Availability Risks in Cloud Computing

Service Degradation

The external services offered by a cloud provider are provided via internet connections. More often than not, these services suffer from congestion, or malicious attacks emanating from a diversion of resources as a result of an attack on the service provider, an attack on one of their service providers or by a successful penetration and use of the service itself as the tool for further attacks on other sites.

To address this risk, the organization can:

  • Ensure cloud services are only used for applications that are not affected by degradation of service.
  • Use alternate carriers to obtain redundant lines to the service provider to secure alternate connecting lines to the service.
  • Implement relevant and sustainable alternatives for services during periods of service degradation.

Service Outage

In case service outages arise. To address this risk, the organization should do the following:

  • Validate that the provisioned service by the service provider has sufficient capacity and multiple service sources to reduce outages
  • Establish a SLA with the service provider on the minimum acceptable availability performance levels with contractual penalties for non-compliance
  • Ensure that the established level of service availability is proportional to business productivity
  • Validate that the service provider executes a proactive backup program and recovery plan
  • Validate that the service provider recovery plan is tested regularly
  • Confirm the availability of alternative service options at moments of non-availability of service
  • Implement relevant and sustainable alternatives for services during an outage