This blog post is a reprint of an article first published on Experts Exchange as part of a series on cloud strategies and issues for small and mid-size businesses.
Cloud file services can fill many different roles for your business. Often, the use of cloud file services begins with employees using consumer products, like Dropbox, to share files with customers and each other. While sync-and-share can be an effective way to manage files, you should always rely on the business editions to ensure that the business is in possession of, and is managing, your data.
That said, this use of sync-and-share tends to be transient in nature. At the other end of the spectrum, many businesses are replacing on-premise servers, NAS, and SANs with cloud file services, which become the primary file service.
To help you plan how to create the best file service for your business, consider these working definitions and considerations with respect to data protection and management.
Transient File Service
- Transient file services are used occasionally for storage and sharing of files.
- Often a sync-and-share service (Dropbox, box.net, etc) or a peer-to-peer service (Drive, etc.), files are copied to the file service and shared.
- In most cases, files sync back, or are manually copied, to their primary location. As the primary location for files is protected by backups and permissions management, transient file service generally don’t need or have backup protection.
- Permissions management is often the responsibility of the individual users. As such, transient file services should not be used for sensitive or protected (PHI, PCI, etc) information.
Secondary File Service
- A Secondary File Service will fill the role that the Transient File Service provides, but will also be the home — the system of record — for some information.
- Companies create Secondary File Services to handle information that is used collaboratively, but wants to keep internally-used data and critical business information in-house. An architecture firm, for example, might have active projects residing in a cloud file service while keeping past project data and internal operations (HR, finance, accounting, strategy) on in-house systems.
- While sync-and-share can serve the needs of secondary file server, peer-to-peer and managed file services provide better control over your data.
- As a Secondary File Service will be the system-of-record for important information (i.e., the data is not synced or copied to other storage), these file services should be protected by Backups.
- Secondary File Services may or may not be used for sensitive or protected information. If they are, then active permissions monitoring and management is advised to prevent inappropriate disclosures, leaks, or breaches.
Primary File Service
- A Primary File Service becomes the system of record for most, if not all, of your company’s files and data. As such, the cloud file service will hold sensitive and protected data. Access, permissions, and protection are as critical in the cloud as they are on-premise.
- Backup/recovery and active permissions management become critical components for ensuring data reliability, security, and privacy, and may be required for regulatory or industry compliance.
- While smaller businesses can use the peer-to-peer, larger businesses or those with larger numbers of files find that a managed and structured file service works better.
- Centralized ownership and control over permissions improves security and efficiency.
- Sync-and-share services may still be used to support off-line work, but should be managed closely to ensure sensitive and protected data remains secure.
- A Hybrid File Service exists when the Primary File Service is split between on-premise servers and cloud-based file services. A Hybrid File Service differs from the use of a Secondary File Service in that the Hybrid File Service sees both on-premise and in-cloud as equal components of the ecosystem. Data location is based on access needs and usage rather than on the type of data.
- For some organizations, Hybrid File Services represent a transition period from on-site to cloud file services. For others, Hybrid File Services reflect a broader hybrid cloud strategy that mixes SaaS and IaaS services with on-premise systems.
- As Hybrid File Services create a cloud-based extension of on-premise servers, a managed file service with central ownership and permissions control is most often the best structure.
- With a Hybrid File Service, the cloud component requires backup/recovery and permissions protection on-par with your in-house servers.
By understanding and defining the role of your cloud file services, you have a better understanding of the type of service to use — sync-and-share, peer-to-peer, or managed file services. You can also best determined the level of backup/recovery, access, permissions, and encryption you want and need to meet your business’ needs and any regulatory or industry requirements.