Ask An Expert

Cloud storage keeps files/objects in a central place (i.e. the cloud). Users can either access the files directly or make changes to a local file and sync with the cloud. When multiple people make changes to a file they can either do it sequentially (i.e. one person makes a change, uploads to the cloud, next person downloads the files, makes the changes, upload, and so forth) Or one person creates the material (for example: a presentation or a proposal) uploads the file(s) and then multiple people download and make changes simultaneously. While the cloud cannot resolve the edit conflicts, it will keep the revisions separate and organized. Someone has to get the editor's pen, download the versions, consolidate the edits and upload the consolidated version. Many cloud services offer a locking feature to minimize edit conflicts.

The cloud also enables access to the files from any device, including mobile phones, tablets and laptops.

That doesn't mean the security is lacking. In fact, the reverse is true. The cloud storage enforces uniform permissions across the multiple devices, as well as creating access logs. Usually the enterprise admin defines folder and file permissions depending on the roles of the users and monitors access via the logs.

Usually the cloud storage provider has client-specific applications. For example Egnyte offers the Personal Local Cloud (PLC) application for laptops running Windows, Mac OSX or Linux, native apps for iOS, Android and Windows Mobile, Office Local Cloud(OLC) for NAS boxes and Enterprise Local Cloud (ELC) packaged as a virtual appliance, thus covering the spectrum of ubiquitous access. See also "What is hybrid cloud storage?"

Another aspect of the cloud is the ability to collaborate with partners and customers. Customer or partner users may be granted access to the specific project folders required for collaboration. Once the appropriate permissions and access methods are setup, it becomes easy to share files.

Other question(s) answered in this page include: What is "cloud-based storage"?

Definitely. Tablets, coupled with cloud storage, are an attractive solution for many users. In fact, Egnyte found that use of tablets and cloud storage has increased dramatically, even among business users!

Digging deeper, tablets are becoming popular inside and outside enterprises. While tablets have computing capability, their storage is limited. Moreover, tablets are one of many devices an individual uses. So, a hybrid cloud storage model makes a lot of sense from a tablet perspective. Look for wide adoption of tablets inside enterprises, big and small, all backed by cloud storage.

• Tablets are not only communication devices, but also collaboration devices; people use tablets not just for reading and viewing videos — they can review proposals, comment on reports, and even sign a contract electronically using their tablets. All of these use cases make perfect sense for cloud storage. In short, a tablet-based digital lifestyle, play and work, requires a central cloud-based ubiquitous pervasive storage fabric, which is what hybrid cloud storage provides.

Cloud storage is a natural evolution of the digital life style — whether at home, at work, or at play. Of course the enablers and the value proposition for enterprises are different from those for a consumer.

• From a consumer perspective, a digital lifestyle — be it sharing photos and video, accessing files from multiple devices from home, work or on the go, or even backup of the terabytes of valuable information one has — is enabled by cloud storage.
• From an enterprise and SMB perspective, cloud storage has multiple advantages including — enabling collaboration and file sharing between partners and customers, supporting mobile workers, backup and archiving, connecting storage between branch offices and/or remote offices, and finally acting as primary storage.
• An interesting manifestation of the consumer digital life in the enterprise space is the multi-device access to documents for collaboration.

Companies from many and varied industries, like venture capital, insurance, schools, automotive, advertising and retail, use cloud storage; small and medium businesses (SMB) to large companies leverage cloud storage for working internally across offices, as well as with partners and customers.

Here is an interesting article that appeared in the San Jose Mercury News
http://www.insidebayarea.com/business/ci_19932252. ("cloud storage is becoming a part of the digital life and users expect everything they're doing digitally is available somewhere else through the Internet." In a hyper-connected world, users tend to have multiple devices and work across time zones with colleagues, partners and customers across geographic regions. And they expect information to be readily available!

Other question(s) answered in this page include:

• What's the point of cloud storage? Why is it so popular?
• What are some useful ways to use cloud storage?

While there are a few domain-specific requirements that one has to consider when evaluating a cloud storage provider, many of the characteristics are the same across any domain or business.

I would segregate them into two big buckets — an Enterprise-grade infrastructure and a consumer-grade feature set.

The first criteria I would look for is an enterprise-grade infrastructure. This includes a focus designing for SMBs and enterprise, extensive administrative and audit capability, as well as a mature authentication and authorization feature set.

• First and foremost, enterprises need the ability to control the visibility of the information and audit access.
• Next, of course, is the ability to authenticate users based on enterprise systems including Active Directory, SSO protocols like SAML and OAuth, as well as graduated user name and password schemes. The flexible and rich authentication schemes are required to match the user base — from employees to customers and partners, with limited access and visibility.
• And that brings us to authorization, i.e. the ability to limit visibility and segment users based on their role and affiliation.
  • For example, an internal employee in marketing would have access to the marketing folders, as well as common company folders that would be shared across all employees.
  • A vendor participating in an RFP process might have visibility only to the RFP materials and to one's own response folder.

