Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Is scaleway trying to tell us they don't have fire protection?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is scaleway trying to tell us they don't have fire protection?

bulbasaurbulbasaur Member
edited March 2021 in General

Received this vaguely worded email:

Hi,
We’re sure that the recent and unfortunate incident affecting one of our fellow cloud services providers in the worst possible way - a fire in their data centers, did not escape your attention. This is a rare event with tangible consequences that go beyond the operator; affecting the entire digital industry and potentially a good chunk of our society connected to it directly or indirectly. We extended our support, and continue to empathize with those affected, both on the operator and client sides, who will be working countless hours in the coming weeks and months to rebuild real estate, physical and software infrastructure, network routes, databases and data sets, workflows and applications, and ultimately, trust. When this type of event occurs, we come to realize the undeniable fact that our society has grown to be highly dependent on computing and data storage, on top of the facilities that typically and seamlessly handle workloads. Globally, there is a fairly short list of a dozen cloud operators that relentlessly operate 24/7 to sustain over 90% of the world’s digital activity, and Scaleway is one such operator.
Despite careful management by professionals and industry experts, cataclysmic accidents can happen, albeit rarely. We can only reassure you that all stakeholders in our sector do everything in their power to avoid any type of incident -- environmental, infrastructure, power supply or other -- preventable or unpredictable, from occurring. Unfortunately, ISO standards alone are not sufficient as they do not currently deal with fire protection for physical assets in data centers. Each operator is therefore responsible for their design, fire protection policy and the investment they decide to make for protection against such perceived risks. Scaleway’s infrastructure has always been designed to the highest standards, in accordance with best practices, no matter what, to ensure we offer the best resilience and security possible. Moreover, our data center infrastructure is, and has always been, open to our clients and their insurers for audit purposes.
There is a lesson to take away from this event: dependency is the enemy of resilience. We will be looking inward at Scaleway to learn from this event, and to further map out our dependencies. Dependency on a single server or a single data center itself is a liability, which needs to be balanced with a multi-AZ or multi-region approach. Similarly, the global digital economy is at risk because of the too strong dependency on a few dominant cloud providers, and as we’ve seen, the entire internet goes down from time to time due to those dependencies. The burden is on us, cloud providers, to provide as much resilience as possible, but it comes at a cost: redundancy. This redundancy is also something cloud clients need to account for, by designing separate backup schemes and creating their disaster recovery plans. The good news is that cloud native applications can readily and easily build redundancy by distributing their applications and data across cloud providers, using well established standards.
I wrote this piece a year ago, "the cloud is dead, long live the multi cloud", and it still rings true today, even more so after this event. The multi-cloud approach provides the ultimate possible level of resilience. I believe that at Scaleway, we have the humility to recognize that our cloud is not one-size-fits-all. We believe no cloud provider can be. This is why interoperability matters. Cloud architects already know the core concepts and already use Kubernetes, Load Balancers, and Terraform to abstract things, and deliver resilience.
In conclusion, do not put off thinking about resilience any longer. Work with your cloud architects and system administrators. Talk to your cloud providers, all of them. Distribute your workload and assets. Ask the hard questions.
Today, we call upon all stakeholders to be transparent with regard to their security measures. Together we are building the digital society of tomorrow. If you have any questions, you can reach us at [email protected].

While I'm not sure what the point of it was, they conveniently just say "ISO standards don't require fire protection", they don't mention if fire protection was implemented in their datacenters.

Comments

  • For anyone else trying to read

    Hi,
    We’re sure that the recent and unfortunate incident affecting one of our fellow cloud services providers in the worst possible way - a fire in their data centers, did not escape your attention. This is a rare event with tangible consequences that go beyond the operator; affecting the entire digital industry and potentially a good chunk of our society connected to it directly or indirectly. We extended our support, and continue to empathize with those affected, both on the operator and client sides, who will be working countless hours in the coming weeks and months to rebuild real estate, physical and software infrastructure, network routes, databases and data sets, workflows and applications, and ultimately, trust. When this type of event occurs, we come to realize the undeniable fact that our society has grown to be highly dependent on computing and data storage, on top of the facilities that typically and seamlessly handle workloads. Globally, there is a fairly short list of a dozen cloud operators that relentlessly operate 24/7 to sustain over 90% of the world’s digital activity, and Scaleway is one such operator.

