Posts

What Are the Risks Involved With Cloud Storage?

/in ,

risks involved with cloud storage

While cloud storage offers numerous benefits, it’s important to be aware of potential risks associated with this technology. Here are some common risks involved with cloud storage:

  1. Data Breaches: Cloud storage providers are responsible for securing your data, but no system is entirely immune to data breaches. A breach could potentially expose your sensitive information to unauthorized individuals or cybercriminals.
  2. Data Loss: Although cloud storage providers typically have robust backup systems, there is still a small chance of data loss. This could occur due to hardware failure, natural disasters, software bugs, or human error. It’s important to have additional backup measures in place to mitigate this risk.
  3. Limited Control: When you store your data in the cloud, you rely on the provider’s cloud infrastructure and security measures. This means you have limited control over the physical storage environment, data handling processes, and security protocols implemented by the provider. It’s crucial to choose a reputable and trustworthy provider to minimize this risk.
  4. Service Disruptions: Cloud storage services can experience downtime due to various reasons, such as maintenance, power outages, or network failures. During these disruptions, you may be unable to access your data temporarily, which can impact your productivity or business operations.
  5. Compliance and Legal Issues: Depending on your industry or geographical location, storing certain types of data in the cloud may raise compliance and legal concerns. You need to ensure that your cloud storage provider complies with applicable regulations and provides adequate data protection measures to avoid potential penalties or legal consequences.
  6. Vendor Lock-In: If you heavily rely on a specific cloud storage provider and its proprietary technologies, switching to a different provider may be challenging. This vendor lock-in can limit your flexibility, scalability, and bargaining power. It’s advisable to choose cloud storage solutions that allow for easy data migration and interoperability.
  7. Dependency on Internet Connectivity: Cloud storage relies on an internet connection for data access and synchronization. If you have limited or unreliable internet connectivity, it can hinder your ability to access your data in real-time or perform backups effectively.

Other Human Risks Involved with Cloud Storage

A recent survey by WinMagic, a UK-based storage security firm, highlights some interesting, if not disturbing, information about employee use of cloud file and storage services. Speaking with over 1,000 employees at companies with at least 50 employees, the survey found that both users and businesses appear to be unclear about the need to protect cloud data, and how to do it.

Key findings of the survey:

  • Only 35% use a service sanctioned by their employer
  • 50% use personal equipment to access work information and services at least once a week
  • 65% of employees don’t have or don’t know the company policy on cloud storage
  • 5% use cloud services knowing that the service has been restricted by the company

The disparity between IT policies regarding the use of cloud storage and employees habits is troubling, particularly given the risk of data corruption, loss, and breaches.

The solution is not to avoid the cloud due to the perceived risks involved with cloud storage. Nor should you create a draconian culture around technology and cloud usage.

To mitigate Cloud Storage Risks, Consider Implementing the Following Measures:

  • Create and share a clear, concise policy on the use of cloud services, and IT in general, for your company
    • Clearly require that work related to data to be stored only in sanctioned systems and services, and the work and personal applications and data be completely separate.
  • Provide a suite of services that meet users’ needs
    • Ask users which tools help their productivity and evaluate the secure, business versions. Remember that one size does not fit all and you may need or want multiple options.
  • Monitor and manage access, security, and privacy
    • Deploy systems that let you monitor and manage access to company data, the security of the data, and your data privacy compliance. In addition to user identity and access controls, monitor and manage file permissions based on content along with 3rd party application (especially mobile app) access to your data.
  • Inform and educate your team
    • You do not need a series of boring lectures and meetings to indoctrinate your team into the new world order. A clear, concise discussion regarding appropriate use policies gets the message across.
  • Be nimble and communicate
    • Cloud is still fairly new and services are constantly evolving and launching. Users’ needs are changing constantly as well. If you can respond to your users with tools and services that meet their needs, you eliminate their “need” to circumvent the official tools. Communication about why certain

By being aware of these risks involved with cloud storage and taking appropriate precautions, you can make informed decisions about utilizing cloud storage effectively while safeguarding your data.