Once we pass the enterprise-grade infrastructure, the users want flexibility and functionality.

Multi-device access with efficient and flexible sync, directory level sync (so that you carry only the files you need), a responsive UI, as well as flexible but deterministic authentication schemes, are important capabilities.

Other question(s) answered in this page include:

• What are the selection criteria for cloud storage?

Usually local storage means the files — be they documents, presentations or drawings — are stored in one's own device. That device could be a desktop, laptop, tablet or smartphone. The main restriction is the fact that access is difficult if one is not working on the device; even if one is on the device, sharing the data is not easy.

Hybrid cloud storage or online storage stores the data in a central place called the "cloud". The files can be accessed in multiple ways — via a browser, mobile device, laptop, NAS device, or local virtual server.

Can you compare online data storage vs. an external hard drive?

An external hard drive gives more portability than storing files on one machine. The external drive can be connected between multiple devices as needed. Also external devices can act as a backup.

But an external hard drive does not solve the challenge of accessing from multiple devices or access when you are mobile. Also, space is limited on an external drive and one has to buy bigger disks as your storage needs grow.

In short, external disks are fine for local backup of a computer or as temporary transport for a small amount of data. But as a permanent solution for your growing data needs, online data storage is much better.

Also, for an enterprise or small business, external disks will not suffice. Likely a NAS device backed with a hybrid cloud is an effective solution.

Other question(s) answered in this page include:

• What is the difference between online and local storage/data?

Cloud storage is changing habits at work, at play, and everywhere in between.

Organizations are using cloud storage for internal collaboration, as well as for working with customers and partners.

At a personal level, people are using cloud storage for storing photos, music, and other files that they use in their day-to-day life. Lately, music streaming from the cloud is becoming available from companies like Amazon and Apple.

What is the best way to manage data on several PCs?

The challenges of data distributed across multiple PCs include access and synchronization. In addition, a consistent backup is almost impossible without elaborate scripts and schedules.

A hybrid cloud solves this problem very well. Get an account in a hybrid cloud provider, install a copy of desktop sync software on each PC, and enable sync between all the PCs. If you want to partition the data, you can have selective subfolder sync, thus keeping specific dataset on different devices. The cloud, of course, will have a superset of all the data.

How can files be shared across cloud services?

This involves cloud storage interoperability via established standards. SNIA CDMI is an evolving standard in the cloud storage space; it is also becoming an ISO standard. Another approach is to have a driver layer for popular cloud storage formats — for example Driver for Amazon S3, Rackspace Cloudfiles and so forth. Then you can use one driver to read from a storage cloud and use another driver to write to a second storage cloud.

How can local folders be accessed from any location?

The best solution for remote access of local folders is to use a hybrid cloud storage solution and sync folders to the cloud. Then you can access the contents from anywhere, with any device.

Actually it is very easy and methodical.

The first step is to define some rough requirements and access patterns. For example: do you want to synchronize between multiple devices, do you want mobile access, do you need granular permissions, are you planning to share between customers and partners, and do you have remote or branch offices that need data synchronization?

The next step is to do some research and select the right cloud service provider. For example if you want multi-device access and/or branch office access, a hybrid cloud provider would work well.

After you have established an account, work out a topology consisting of local clouds, NAS boxes, laptops and mobile devices; and install appropriate software as needed.

Once the topology is finalized, you will have to upload and prime the storage cloud with all the files. Normally the cloud should hold a superset of all the data.

The next step is to configure the permissions and synchronization policies. Then, activate the various devices for synchronization and start using the files!

Naturally, as you start using the cloud storage, you will discover new ways of leveraging the medium to work internally, as well as for collaborating with partners and customers.

Other question(s) answered in this page include:

• How do I keep a local folder synced to docs cloud?
• How should documents be organized in secure cloud storage?
• How can I permanently store data in "The Cloud"?
• How do I plan now for hybrid cloud management?
• How do I store files in the cloud - and why do I want to do that?

There are multiple dimensions to these questions. Security, of course, is the overarching concern, accompanied by safety and reliability. Different cloud storage vendors address different markets, and thus provide appropriate security based on the market needs. I am going to address enterprise-class security for a cloud storage provider.

• The first consideration is the infrastructure security of the cloud storage provider. Look for well-honed operational procedures, as well as periodic third party audit and/or subscription to penetration tests and results thereof.
• The second consideration is transport security — you should be using SSL/https for all operations with the cloud provider, including web access, sync with the local cloud, as well as mobile access.
• The third consideration is the security at rest — the service provider should be encrypting the content with AES-256 for storage in the cloud.
  • Look for key management best practices. For example, each workgroup or domain should have its own key and there should be policies for periodic key rotation.
• Additional security can be added by encrypting the contents of your hard disk with disk encryption software like Sophos, TrueCrypt and PGP disk encryption.
• Another important security aspect is the ability to add permissions at the folder level, as well as administer granular user policies.
• Naturally, the cloud provider should have extensive audit capabilities and your admin should go through the audit reports frequently.
• Additional security features include domain segmentation and isolation, federated identity for use authentication, and data leakage protection support.
• Depending on the compliance requirements of your industry, there may be locality compliance, isolation compliance and other specificities.

