Sure, it's Secure!

Sidekick: Microsoft's biggest failure yet?

When Microsoft lost T-Mobile Sidekick users' data, it also lost any credibility it might have for security. But, there's a bigger problem for everyone lying underneath

You can't make stuff this bad up. Many T-Mobile Sidekick smartphone users lost all their contacts, calendar entries, photographs, you name it, when Sidekick's back-end software provider Microsoft, Danger, went down.

Danger turned out to be an all too apt name. Sidekick users use the Danger servers to synchronize their smartphone's content with a cloud-based storage service. When the servers went down, during it seems, an upgrade of Danger's SAN (storage area network), all the online user information disappeared with it. You see, while neither Microsoft nor T-Mobile is saying exactly what happened, it appears that Danger didn't back-up its servers before launching into a major, and failed, SAN upgrade.

I don't know about you, but any where I've ever worked, not running a backup before any major upgrade is a firing offense. And, not just any firing, this is a "don't let your feet touch the floor as the security cops run you out of the building" crime.

This isn't just a tech problem though. This is an organizational problem. This is a case where firing them all, from the top down, and letting unemployment sort them out is appropriate. There is simply no way on Earth that Microsoft should have tried this 'upgrade' without knowing that a backup was set, checked, and ready-to-go.

Microsoft is holding out some hope that some user information may yet be pulled out of the Sidekick wreckage. I wouldn't hold my breath.

This makes the second time in the last thirteen months that a Microsoft Windows-based server system suffered a catastrophic public failure at a major, public site. Last September, it was the London Stock Exchange that was knocked out of business. They got the clue. The London Stock Exchange decided to move its core trading infrastructure to Linux.

T-Mobile, if it's smart, will do the same. Presuming, of course, that they can find anyone to trust them with their information again.

As bad as this episode is though, there's a bigger problem hiding under it. These days we all trust a great deal of our information to Internet-based services. Whether it's a cloud or a remote server, we're putting more and more of our data into the hands of strangers.

While I think it's particularly foolish to trust remote Windows-based software with such information, isn't it really silly to blindly trust anyone?

It's not just mobile phone users. Don't you have important e-mails in Yahoo Mail? Photos on Flickr? Documents in Google Docs? You get the idea.

There are ways to keep local copies of some of this information. Google Gears, a Web browser extension, for example, lets you store a lot of Web-based information locally. But, it doesn't work with everything. For more on this and similar approaches I recommend you read my recent IEEE Spectrum story, 21st Century Backups.

And, if I were you, I'd start making sure with any service, for phones or PCs, that offers to keep my information for me online that they also provide an easy, automatic way to keep backups of my files and data locally. As the Sidekick fiasco has shown, you really can't trust anyone to safely save your information.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world