From April 5th, Beijing time, the Cloud version of Atlassian, an overseas benchmark company in the field of R&D management collaboration, suffered an outage, causing at least seven products including Jira and Confluence to be inaccessible . Atlassian's current market value is less than $70 billion, and its annual turnover exceeds $2.5 billion. The largest source of revenue is the project management and knowledge base management portfolio "Jira + Confluence".
According to Atlassian officials, the outage affected about 400 corporate customers around the world. As of April 13, the outage has lasted for 9 days, and the fault has not been fully repaired.
This "protracted" downtime event once again triggered the industry's topic of how to ensure data security in the cloud.
accident mystery
48 hours after the outage accident, many users said that it was difficult to contact the official for support , and some of the official replies only told that "the problem still needs a few days to fix."
On April 7, two days after the accident, Atlassian briefly described the cause of the accident on its Twitter account: "During the execution of a routine maintenance script, a small number of websites were inadvertently disabled, leaving them unable to access their products and data."
At the same time, the official stated that a large number of engineers have been devoted to repairing this problem 7/24, and a detailed post-mortem analysis report will be issued after the repair is completed.
The specific impact of the accident will need to be calculated one by one in the future. But data security has obviously become the most worrying thing for many customers.
A statement on Twitter by the official account @Ask Atlassian seems to indicate that the incident may result in the loss of data of some customers, which has sparked discussions and concerns among a large number of customers. On April 8, overseas IT news media TechTarget also pointed out in a news that some customers questioned the official cause of the accident , because according to the official statement, it did not take so long and so much manpower to repair.
Then, on April 12, Atlassian officially issued a notice that it has helped 45% of customers to complete site reconstruction. However, due to the complexity of the reconstruction work, they expect it will take another 2 weeks to complete all the reconstruction work.
In fact, Atlassian had already violated the "Service Level Agreement" (SLA, Service Level Agreement) when the service was suspended for more than 24 hours on April 6 . According to the agreement, the monthly uptime of Atlassian cloud products should be above 99.9% (Premium) or 99.95% (Enterprise), that is, the downtime cannot exceed 45 minutes/month.
Today, the incident has lasted nine days or more, far exceeding the downtime promised by Atlassian in the agreement.
At the end of October last year, Atlassian’s market value was over $120 billion, and its stock price has been falling since then. Compared with November last year, the market value of Atlassian has been “halved” in early March this year. As of April 11, its market value was $68.855 billion. The accident may have made the trend of its stock price continue to decline "add to the woes".
Although the cause and impact of the accident have yet to be further investigated and accounted for, the industry's focus is on the topic of "how to go to the cloud to ensure data security" .
Safety! Safety!
Atlassian cloud version outages are not uncommon across the cloud computing industry. In fact, in the past few years, cloud service vendors and SaaS software vendors at home and abroad have experienced frequent downtime accidents .
Between 2010 and 2019, AWS experienced an average of 2.4 downtimes per year. In December 2021 alone, AWS experienced 3 outages in a row. IBM Cloud has 2 outages in 5 days in May 2021; Google Cloud has 2 outages in 2021; Microsoft Azure has a 6-hour outage in October 2021.
Domestic and foreign SaaS vendors also experienced several serious downtime accidents. In 2021, Salesforce, the originator of SaaS, caused a 5-hour global downtime because an operation and maintenance engineer did not follow the specifications and attempted to fix bugs by shortcuts, paralyzing the CRM systems of 150,000 customers. In China, the 2020 incident of Weimeng programmers deleting the library and running away also caused more than 3 million users to be unable to use the company's SaaS products normally, causing direct losses of nearly 100 million yuan to the company.
There are various reasons for the downtime of cloud products, including product vulnerabilities that are not repaired in a timely manner, irregular operations, heavy load, hacker intrusion, database deletion, etc., which may lead to downtime.
Under the current globalization environment, more than 90% of international communication services are basically undertaken by submarine optical cables. As an important infrastructure connecting global users, submarine cables also affect the stability and security of cloud services . Because submarine cables are inevitably damaged by the natural environment or human activities, it may also cause network communication and cloud service failures.
It can be seen that even though cloud computing continues to develop and mature globally in recent years, and the infrastructure is becoming more and more perfect, there are still cloud security risks . In the cloud computing environment, user data is directly calculated and stored in the cloud, and the data ownership and management rights are separated, which brings data security issues in the cloud environment. In addition, virtualization technology makes the traditional physical security boundary gradually disappear. Not only that, the emergence of different terminals and a large number of applications also brings unpredictable threats to the new security environment.
Embrace the hybrid cloud
From February 2021, Atlassian will officially stop selling the local deployment version of Sever to encourage enterprises to go to the cloud.
Under the trend of digital transformation, the cloud for enterprises has become the future trend . However, blindly encouraging cloud migration without providing a secure cloud environment, or a one-size-fits-all cloud policy like Atlassian, may lead to greater data security risks.
For medium and large enterprises, due to their complex business architecture, it is difficult for traditional public and private clouds to meet the cloud requirements. On the one hand, although public cloud has higher scalability and can reduce the operating cost of enterprises, it cannot meet the security requirements of key industries, such as finance, communications and other industries due to the consideration of customer funds, information security, and industry supervision. It is difficult to move to the public cloud in one step; on the other hand, although private cloud can better meet the security compliance requirements of enterprises, it has low agility and flexibility, and the operation and maintenance cost of enterprises is also higher.
In the context of this demand, hybrid cloud has become the choice of medium and large enterprises in recent years . According to Flexera statistics, over 80% of global enterprises use hybrid cloud deployments. Among domestic enterprises using cloud computing services, more than 50% of them have chosen hybrid cloud. The "14th Five-Year Plan" has clarified the development route of the cloud service industry with a focus on hybrid cloud.
Data source: Flexera, CAICT
Compared to a single public or private cloud, a hybrid cloud helps businesses by connecting on-premises infrastructure, public and private cloud services to create a cloud environment that combines the flexibility and openness of a public cloud with the security of a private cloud. Achieve its technical and business goals more efficiently and cost-effectively.
As a leading enterprise-level R&D management solution provider in China, ONES provides public cloud, private cloud, hybrid cloud and other deployment solutions to meet the individual needs of different industries and enterprises. At the same time, ONES has passed a number of authoritative cloud computing and information security certifications at home and abroad, such as Trusted Cloud, ISO27001, ISO27018, etc., and can provide enterprises with safe and reliable services.
At present, ONES has successfully helped Xiaomi, Inspur Software, China Merchants Fund, Kweichow Moutai, SAIC and many other top 500 enterprises to achieve efficient and safe software R&D management, and has mature solutions in various industries to help enterprises digital transformation .
zhuanlan.zhihu.com
icon
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。