A balance of useful and secure cloud services, clear policies that promote responsible use, and tools that monitor and mitigate risks will improve not just your security profile, but your efficiency as a business.

We offer a range of data protection & security services, contact us to learn more.

 

 

VDI Solutions: Uniting Performance, Scalability, and Cost-Efficiency

/in

 

VDI solutions diagramLike many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise.  For others, a cloud-based CRM service or VDI solution was the first application in the cloud.

Currently, we see organizations rapidly moving file services and storage into cloud-based solutions as more marketing, sales, and line of business applications switch to Software-as-a-Service (“SaaS”) or SaaSOps solutions. Often, this leaves you with a small set of business applications running on-premise.

VDI Solutions Explained

What do you do with applications and services left on-premise when most of your systems have moved, or will be moving, to the cloud?

While you may wish to keep these legacy systems on-premise, you can move them into a cloud or hosted Virtual Desktop Infrastructure (VDI) environment. VDI environments provide a virtualized, remote desktop accessible via browser or “receiver” app.  When connected, users get their full desktop environment with access to local and network applications.

Some applications, such as computer-aided design (CAD) and manufacturing/process controls, are not well-suited for VDI. Most local and network applications work well within a VDI environment. VDI services typically charge based on processor load, memory, and allocated disk space. Fees may also include standard office software, data backup services, malware protection, and other common network services.

Why use VDI Solutions?

  • Improved secure accessibility to legacy applications, particularly for remote and mobile users
  • Lower cost for IT and cloud infrastructure, especially when email, apps, and other services are moving to the cloud
  • Improved reliability and security, as VDI solutions run in professionally managed data centers
  • IT resources are free to work on higher value projects than maintaining core infrastructure and services
  • Lower cost and less administration of end-user devices, as you can move to thin clients, chromebooks, and tablets as existing desktops and laptops need replacing

When to use a VDI Solution? 

For some small and mid-size enterprises, VDI solutions provide a means to “clean out the closet”, to simplify their IT solutions and walk away from endless maintenance and updates. For others, a VDI solution enables them to move legacy systems and applications to a cloud-based environment.

When considering a VDI service for legacy applications and systems, answering a few basic questions while help you determine if your “when” is “now”.

  • Is the application is available in a Software-as-a-Service (Saas) subscription?
  • Does the application have custom modules or code that would prevent running the SaaS version?
  • Are application requirements — processor power, memory, disk space — known and understood?
  • How many users need access to the application?
  • How many users receive reports or data from the application?
  • What connections or integrations exist between local/network applications?

With answers to these questions, you can scope the size and configuration of your VDI environment. You can also assess if the benefits, and the costs, of a VDI solution outweigh the costs and effort required to maintain the systems on-premise.

As you move applications and services to the cloud, you will likely reach a point where you no longer have the critical mass necessary for on-premise servers to be the most economical and effective solution. When you reach this tipping point, a VDI solution will provide a secure home for your systems, your business, and your budget.

Cloud File Services: How to Define Their Role and Manage Data Better

/in ,

cloud file services

What Are Cloud File Services?

Users can store, access, and exchange files and data via online platforms known as cloud file services, also referred to as cloud file storage or cloud-based file sharing services. Without the use of physical storage devices or on-premise servers, these services offer a practical and effective solution to manage files from numerous devices and places.

Cloud file services can fill many different roles for your business. Often, the use of cloud file services begins with employees using consumer products, like Dropbox, to share files with customers and each other. While sync-and-share can be an effective way to manage files, you should always rely on the business editions to ensure that the business is in possession of, and is managing, your data.

That said, this use of file sync-and-share tends to be transient in nature. At the other end of the spectrum, many businesses are replacing on-premise servers, NAS, and SANs with cloud file services, which become the primary file service.

To help you plan how to create the best cloud file service for your business, consider these working definitions and considerations with respect to data protection and management.