    Despite careful management by professionals and industry experts, cataclysmic accidents can happen, albeit rarely. We can only reassure you that all stakeholders in our sector do everything in their power to avoid any type of incident -- environmental, infrastructure, power supply or other -- preventable or unpredictable, from occurring. Unfortunately, ISO standards alone are not sufficient as they do not currently deal with fire protection for physical assets in data centers. Each operator is therefore responsible for their design, fire protection policy and the investment they decide to make for protection against such perceived risks. Scaleway’s infrastructure has always been designed to the highest standards, in accordance with best practices, no matter what, to ensure we offer the best resilience and security possible. Moreover, our data center infrastructure is, and has always been, open to our clients and their insurers for audit purposes.
    There is a lesson to take away from this event: dependency is the enemy of resilience. We will be looking inward at Scaleway to learn from this event, and to further map out our dependencies. Dependency on a single server or a single data center itself is a liability, which needs to be balanced with a multi-AZ or multi-region approach. Similarly, the global digital economy is at risk because of the too strong dependency on a few dominant cloud providers, and as we’ve seen, the entire internet goes down from time to time due to those dependencies. The burden is on us, cloud providers, to provide as much resilience as possible, but it comes at a cost: redundancy. This redundancy is also something cloud clients need to account for, by designing separate backup schemes and creating their disaster recovery plans. The good news is that cloud native applications can readily and easily build redundancy by distributing their applications and data across cloud providers, using well established standards.

    I wrote this piece a year ago, "the cloud is dead, long live the multi cloud", and it still rings true today, even more so after this event. The multi-cloud approach provides the ultimate possible level of resilience. I believe that at Scaleway, we have the humility to recognize that our cloud is not one-size-fits-all. We believe no cloud provider can be. This is why interoperability matters. Cloud architects already know the core concepts and already use Kubernetes, Load Balancers, and Terraform to abstract things, and deliver resilience.

    In conclusion, do not put off thinking about resilience any longer. Work with your cloud architects and system administrators. Talk to your cloud providers, all of them. Distribute your workload and assets. Ask the hard questions.

    Today, we call upon all stakeholders to be transparent with regard to their security measures. Together we are building the digital society of tomorrow. If you have any questions, you can reach us at [email protected].

  • LeviLevi Member
    edited March 2021

    They are not that stupid. Just rolling "we care for you" BS to look good. They are direct competitor of OVH and they will gladly shelter refuges.

    As for DC, Iliad is a top notch facility.

  • deankdeank Member, Troll

    tl;tr

    They've cut corners. One of it is fire protection.

    Thanked by 1webcraft
  • DataGizmosDataGizmos Member
    edited March 2021

    @LTniger said:
    They are not that stupid. Just rolling "we care for you" BS to look good. They are direct competitor of OVH and they will gladly shelter refuges.

    As for DC, Iliad is a top notch facility.

    Have you inspected their facility? Can we see the results of your inspection- perhaps the checklist of datacenter features you used in the assessment?

  • IIRC their AMS-1 is in Iron Mountain (formerly EvoSwitch)'s facility, which should be pretty reliable

  • LeviLevi Member

    @DataGizmos said:

    @LTniger said:
    They are not that stupid. Just rolling "we care for you" BS to look good. They are direct competitor of OVH and they will gladly shelter refuges.

    As for DC, Iliad is a top notch facility.

    Have you inspected their facility? Can we see the results of your inspection- perhaps the checklist of datacenter features you used in the assessment?

    https://uptimeinstitute.com/uptime-institute-awards/list/datacenter/iliad-dc3/450 for the rest email them.

  • DataGizmosDataGizmos Member
    edited March 2021

    @LTniger said:

    @DataGizmos said:

    @LTniger said:
    They are not that stupid. Just rolling "we care for you" BS to look good. They are direct competitor of OVH and they will gladly shelter refuges.

    As for DC, Iliad is a top notch facility.

    Have you inspected their facility? Can we see the results of your inspection- perhaps the checklist of datacenter features you used in the assessment?

    https://uptimeinstitute.com/uptime-institute-awards/list/datacenter/iliad-dc3/450 for the rest email them.

    https://uptimeinstitute.com/tiers Fire suppression? So basically, you've hear its top notch but never been there based on an award from 2014.

  • LeviLevi Member
    edited March 2021

    @DataGizmos said:

    @LTniger said:

    @DataGizmos said:

    @LTniger said:
    They are not that stupid. Just rolling "we care for you" BS to look good. They are direct competitor of OVH and they will gladly shelter refuges.

    As for DC, Iliad is a top notch facility.

    Have you inspected their facility? Can we see the results of your inspection- perhaps the checklist of datacenter features you used in the assessment?

    https://uptimeinstitute.com/uptime-institute-awards/list/datacenter/iliad-dc3/450 for the rest email them.

    https://uptimeinstitute.com/tiers Fire suppression? So basically, you've hear its top notch but never been there based on an award from 2014.

    I live in bermuda, what is your expectations here? So, you asume that T3 datacenter has wooden floors and no fire supression system?

  • quicksilver03quicksilver03 Member, Host Rep

    Unfortunately, ISO standards alone are not sufficient as they do not currently deal with fire protection for physical assets in data centers.

    Not sure what they're talking about, at work we're being audited for ISO 27001 compliance and the presence/effectiveness of fire protection measures is being looked at.

Sign In or Register to comment.