Amid the hype around cloud computing, it can be easy to forget that the customer still has to carefully set up its own software and hardware just as it did when running all its own equipment in-house.
At the end of the day, cloud computing just means you’re using someone else’s computer—but it’s still a computer, states Fred Trotter, chief executive of Houston-based healthcare research startup CareSet.
Trotter learned this the hard way earlier this week when his company, which was using some Google (goog) Cloud Platform services, got a warning from Google that one of CareSet’s systems appeared to be launching “intrusion attacks” against third parties.
That’s a big no-no and, if Trotter and his staff did not either fix the problem or explain why the unexpected network traffic was legitimate, then the company’s cloud account would be blocked. That would mean no more cloud services, and no access to the company’s data stored in Google’s Nearline archives.
That marked the beginning of a very rough patch for CareSet.
First, the startup lost valuable time trying to decipher Google’s email, which was not clear, according to the CareSet team. Then, they could not access the proposed remedy linked in the email. By that time, three days had gone by, and Google shut them down.
On Monday, Trotter wrote a strongly worded blog post about the situation that did not paint Google in a very flattering light.
His initial thesis was that Google’s intrusion detection system (IDS)—which aims to keep websites and data safe from unwanted, sometimes dangerous visitors—mis-read some of CareSet’s own web traffic, suspecting evil intent when there was none.
While not going into specifics, a Google spokeswoman verified that there had been an issue with Trotter’s site and that Google was working to provide better, clearer instructions in the future.
Get Data Sheet, Fortune’s technology newsletter.
When reached for comment, Trotter was a bit sheepish.
“I’ve got to eat a little crow,” he told Fortune. It turns out that his company had made a configuration error that opened up some of its sites to misuse by others. Hence the intrusion attacks and the subsequent account lockdown.
But Trotter stuck to his guns that Google’s message to CareSet had been both unclear and unhelpful. Once Google caught wind of Trotter’s blog post—after it had been tweeted out—it became more helpful and restored access to the account quickly. Thus, life and business went on usual. But the cloud services were inaccessible for a day. That is not trivial.
There are some critical lessons here for both CareSet and Google—just as valuable for the search giant since it is pushing its cloud platform as an alternative to market leader Amazon (amzn) Web Services and Microsoft (msft) Azure.
For more on Google Cloud Platform, watch:
For one, customers must make sure their systems are set up correctly the first time. Secondly, cloud providers need to be clear and concise in communicating with customers about any issues—and the ability to reach a support person should not be a state secret. To be fair, cloud providers typically offer support hot lines to top, high-paying customers, but still, if a provider wants to be considered a big-business cloud source, it has to make its support accessible.
Finally, customers need to use more than one cloud vendor for important jobs.
On that last point, Trotter could not be clearer: Google Nearline is a great service, but Amazon’s rival Glacier is so cheap, he noted, “it doesn’t make sense not to use it, too.”
That way, if something goes sideways with one vendor, you’ll still have your data, he noted.