Define the Role of Your Cloud File Service

Transient File Service

  • Transient file services are used occasionally for storage and sharing of files.
  • Often a sync-and-share service (Dropbox, box.net, etc) or a peer-to-peer service (Drive, etc.), files are copied to the file service and shared.
  • In most cases, files sync back, or are manually copied, to their primary location. As the primary location for files is protected by backups and permissions management, transient file service generally don’t need or have backup protection.
  • Permissions management is often the responsibility of the individual users. As such, transient file services should not be used for sensitive or protected (PHI, PCI, etc) information.

Secondary File Service

  • A Secondary File Service will fill the role that the Transient File Service provides, but will also be the home — the system of record — for some information.
  • Companies create Secondary File Services to handle information that is used collaboratively, but wants to keep internally-used data and critical business information in-house. An architecture firm, for example, might have active projects residing in a cloud file storage service while keeping past project data and internal operations (HR, finance, accounting, strategy) on in-house systems.
  • While sync-and-share can serve the needs of secondary file server, peer-to-peer and managed file services provide better control over your data.
  • As a Secondary File Service will be the system-of-record for important information (i.e., the data is not synced or copied to other storage), these file services should be protected by Backups.
  • Secondary File Services may or may not be used for sensitive or protected information. If they are, then active permissions monitoring and management is advised to prevent inappropriate disclosures, leaks, or breaches.​

Primary File Service

  • A Primary File Service becomes the system of record for most, if not all, of your company’s files and data. As such, the cloud file service will hold sensitive and protected data.  Access, permissions, and protection are as critical in the cloud as they are on-premise.
  • Backup/recovery and active permissions management become critical components for ensuring data reliability, security, and privacy, and may be required for regulatory or industry compliance.
  • While smaller businesses can use the peer-to-peer, larger businesses or those with larger numbers of files find that a managed and structured file service works better.
  • Centralized ownership and control over permissions improves security and efficiency.
  • Sync-and-share services may still be used to support off-line work, but should be managed closely to ensure sensitive and protected data remains secure.

 Hybrid File Service

  • A Hybrid File Service exists when the Primary File Service is split between on-premise servers and cloud-based file services.  A Hybrid File Service differs from the use of a Secondary File Service in that the Hybrid File Service sees both on-premise and in-cloud as equal components of the ecosystem. Data location is based on access needs and usage rather than on the type of data.
  • For some organizations, Hybrid File Services represent a transition period from on-site to cloud file services. For others, Hybrid File Services reflect a broader hybrid cloud strategy that mixes SaaS and IaaS services with on-premise systems.
  • As Hybrid File Services create a cloud-based extension of on-premise servers, a managed file service with central ownership and permissions control is most often the best structure.
  • With a Hybrid File Service, the cloud component requires backup/recovery and permissions protection on-par with your in-house servers.

By understanding and defining the role of your cloud file services, you have a better understanding of the type of managed cloud services to use — sync-and-share, peer-to-peer, or managed file services. You can also best determined the level of backup/recovery, access, permissions, and encryption you want and need to meet your business’ needs and any regulatory or industry requirements.

Reconsider Your File Sync-and-Share Services

/in ,

File sync share
It is no wonder why file sync-and-share services are so popular. They are easy to setup and use, particularly with people outside your company or organization. And, most people you want to share with have, or are willing to create, a free account to see your shared files.

As a business, government, school, or non-profit, however, you may want to reconsider how you let your team use file sync-and-share services.  Here’s why:

Who “Controls” the Data?
  • Do you know if individuals are sharing information inappropriately?
  • Could you recover files deleted by a user from their account?

File sync-and-share services create de facto peer-to-peer networks. Files are “owned” by the person that created or uploaded them. Permissions are controlled by each user, not by any central policy. As such, you have little ability to monitor or manage access to your data, which puts your business at risk for data breaches, as well as policy and regulatory violations.

Can You “Find” the File?
  • Are you comfortable with a peer-to-peer file service with little central control?
  • Are folks wasting time figuring out in which folder files are stored?

With each user creating folders and files to meet their own organizational needs, finding files shared with you can be challenging. As users create similarly named folders, locating files can be a challenge. You should never need to call a person for help locating a shared file.

Where, “Exactly”, is the File?
  • Would a lost or stolen laptop or phone give somebody easy access locally saved files?
  • Is locally saved data as secure as data on your server?

