The world recently experienced an outage from Google that affected Gmail and Google Drive services inhibiting the access of google services starting approximately 2:53 am GMT.
The American multinational technology company that specializes in Internet-related services and products would later resolve the mishap after four hours, apologising on the outage, but only provided scanty details on what caused the serious performance errors.
In a statement Google said, “Dear Agile CRM customers, Google App Engine is experiencing an outage at the moment. Agile CRM’s services might be temporarily affected by this. @googlecloud team is on it and a fix is expected soon. We regret the inconvenience and appreciate your patience in the meantime.”
The outage came only one day after Google’s Cloud status page also showed issues with its Google App Engine Blobstore API and App Engine Version Deployment, with the company’s engineering team having to migrate underlying storage infrastructure to resolve the issue, which lasted over three hours.
The App Engine is a web framework and cloud computing platform for developing and hosting web applications in Google-managed data centres.
The outage left companies scrambling to inform their customers any app outages were not their fault and that Google was addressing the issue, Gmail has more than one billion users globally. Those affected by the Google outage were unable to send emails and received an error message saying: “Message could not be sent. Check your network and try again”.
Users were receiving “error messages, high latency, and/or other unexpected behavior” Google said. Maps was also affected, some users reported. Although it is unclear how many users were affected, the hashtag Gmail down #Gmaildown trended on Twitter over the night.
During the outages Google said that “customers will have issues accessing or attaching files in various products”, including “attaching or accessing attachments” to emails, “as well as accessing and saving draft emails and sending emails” along with access issues to personal cloud storage offering Google Drive.
Google has however not been alone in the experience. Facebook and other social media platforms have been to the outage front. Such outages could spell severe implications; some of which are discussed below.
The most obvious one being the impact of data management during an outage period. Software developers tend to design their test suites around proper functionality – does the product or feature operate as expected. Negative testing or characterizing behaviors in the face of adversity may not be part of the test suites run during normal release cycles.
During service outages, the potential to leak data increases. This leakage might simply be within an application log, an error message, or a status returned from a service- independent of any level of malicious attack which might be in progress during the outage. In effect, application developers might simply be placing some data into debug statements which should be protected.
The other implication revolves around how interconnected the digital world has become, so much such that an increasing number of websites now use a social media login instead of requiring a username and password combination. One huge benefit with this is that websites which might have previously implemented custom insecure authentication methods, or have suspect encryption for stored passwords, can securely manage passwords for their users by simply not storing them in the first place.
With a social media login, the login provider handles password management and returns an access token representing the user to the website hosting the login button. The website then is able to use that access token to obtain public information on the user, such as their name and avatar icon.
This process increases overall password security by transferring password management to the social media provider. It works very well up until the social media provider has an outage. This hinders the ability to validate the access token at which point users are not able to access any data or services behind accounts they’ve protected by such logins.
Implication number three is on downstream services. A downstream service leverages on data from the system experiencing an outage. So, anyone using a social media platform as a means of customer engagement, could directly experience impacts on revenues as well as service reliability of data which consequently impacts on their reputation in the market.
It is only safe that everyone reviews precisely where they’re using their social media logins and what services they’re obtaining data from so personal data is not compromised. Also, reset passwords used on social media platforms and revoke and reauthorize access to tokens issued by those platforms after an outage.
These caution practices helps minimize the chances of a malicious group benefiting from any service outage and gaining access to personal data.