Quality of Service). They are NOT Specific to Servers or Data Centers, which is the Uptime Institute Tier I, II, III, and IV Certification. At all!!

They should NOT be used in lieu of Uptime Institute Tier I, II, III, and IV Certification. Telecom Providers falsely prostitution themselves as Tier III are setting themselves up for breach of contract and lawsuits in the long run.

SME’s Beware of such Data Centers, especially in light of the recent breach of the Sony PSN (PlayStation Network) as stated in my blog article entitled AWC Fail, PSN Hack and Nokia Layoff - Murphy Law in a Clash of The Titans!!!

So Triple Play Provider FLOW with their Bigger Data Center is grandstanding. Even their FLOW CEO and President Michele “Dallas” English admitted as much during the Thursday July 22nd 2010AD (30,000 sq. ft) launch of their Data Center or E-Commerce Park, in Curacao as stated in the article Flow unveils Hi-Tec Off Shore Data Storage Facility at CITO”, published Friday, July 23, 2010, The Jamaica Observer.

This as evidenced in the article Flow launches Data storage, other services”, published Friday July 23, 2010 by Sabrina Gordon, The Jamaica Gleaner in which FLOW CEO and President Michele “Dallas” English stated, quote: “We have a tier-three-ready Data centre facility ... only one of its kind in the region, with 24-hour Network operation access”.

NOT Tier III, just “tier-three-ready”!

At least that much is STILL true in the article Telecoms aim for the clouds”, published Wednesday, May 18th, 2011, The Jamaica Observer.

As much as I dislike Telecom Provider Digicel, they are in reality the ONLY Tier III Certified Data Center in the Caribbean I know of as stated in the article DIGICEL DATA CENTRE RECEIVES TIER III CERTIFICATION – THE FIRST IN THE CARIBBEAN”, published Thursday, May 12, 2011, Digicel Jamaica.

My articles on my blog, infused with information from the Media and humour from the wit and wisdom of my deceased Seventh Day Adventist girlfriend Audia Granston, reflects the truth from an engineering point of view, not paid journalism, as The Jamaica Observer appears to be.

Note to Carlette DeLeon aka the Pet Tales chick of Television Jamaica fame and her Breakthrough All Communication PR (Public Relations) posse: paid articles is not the blogger way and certainly something my SDA girlfriend Audia Granston would not approve. Bloggers write for bragging rights and as personal expression of our opinion on topics of interest.

The Facebook/Google PR debacle as stated in the article Facebook-Google rivalry intensifies with PR fiasco, published 13th May 2011AD 10:56:36, Go-Jamaica, The Jamaica Gleaner is enough evidence of how paying bloggers to write articles for PR can backfire.

So on to the legalese arguments!

Tier III is not a Certification with which to trifle.

This as it has legal implications should the Clients, many of whom have extremely sensitive encrypted Data backed up on Jamaican Data Centers and are litigious, be unable to access their Compressed Backup Archive due to:

  1. Vagaries of weather i.e. earthquake, flooding, hurricane
  2. Acts of God
  3. Corrupted files

The last one IS EXTREMELY SERIOUS as Data Centers have to check the integrity of Compressed Backup Archive uploaded and issue a CRC (Cyclic Redundancy Check) Certificate each time on each Backup certifying that the Client’s Data is readable when I am ready to retrieve it.

Anybody who uses any Compression Software or Backup Utility knows full well that this is one of the reasons why Data Integrity Checks using CRC have to be made as the Data has to be Compressed into an Archive before being backed up.

Hence the name Compressed Backup Archive, of which there are two (2) main types:

  1. Full Compressed Backup Archive (Backup everything!)
  2. Differential Compressed Backup Archive (Backup file with only the changes when compared to the previous Compressed Backup Archive Image

It is usually conducted late at night i.e. 12am after the Company’s Internal Server has detected that all users have logged out of the system. A computer running “idle frames” for a user who has left the SME (Small and Medium Enterprises) offices, in a very good system, can be shut down by the Company’s Internal Server, so that the Backup can commence during the operational window.