Chances are, your team is syncing files to/from laptops and mobile devices. So even if you are using a secure file sync-and-share service, your data is likely at risk. File sync-and-share services create local directories for storage and most services rely on your local security to protect those files. In other words, your data may be on a laptop or mobile device with no (or trivial) password protection. Adding drive-level encryption is an option, but adds money, complexity, and support costs to your environment.

 

Fortunately, solutions exist.

Secure, enterprise file sync-and-share solutions provide centralized control of what data can be synced to local devices, and by whom. These solutions also require login verification before accessing information on the local devices. Managed cloud file services let employees use locally installed apps with cloud-stored data, while providing centralized ownership and permissions management. Each solution has its limitations and benefits; understanding how your users need and prefer to work is key to making the picking the best solution.

Contact us for more information about available cloud file service options.

 

Consider Cloud File Services

/in


When we talk to businesses about moving into the cloud, we often focus on the cloud-based, managed file services. We see how trendy file sync-and-share services have become as IT continues its love-hate relationship with consumerization.  We also see how simply putting a traditional file server in a cloud-hosted environment does not reap the benefits many expect.

For us, a managed cloud file service provides users with secure access to files in a central service, from any Internet-connected device.  “Managed” means that your IT admins and/or data managers are able to monitor and control the access rights, exposures, permissions, and ownership of information stored within the service. “Managed” also means your data is protected from user error (or intention) as well as hardware/software issues.

While file-sync-and-share is one type of cloud file service, it is not the only form of cloud file service. 

As you think of how to best move file storage into cloud file services, consider your business and technical needs.

File-sync-and-share is easy to deploy, but implies that you will have multiple copies of data on different devices, each of which will then require protection.  File-sync-and-share also creates a peer-to-peer sharing service, in which users can get lost among shared folders and unclear ownership.

Other peer-to-peer solutions, including OneDrive and Google Drive, can cause similar user confusion as the number of users, or the number of documents, increases.  And while peer-to-peer file services where the rage back in 1998 with the release of Windows for Workgroups, most businesses have been running on centralized file servers for at least the past decade.

A managed cloud file service can provide a working environment similar to an on-premise file server. When structured properly a managed cloud file service can provide:

  • A single location for data (no need to replicate to local machines)
  • Centralized ownership of file space, libraries, and directory hierarchies
  • Centralized administration of access rights and permissions, by user or group
  • The ability to provide shared folders/directories for company, department, or project team work, along with personal folders/directories for individual activities
  • Unified search across shared and individual file spaces
  • Secure access from any device — PC, Mac, iOS, Android, Chrome, etc.
  • Administrative ability to monitor and audit permissions and access by individuals and applications
  • Data protection in the form of versioning and backup/recovery systems
  • Integration of additional metadata, document management, and workflow management tools to reinforce and accelerate business processes

If your cloud storage is not giving you the advantages of a managed cloud file service, let us know. We are happy to review your environment and suggest alternatives.

 

 

Beyond reducing

SBS End of Life: Microsoft Punishes Small Businesses

/in

 

Don’t get me wrong.  Companies retire products all the time; New product road maps are a necessary and valuable part of the technology ecosystem.  How a vendor decides to retire a product, however, can be very telling with respect to how they view and treat their customers.  Let’s talk about Microsoft.

Last week, Microsoft announced it’s server options for MS Windows Server 2012, due out sometime later this year.  The announcement included three major components that, while they seem to be unrelated, both impact small and mid-size businesses.  With Windows Server 2012, Microsoft is:

  • Switching from per server to per CPU licensing.
  • Eliminating Small Business Server
  • Restricting which Server licenses can run on virtualized hardware.

In press interviews and its announcements, Microsoft is very clear that businesses running SBS must either now purchase separate Exchange and Sharepoint licenses or must move to the cloud (hopefully Office 365).   The impact, however,  is actually much greater for businesses with fewer than 75 users.

