I agree with nschrenk about Carbonite probably relying on a single RAID volume. They don't say, so we cannot be sure.

But, they do blame RAID for the loss and claim that going to RAID6 will solve the problem.

As a minimum data needs to be replicated into separate geographically separate locations - mitigate against RIAD issues or any other single location problems.

S3 does this, but so do other professional services such as the ones we rely on (Connected, LiveVault, Attix5 and Asigra).

Suffice to say that customers should ask the question before using any service and entrusting their critical business data.

Could someone from Carbonite clarify this for us please – if a customer’s data is stored in multiple locations, then this add a ton of confidence – and would help us endorse the service as meeting best practice.

Brett Raynes
Managing Direct, Backup Direct
www.backupdirect.net
www.twitter.com/brettraynes1

I infer from this story that Carbonite stores a single copy of its customers' data on a RAID6 volume in one location. And they used to do the same thing, but with RAID5. If this isn't true, please correct me, but if it is, it sure wouldn't make me feel secure.

Just think of all the types of single-machine failures that could result in data loss! What if the power supply goes bad and fries the electronics in all of the drives in the system simultaneously? What if a small fire roasts all the drives in the system? What if an administrator makes a mistake on one of the systems?

A backup service built on top of a much more robust storage system like Amazon S3 would make me feel a whole lot more secure than what Carbonite appears to offer. Keeping a copy of the data on another machine in the same data center is a minimum requirement, and keeping a copy on a machine in a different data center would be nice.

Backup Direct (www.backupdirect.net) has been supplying business-grade online backup services for seven years. We like to think we know what we are doing and have seen enough examples of the good, the bad and the ugly in this industry!

We are in the fortunate position of using other vendors' technologies – not our own – and select suppliers based on a detailed knowledge of our customers' requirements and the vendors’ capabilities.
From an outsider's point-of-view, it seems that Carbonite is blaming the hardware from Promise for the data loss; whilst Promise is saying that Carbonite did not know what they were doing (see their guarded response on their site).

Now, as Carbonite has/had been going for a few years max and Promise has/had 20-years of experience – I think one can infer (but not prove) that Carbonite should shoulder at least some of the blame for this loss. It looks a little like they are 'workmen blaming their tools'.

We have seen this happen before. It is so easy to put up a web site and some code to backup data – but to make it work in a scaled-up environment is hugely more complex. To argue that RAID6 is 36-million times more reliable to than RAID5 shows naivety in the extreme – and a lack of deep understanding of the real issues – some of which include people, processes, design...There is a very low barrier to entry in the online backup industry – which puts customer data at risk.

Connected's technology from Iron Mountain forms the core of our PC backup service. It has over three million paying users (I stress 3m pay to use it – not free). Companies having chosen it after proper due-diligence include: Intel, Hilton, Amazon, Google, Boeing, PwC, Grant Thornton, Logica...

These companies put effort into selecting vendors. But the standard small business or home user cannot do this. They are left to rely on the marketing 'hype' from certain vendors – which evidently can be weightier than the service infrastructure behind it.
Connected has been developed over 15-20 years and is proven. I have seen it have problems and suffered as these have been ironed out. I certainly know that a problem at RAID level would not have resulted in data.

Brett Raynes
Managing Director, Backup Direct
www.backupdirect.net
brett@backupdirect.net
www.twitter.com/brettraynes1

Carbonite customers’ data loss is not Promise’s fault. For some more context on this case, see Promise's response in a letter sent to customers this week at www.promise.com/ support/ Announcements.asp

You failed to mention this data loss happened back in 2007, and only a small handful of customers were actually affected. Once Carbonite realized the disk failure, they flagged those files to be backed up again, and were transferred from the user's PC to Carbonite's backup servers again. Carbonite is still a good backup system, although I still prefer Mozy.