“The takeaway is that we still have work to do to educate the market on what the cloud really means.”
- John Dwyer, Microsoft's area data centre manager for international operations
Cloud Incidents
| Cloud Incidents are broken into five categories in the database | ||
|---|---|---|
| This category tracks quality control failures that are delivered to a user's computer via automatic update mechanisms. This includes virus signature updates that identify competing products as a trojan or application/operating system updates that break core functionality. Problematic updates can cause widespread impact as they may be delivered to millions of computers quietly and efficiently, typically without user interaction. | This category refers to the unforeseen loss of data or information and can be the result of several issues including poor backup and recovery processes. Data Loss is used to highlight a more serious and typically permanent impact as customer data is lost and not recoverable. In most cases a Data Loss event is also part of a service Outage as well. | When cloud service providers or online services experience a breach they are categorized as a hack. There is no intention to be a comprehensive web defacement mirror; the intent is to document high profile incidents. Events that also lead to a breach of integrity or confidentiality of customer data are also typically included within this category. |
| Includes any unplanned availability or impact to cloud providers such as when services are down or specific features are unavailable. We add each new downtime as an incident and when possible capture the outage duration for the service that was unavailable. In addition, we include (when known) the impacted customer base in terms of specific number of users or percentage of the overall customer base. | This category is used to track site specific vulnerabilities in cloud service providers as well as online services/websites that are not considered software products available for download. It is important to note that these vulnerabilities are typically not recorded in the Open Source Vulnerability Database (OSVDB). Most of the incidents included in this category affect custom software or services. |