Once the Backup procedure commences, a lock-out command must be issued by the Company’s Internal Server to lock out all access to files on the Server by users attempting to login,. This is to avoid further change being made to files which would otherwise halt the Backup or worse, result in Read/Write Errors and cause a Corrupted Compressed Backup Archive

Generally speaking, Read/Write Errors may occur during:

  1. The Backup procedure caused by the Backup software e.g. Acronis
  2. Uploading of the Compressed Backup Archive to the Data Center

A best practice is an automated Backup with the Differential Compressed Backup Archive being done every night and a Full Compressed Backup Archive on weekends. Times are set depending on when people work and a lock out issued by the Company’s Internal Server to prevent people logging into the Company’s Internal Server and creating Read/Write Errors in the Compressed Backup Archive.

To mitigate against Read/Write Errors, the CRC (Cyclic Redundancy Check) value for the Compressed Backup Archive your Company’s Internal Server Backup software created is essential. In effect, it performs a complex calculation on every byte in the Compressed Backup Archive, generating a unique number for the Compressed Backup Archive in question.

If one (1) byte of Data checked were to change after Backup, the CRC Check Value for that file would also change, indicating that the Compressed Backup Archive was corrupted during upload or download to or from the Data Center.

The Client doing the Compressed Backup Archive produces a CRC  Number for their Archived Data using their CRC Software. Telecom Provider Digicel receives the CRC Number from the Client and then compares it to their CRC Number upon receipt of the Client’s Compressed Backup Archive.

If the CRC Number match, the Client’s Compressed Backup Archive is valid and Data Integrity is ensured; otherwise a Backup Failure Event is generated and logged by the Data Center and the Client is advised of this on the CRC Certificate via email.

This validates the Integrity of the Compressed Backup Archive received and also offers Telecom Provider Digicel legal protection, should a Client claim that their uploaded Compressed Backup Archive was corrupted.

Thus by issuing a CRC Certificate that shows that the Compressed Backup Archive sent and the Compressed Backup Archive received have matching CRC Numbers, Telecom Provider Digicel and the Client can verify that any corruption of the Compressed Backup Archive thereafter is solely the responsibility of Client!!

Simply put, if the Data Center the CRC Number prior to upload to Telecom Provider Digicel’s Cloud Backup Service, you can compare it with the CRC  Number that Telecom Provider Digicel’s Data Center generates on receipt of the Compressed Backup Archive to ascertain if the Compressed Backup Archive was damaged on upload.

Opening the Archive merely verifies that the unzipping feature is intact and is not necessary, as that is a check that the customer performs on prior to uploading or downloading their Compressed Backup Archive manually. A similar CRC Check is also done for downloading and a CRC Certificate is also issued.

All CRC Certificates are time-stamped with a QR Code and sent via email, as that much paper is not healthy!

The Network Administrator or Systems Administrator then keeps a offsite personal archive of each and every CRC Certificate issues, as these may become handy for the SME’s Management, should their be a need to access the Compressed Backup Archive – and it fails to open i.e. a Compressed Backup Archive, making litigation an option.

These CRC Certificate also act to protect Telecom Provider Digicel from such litigation, as they ensure that at the time of upload and download of the Compressed Backup Archive, the Compressed Backup Archive was indeed valid and functional.

The Statistical probability of any two Compressed Backup Archive having the same CRC Number is in the order of five billion to one (5,000,000,000 to one).

Telecom Provider LIME and Triple Play Provider FLOW do not do this. Telecom Provider Digicel, who are following my prophecy from the year 2009AD to a bunch of brain-dead Shurpower Generator Engineers, issues a CRC Certificate for each Compressed Backup Archive uploaded or downloaded from Telecom Provider Digicel Cloud Backup Service.

Thus, SME’s looking to save a buck or two via Virtualization of their Server Space need to be aware of these CRC Certificates. SME’s need to demand these CRC Certificates from Data Centers who are prostituting themselves as Tier III or Tier IV as a means of Legal Protection should the inevitable Data Failure occur, should they [Telecom Provider Digicel] need to play The Devil's Advocate (1997).

1 comment:

  1. Very descriptive article, I enjoyed that a
    lot. Will there be a part 2?
    My site: low cost web hosting

    ReplyDelete

Please register and leave you comments. For contact, leave an email or phone number and I'll be sure to get back to you.