Technology
How Fragile Is Our Backbone?
Column: Accountant Tech Talk
Dec. 01, 2008
The knee bone’s connected to the thighbone, the thighbone’s connected
to the hipbone, … well, you know the old song. But in this case, I’m
thinking about the data backbone, which is also connected with each one of our
lives. For years, I’ve debated with practitioners about the best method
for maintaining critical business programs and data. Of late, more and more
of that critical “stuff” has been moving to the “cloud”
(a fancy name for the Internet). So your firm has its programs and data in a
third-party provider’s data center, and that third-party touts the security
and reliability of the data center. That’s fair enough, but does the provider
control the networks you have to cross in order to get to their data center?
Unfortunately, the answer is no.
So how are you feeling about your software + services from the “cloud”
now? If the network goes down, it won’t matter how secure that data center
is; you’ll still be out of business until the network comes back up. Now,
that doesn’t mean you couldn’t have some event that would bring
down the equipment on your premises. You very likely could, but I’ve always
had a better feeling about equipment that passes the see, touch and feel test.
So we can debate about the pros and cons of outsourcing all of our critical
technology software and data versus housing it internally with all the associated
maintenance headaches, but let’s save that for another day (or column).
The Public Network
For now, I’d like you to realize just how very fragile the public network
is. Case in point: the case of the missing Skype. For those who may not be familiar
with Skype, it’s a major player in providing voice (telephone) calls over
the Internet (VoIP). Many a person (220 million at last count) uses the service
to make telephone calls at little or no cost. Skype is an Internet provider,
and in August of 2007, the company had an outage. Now, this wasn’t some
blip that only lasted a few minutes; this outage lasted days.
Skype’s chief security officer, Kurt Sauer, told the New York Times
that what had happened was caused by “a unique set of events, the genesis
of which is not entirely understood.” That sounds like a nice way of saying
they didn’t have any idea what the cause was. Bloggers around the globe
manufactured quite a list of evil-doers blamed for the annoyance, namely closed
source, Microsoft, the limitations of p2p (that’s peer-to-peer for the
non-techies), Russian hackers, networking, Homeland Security, lack of resources,
VoIP itself, global warming, hangnails, subprime lending rates, France, …
and well, you get the idea. The reality is that Skype probably grew too fast
and didn’t have enough redundancy built into its provider plan, and things
just caught up with them. If you had chosen Skype to provide voice communications
to your business, you would not have been able to make or receive calls for
several days, and that’s totally unacceptable to most firms.
The Disaster Factor
There are so many possibilities that could affect a provider’s ability
to let you use their data center, and some of very recent history. I’m
thinking of 9-11 (terrorists) and Katrina or the Taiwan earthquake (natural
disasters). The earthquake off Taiwan earlier this year shattered Internet connections
for millions in Asia and demonstrates how vulnerable the public network is to
interruptions. Only a comprehensive backup system in the infrastructure could
prevent total paralysis. The vast linkage on the Internet rests on an infrastructure
that spans the world: routers, datacenters, servers, and billions of small re-routers
that can direct traffic into various networks via terrestrial and submarine
cables or by satellite. Among the weakest points of the Internet are the so-called
backbones — the main arteries that form a “vertebral column”
for the network that interconnects all the sub-networks and continents.
The Real Solution
During the Asia earthquake, a large share of the traffic that could not travel
over the damaged submarine cables was re-routed as an emergency measure to servers
in the United States. But the only real solution would be to develop major electronic
backup systems — in other words, reinforced infrastructure such as submarine
cables or routers plus other links including satellites. Today, 50 percent of
world traffic travels via one U.S. state — Virginia — where most
maritime terminals arrive and where most of the main root servers are located,
which use DNS (Domain Name System) to transform an alphanumeric address (like
cpata.com) into an IP address. These root servers are particularly sensitive,
so if a successful hacker attack or a power outage occurred, they could be out
of service and the Internet user would have no access to websites. And there
are, in fact, only a few in the whole world — mainly in the United States,
Britain and Sweden.
The Redundancy Component
Each of these events has actually happened at one time or another so we’re
not talking about something that might happen. Every firm’s disaster plan
should consider what your firm’s response would be if any of these events
affected you. To summarize, what would your firm do if the public network was
unavailable for a period of days … or worse, weeks? If your firm outsources
its software to a service like Thomson’s Net Firm, what will your backup
plan be if that service is unavailable? Assuming you were faced with having
no access to the public network and, thus, no e-mail or phone service, if you
did have either primary or backup equipment on site at your business, you’d
still be able to get a tax return out the door. Just like Skype, accountants
need to think about redundancy.