FB Posting on Dec 22nd 2025

Way too hilarious to not share:

Auditor: “Where do you store your backup tapes?”

Customer: “We’re on AWS. Everything’s replicated across regions.”

Auditor: “Yes, but where are the physical tapes?”

Customer: “There… aren’t any. It’s the cloud.”

Auditor: “So you don’t have backups?”

Customer: Shares S3 versioning + AZ setup

Auditor: “This doesn’t mention tape rotation schedules.”

Welcome to 2025, where auditors still think everyone has a server room with a tape library like it’s 1995.

Few months ago, an auditor asked about our “offsite tape storage facility.” I told them it’s called us-west-2. They wanted the street address. I almost gave them Jeff Bezos’ house.

It’s like these compliance frameworks are stuck in a time warp:

• ISO 27001 still references “removable media handling” (hello, floppy disks!)

• SOC 2 asks about “physical backup storage” (picture me showing them a USB drive)

• Auditors want photos of your “data center” (it’s someone else’s data center, guys)
  

Real questions I’ve gotten this year, I swear:
“How often do you test tape restoration?” – Never. We test automated snapshots, like civilized people.
“Who has access to the tape vault?” – Jeff Bezos, I guess? Should I page him?
“What’s your tape retention policy?” – Infinite, and it costs $0.023 per GB. Try beating that with iron oxide.
At Mycroft, we’re practically bilingual. We translate between 1990s compliance speak and 2025 AI reality. Because someone has to explain that “11 nines durability” beats a dusty tape in a bank vault, and that yes, the cloud IS someone else’s computer.

– Excerpts from Mike Kim’s LinkedIn posting.
If you don’t understand the funny side of this story and you are from corporate audit, come by my office and I’ll explain the humour, and maybe perhaps have you engage my services.