  • Companies with 25 or fewer users can get the new “Essentials” edition of Server 2012.  This version cannot, however, run in a virtual environment.  Small businesses cannot, therefore, buy one server and run Windows, Exchange, and Sharepoint servers virtually without licensing the more expensive Server 2012 Standard Edition.
  • The move to processor-based licensing will also push cost increases on small businesses.  Many SMBs have purchased quad processor boxes to deliver performance and support virtualization.  With a 2 processor limit on Server 2012 Standard Edition, many customers will need to double the number of paid Windows Server licenses.

Microsoft has made it clear that they expect SMBs to switch from SBS to a file server and run Exchange and Sharepoint in the cloud.  This option, too, will represent significant cost increases for SMBs given Microsoft’s pricing model for Office 365 and the need to upgrade specific Office 2010 versions for full functionality.

If this move seems coercive, it just may be.  As reported in PC World, Office 365 has not been the smash hit Microsoft predicted.  The company is not releasing sales or usage numbers.  As a Microsoft spokewoman quoted in the article stated:

“We’re not breaking out customer, user, or revenue numbers at this time”

And according to IDC Analyst Melissa Webster, “They’ll give metrics when the metrics are meaningful, demonstrating scale and depth.”

So with lackluster performance, Microsoft releases a licensing and pricing model that “encourages” SMBs to move into the cloud or pay a heavy hardware and licensing penalty for upgrading in-house systems.

Fortunately, small and mid-size businesses have alternatives.  Google Apps for Business and other services offer more cost effective solutions for email, communication, and collaboration than Office 365. Beyond moving the Exchange and Sharepoint components of SBS to Google Apps, businesses can deploy secure cloud-based file services with full drive letter mapping and network place integration; access from PCs, MACs, and mobile devices; and integrated security and backup/recovery services.

Friday Thought: Building a Cloud File Service

/in

For many of the companies, non-profits, school systems, and local governments we work with, the desire to use the cloud is expanding beyond email and calendar.  These organizations are looking to move some or all of their file services into the cloud as well.

Motivation:

While the initial motivation is often to improve access to and sharing of information on projects, or in general, the planning process often reveals a greater value proposition. These secondary benefits derive from giving users direct access to data, and include, but are not limited to:

  • Reduced need for SSL VPN services and/or remote access, desktop, or virtual desktop solutions, resulting in lower hardware, software, networking, and support costs.
  • Reduced need for site-to-site links, enabling organizations to replace expensive point-to-point WAN links and MPLS networks with much less costly direct Internet access links.
  • Improved access to information from tablets and smart phones.
  • Reduced backup/restore costs, as physical infrastructure and in-house administration is replaced by cloud-to-cloud data protection services.

In short, cloud file services provide better user access to information, a simpler IT infrastructure, and lower costs.

Ecosystem

Many services exist to provide cloud-based file services and organizations are best off if they  review their needs before making a selection.  Beyond methods of accessing the service, be sure to review your permissions/security requirements with the features and function of the service.

Building a file service also means having the necessary components to ensure a robust ecosystem.

  • Affordable storage purchased as used or in flexible blocks
  • Drive letter access (DLA) or Network Place access from Windows desktops
  • Drive type access from Mac desktops, if needed
  • Access from mobile devices, including smart phones and tablets
  • Ability to integrate user identity with your LDAP, Active Directory, or SSO service
  • Availability of cloud-to-cloud backup/restore services
  • Encryption of data at rest and in transit
  • Ability to set permissions in accordance with your business needs, policies, and procedures

Execution

Moving to a cloud file service starts with understanding your requirements and the impact of the change on your computing environment and your end users.  Which aspects of the ecosystem do you need/want?  How will the change effect the user experience?  How will a new file service fit in with your other cloud solutions?  With an understanding of requirements, you can better match your needs to the available solutions and map out a migration that minimizes risk and enhances the benefits of the move.

 

Tuesday Take Away: 8 Ways that Clouds Beat Blizzards

/in

Once again, the team and I at Cumulus Global found ourselves working from our homes, pizza shops, libraries, and coffee shops.  An unusual and record-breaking October Nor’easter dumped about a foot of very heavy and wet snow on us, snapping power poles and trees like, well, twigs.  In our area of the state, most towns reported between 60% and 100% of residences and businesses without power.  Starting on Saturday evening, many will be without power until late Thursday or Friday.

