Cloud Storage Behind the Firewall
Bridging the Cloud and BYOD GapBy
ownCloud's new commercial venture lets you manage risk and data exposure in a bring-your-own-device age.
If we are indeed moving to a post-PC world, then how exactly will data be accessed? A new commercial venture of a popular open source project shows one path to this future.
Earlier this week, the CEO of a certain popular tech company made a great deal of noise about “the post-PC” world. Naturally, it was in his best interests to make such hoopla, since he was promoting a new tablet device.
“Post-PC” is an interesting concept: It invokes images of a world in which we are all connected to all the information we could ever want or need through the use of devices that will seemingly know what we need before we do.
Putting aside the cognitive and learning science arguments that cast doubt on how the heck any of us will actually learn about anything in a society in which we can just be fed data on a moment’s notice, what would such a world look like? After all, nearly all of the data sits on servers, and all of those post-PC devices (smartphones, tablets, and the like) need to get at that data somehow.
For shareable data, the solution is relatively simple: put it on a web server. Even the most rudimentary e-commerce system can give you information about retail items and their prices, for instance.
But what about data you don’t want publicly shared, such as sales data from the same e-commerce website or customer data for your brick-and-mortar business that your sales team needs on the road no matter where they are and what device they want to use? Here things get tricky. Remote access to business data is complicated enough using laptops, cryptography, and VPN tunneling. Now try it while also trying to practice a bring-your-own-device (BYOD) strategy.
Go ahead, grab that bottle of aspirin any time now.
Complicating this situation even more is that business processes are starting to shift to the philosophy of non-siloed data. Decision making can be enhanced if employees have access to more data, no matter where that data is stored in the company.
To address this issue, many companies have implemented ad hoc practices to get data shared with employees’ devices. Anything from email, collaborative tools like SharePoint, to even Dropbox have been lashed up as portable data access solutions. But email is limited in finding things fast and storing them, SharePoint and other collaboration platforms have limited mobile usability, and Dropbox has one glaring problem: Corporate data is living outside the firewall.
This intersection of BYOD and cloud/private storage can present a real obstacle, but fortunately this is exactly where technology like ownCloud lives.
ownCloud is an open source project that enables users to access their data pretty much from any web browser on any device, no matter where it sits. The file and data sync application was put together by Frank Karlitschek and is nominally part of the KDE ecosystem.
The community project recently released ownCloud 3, which along with ownCloud’s existing photo- and music-sharing tools, featured an application store to extend ownCloud and a new browser editor to enable editing of text-based files.
But even bigger changes are on the way for ownCloud: the commercial venture of the same name will be launching on March 18 with a business-ready hosted solution that will deliver the features of ownCloud and ease of use that should encourage a lot more participation.
“ownCloud lets you create a cloud storage infrastructure inside your own company,” ownCloud CEO Markus Rex explained in a recent interview. “It’s much like Dropbox, but it lives behind the firewall, under IT control.”
That Rex is involved means some serious business is going on. Rex is an open source veteran, who was most recently Senior Vice President and General Manager of Novell’s SUSE Linux Open Platform Solutions, before the Attachmate acquisition.
Indeed, the management roster of ownCloud reads like a VH1 “Where Are They Now?” episode for SUSE Linux alums: Holger Dyroff is the VP of Sales and Marketing and Matthew Richards is VP, Products – both men have extensive SUSE experience as well. Additionally, ownCloud the company is maintaining close ties to ownCloud the project, having just named Karlitschek the CTO of the company.
Rex was careful to explain what the new commercial venture is not: a hosted cloud service.
“We are not a cloud storage vendor,” Rex emphasized. “We are a tool vendor that makes it possible for you to access your own data.”
Subscribers to the ownCloud commercial service will get the software tools and support to connect their data to whatever device a user wants to use. And that data can be anywhere: an internal file server, a Google Docs page, or sitting out on an Amazon Web Service instance somewhere.
“We’re not very picky about where the data lives,” Rex explained. “We can see data on any Linux-visible filesystem. This give customers a large degree of flexibility.”
The business venture should have a lot going for it. Already the open source project has had 380,000 downloads of the ownCloud v.3 product, and the community has translated the project into 42 languages. Indeed, it was the strength of this community that helped attract Rex to the venture in the first place.
“After I left SUSE, Frank Karlitschek asked me to take a look at his project,” Rex related. “Once I did, I really thought there was something there.”
Enough to start a new corporate venture, it seems.
ownCloud will be taking a purely open source approach to the company, to start. The idea is to generate a customer base by making ownCloud, which can be tricky to set up, an easier proposition for customers to configure and then provide support on top of the software as a service.
This support will be useful because, right now, it takes a bit of non-trivial effort to get ownCloud up and running. By hosting the ownCloud servers on the back end to coordinate how the clients talk to the data, the new company will be greatly simplifying the ownCloud feature set.
And simple goes all the way down: the subscription model itself is per user, not per gigabyte or any other kind of throughput. As I said, simple.
Another thing that appeals about ownCloud the company is the potential to deliver this technology across a variety of business sectors and sizes. A small business or non-profit, for example, could get a lot out of this kind of service, and – if the price is right – such organizations could have this kind of mobile flexibility without all the overhead.
This is exactly the kind of universal service that smaller organizations could use, particularly as they try to figure out their own BYOD policies. BYOD poses a potentially high risk to any company, and figuring out how to manage data in a secure way is yet another headache for IT managers.
ownCloud offers a way to handle this problem with little pain. By making it easy to get at data from practically any browser-enabled device, that part of the management problem is neatly handled. By using the same authentication policies you would have for the data when accessing it from inside the corporate firewall, the security risks are also sharply reduced.
IT managers should also find a lot of attraction to the feature of keeping one’s data to one’s self.
Although good reasons to opt into a public cloud are many, you have good reasons to avoid them, too, not the least of which could be security concerns. You could be patching your own systems diligently, but is the cloud provider providing the same patches for their own instances? What other kind of security protocols are in place, and what are the breach policies?
On the legal side of the equation, will the cloud provider meet compliance in the areas of data breach notification, data retention, auditing, and whatever other compliance regulations you need to follow? What are the local laws for the data center and how do they comply with your own corporate needs in terms of security?
These key questions need to be addressed when considering a cloud-based solution. But if you are using a tool like ownCloud, many of these questions about your data are already answered. The data is accessible, but still nicely inside your company’s legal and physical infrastructure.
What ownCloud is doing is no different from what any other Linux distribution vendor has done in the past: take a great piece of software and make it a more deliverable product. That the technology itself seems to bridge the gap between mobile connectivity and distributed data storage at the same time is just icing on the cake.
Powerful man-in-the-middle attack is now targeting online shopping.
Another high-profile coder says the kernel team needs a kinder, gentler culture.
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm
Report from the X-Force group says attackers are using TOR to hide their crimes
Future Firefox extensions will be compatible with Chrome.
Better read this if you bought your computer before 2011
Users should upgrade to the new version as soon as possible
Xen project announces a privilege escalation problem for Qemu host systems