Other question(s) answered in this page include:

• How secure is the cloud --perception vs. reality?
• Are online data storage websites safe?
• How does data stay secure while in transit to and from the hybrid clouds?
• How do providers ensure online business information is secure?
• Why is cloud computing safer than other alternatives?
• Is cloud computing more secure than what we have today?

There are many ways an organization can minimize the risk of using a cloud storage provider.

Don't mix consumer cloud services and enterprise class services.

There is a marked difference in terms of control and management when it comes to enterprise cloud storage. Never use a bit-locker class storage cloud with enterprise data.

Enterprise class storage services have well-structured permission capabilities, directory-level sync capabilities, and a detailed administrative layer with well defined user on-boarding primitives and strong security policies. Enterprise-class control and visibility is key. The best practice, whether you are a small, medium or large business, is to use an enterprise-class cloud storage provider for your enterprise storage. This will minimize the risk of a shutdown. There is still a small chance... so follow the rest of the pointers.

Use a hybrid cloud storage solution rather than a pure cloud service.

Now that you have chosen enterprise-class cloud storage, the next pointer is to use hybrid cloud rather than a cloud-only solution. In a hybrid cloud storage solution, the cloud acts as an intermediary that maintains a super set of your data, with the local cloud acting as the primary storage.

The local cloud storage can be a set of NAS devices (or virtual appliances) in your organization (with multiple devices at different locations/branch offices) or personal local clouds on people's laptops.

Talking about what I know best, Egnyte has well-honed sync algorithms that are capable of syncing the local clouds with the Egnyte cloud continuously, on demand or periodically.

The permissions and groups are maintained consistently and coherently across the local and remote clouds.

In many ways the hybrid cloud is the answer to Paul Samuelson's dilemma "have one's cake and eat it too...".

If your local NAS box (or the laptop hard disk) crashes, the remote cloud acts as backup; and the local cloud acts as backup if your cloud service goes down.

Manage the data lifecycle effectively.

Another important aspect of a good storage scheme is lifecycle management — all data are not created equally. Usually enterprise data has a temporal affinity — for example revisions and versions are important while working on a proposal or a presentation, but after the proposal is submitted only the last couple of versions are of interest. In Egnyte's case, we maintain versions of the documents (the version policy can be tweaked by the admin) thus giving you the ability to track changes between versions, as well as the ability to traverse between versions created by different folks working on the document. Of course, the merge has to be done manually — but the information is not lost.

I think this is an important feature, especially in this busy world. Overwrites happen, simultaneous updates are a fact of life — the best way is to accept them and have a way to succeed in spite of the maddening crowd!

Back to the main feature discussion, the best practice is to keep the earlier versions only in the cloud, and keep working set in a hybridcloud storage provider.

Match the business requirements and the domain impedance.

This is related to the data life cycle, but from a data organization perspective. The business requirements span a spectrum–effective collaboration, information exchange, not only between employees but also partners and customers, data retention, business continuity, as well as compliance requirements. Naturally, choosing an enterprise-class cloud provider and using a hybrid cloud storage model mitigates some of these risks. But the question at hand is -- how do you mitigate the risk of a disruption of the cloud service provider?

As I had pointed out earlier, the hybrid cloud acts as a mitigation strategy for disruption of the cloud. The laptops and the local cloud devices (NAS/Virtualized appliances) act as the 1st line of storage.

But if you want to be more cautious, you can have a separate secondary cloud provider just for periodically backing up your data (especially the older versions of files) while using a primary hybrid cloud for daily operations and collaboration.

Pay attention to data interoperability.

This is important. You don't want to be in a platform that is a "vendor lock-in".

Usually a web server is deployed to manage a web site and is very different from cloud storage. While you can point a web server to a directory, and then upload or download files via the http protocol, the functionality is quite limited. The web server is not designed to backup the data store or provide a layer of security.

In short, a web server is best for hosting web sites and cloud storage is best to handle your data storage needs.

Is cloud storage really unlimited?

Yes it is. Cloud storage service providers make sure there is enough storage space for all their customers. There are sophisticated monitors and calculations to ensure there is enough space available in the cloud. They also have contracts with storage and computer vendors for an ongoing supply of the required hardware, including hard disks. Naturally, one has to pay for the storage used and this provides an incentive for the storage cloud vendor to make capacity available on demand.

How reliable is online data storage?

Online data storage is quite reliable, in fact more reliable than local storage at home or in an office. Usually online or cloud storage has more than one copy of files stored in a redundant fashion. Cloud storage infrastructure usually utilizes hardware schemes, like RAID 6, striping data across multiple spindles and with redundancy. Many cloud providers also have data storage across availability zones, which are separate in every way (for example a different source of power, geographically distributed, and so forth). For more redundancy, many vendors offer redundant storage across data centers in different parts of the country or in different continents.

Other question(s) answered in this page include:

• How safe is online file storage?