Businesses tied to their physical offices, again, are learning the hard way how Cloud Computing can help keep things running when life throws the unexpected your way.

1) Message Continuity

If you run MS Exchange, Google Message Continuity not only provides you with bullet-proof spooling if your server or Internet link are down, you get Gmail’s web interface and the ability to send and receive emails.  And while most email contingency services dump all activity in your spool to your inbox (including sent message), GMC actually syncs your sent and saved messages, preserving your folders and your sanity.

2) Cloud Storage Mirror

Different than backing up for restores or recovery, synchronizing or mirroring local and network data to a cloud service gives you the ability to access and use your documents, usually through a web interface, from anywhere at anytime.  Matching the cloud service and the sync tool to your needs ensures your critical data is available even if your office is not.

3) Google Talk

With a laptop or smartphone, the Google Talk app, and an Internet connection anywhere, you can communicate with your team and your associates securely via instant messaging, voice conferencing, or video conferencing.  Don’t worry of phone lines or in-house PBXs are down, with Google Talk you can see who is available and converse at will.

4) Google Voice

Get your laptop to an Internet connection with a headset and microphone and you can send and receive calls without a fuss.

5) Hosted VoIP Phone Services

It may seem like the throw-back to the days of Centrex, but hosted VoIP (aka Hosted iPBX) services keep your phone lines working regardless of what is happening with your building.  And, you can access and use your lines, extensions, and voice mail from pretty much anyplace with either a VoIP phone, softphone software on your laptop, or your smartphone.

6) Cloud-Based Email

If you are thinking of using the cloud as a contingency service because cloud-based email is going to be available when your in-house system goes off-line, why not make the more reliable service the one you use every day?  Do you need or want to keep your in-house server when a cloud-based service will be more reliable and more available?  Ok, it’s a loaded question … but still worth some thought.

7) Cloud File Services

Just as with cloud-based email, Cloud File Services will prove more reliable and available over time, and especially during emergencies.  Granted, you may have applications, and work flow issues that make using cloud file services as your primary file service impractical.  But, you will never know if you don’t take a look. And, many of these requirements work with the right local sync technology in place.

8) Google Apps for Business / Government / Education

There, I finally said it.  Google Apps gives you the reliability and availability of the cloud-based Gmail, cloud storage you can mirror or sync, Google Talk, Google Voice integration, and a cloud file service.  Better yet, Google Apps rolls these services into an integrated, affordable package with access from most any computer and smartphone.  Some of the solutions may require third party components.  But, when disaster strikes (and disasters will strike), why not have an IT Ecosystem that is resilient to available rather than you you need to recover.

Protect Your Data in the Cloud

/in

When IT pros plan backup and recovery solutions for in-house systems, they start with the big events, such as server failures and disk crashes.  In reality, most restores are not as a result of a catastrophic loss.  Most restores are for individual files that were accidentally overwritten, deleted, or otherwise corrupted.

How is this relevant when your files are in the cloud?

Most cloud file services provide sufficient redundancy and resilience to prevent data loss due to hardware or software failure.  These services, however, cannot protect your data from the users.  Files stored in the cloud remain susceptible to deletion and accidental overwrites.    In addition, new desktop utilities that let users work locally and sync files between desktop and cloud increase your risk of file corruption.

What to do?

You do have some protections available.

Version History:  If your cloud file service has version history features, take the time to understand how and when the service saves versions.  Some services only save documents uploaded via their web interface or client, and not when documents are updated via drive mapping or folder desktop sync applications.

Cloud File backup tools:  Consider adding a backup tool to your cloud ecosystem.  A cloud backup tool will periodically move content from your cloud file service to another location periodically or continuously.  The data is stored in a format that facilitates restores to your cloud file service, and many backup tools let you download the backup set.

If you have concerns about your cloud-based data, or have questions about backing up your data in the cloud, please contact us.