by Larry Alston
posted on Friday, September 27th, 2013
posted in Community
I don’t know about you, but it seems to me that it’s getting awful deep around here. Look, I’m all for creative marketing and business plans, but when a business starts talking about indemnifying and “proofing” against data loss or loss of privacy (even against their own government?), I have to put the hip waders on and try to wade through the, let’s call it FUD, to see what’s real and what isn’t.
The fact is, there are some government activities (not just PRISM, not just the US) and some really bad good hackers out there that want at your secure corporate data. Data that, until the recent advent of the Cloud, BYOD and file sync and share apps, was secure (mostly) behind the corporate firewall and in the control of corporate IT. It seems counter intuitive to believe that if your data resides somewhere in the cloud, that all the indemnifying and proofing in the world can protect you.
We’ve written about this many times on our blog and in the press and more press. We’ve talked about it here and in Europe. There’s no magic wand, no single bullet, no best way of doing something for all use cases.
Here is what we do know. The best way to ensure that your data is completely secure is unhook your server from the internet, lock it in a room and throw away the key. I know, I know, talk about needing hip waders…. But it’s true, not reality, but true. So what can you do?
First, have a plan. Decide what data you can put in the cloud and what you can archive in the cloud. What data is company critical and needs to remain behind the firewall?
Next, audit the use of the cloud and file sync and share storage.
Now, find a file sync and share solution that allows IT – NOT the end users – to control access to ALL your data and lets YOU decide what goes where, who has access to what and where.
Part of that decision must include how comfortable you are that the storage is in the cloud in a third-party datacenter (in a location TBD by the vendor, not you). Indemnification sure doesn’t solve the privacy, regulatory and even legal issues you may have. Next, even if a vendor allows you to store data on-premises, does it still have to be sent through their server, exposing it to hackers, governments and other misuse?
Lastly, even if you can install the software in your data center, does everything you want to remain in your datacenter actually remain there (for instance metadata)? And can you TRULY be PRISM proofed if it doesn’t?
I don’t see how frankly, BUT we take that guess work away. Only with ownCloud do you have the actual choice of where your data resides (Cloud, on-premises or Hybrid) AND allows you to install it directly on your servers, integrating with all the tools you already have – authentication, security, backup, governance – and never does anything go to an ownCloud server (not even metadata).
ownCloud gives IT back control of corporate data, Cloud, BYOD File Sync and Share and all.