There are issues to consider around security, access control and physical storage location. There is also a concern as to whether these services provide a key element that enterprise users are typically looking for: collaboration. An alternative is needed that provides enterprise-strength data control and management in the cloud, along with the anywhere, any device access freedom that consumer services are known for.



Consumer vs. Enterprise - Security


Security is consistently listed as a top concern of enterprises when they begin to look at cloud computing and cloud storage. Consumer-based services break most security rules set by the organization and are not designed to follow all secure data best practices. The first line of defense in data security is encryption. The base requirement is to ensure that data being stored and transmitted to the cloud is secure and unreadable unless users or administrators have the encryption keys. Interestingly, enterprise solutions that provide synchronization with the cloud should actually improve security. Oxygen Cloud for example, does this by encrypting data at rest on the users’ devices, and at rest at the cloud provider, as well as data in transit. Since these solutions are in full control of this cloud-committed data set they should protect it at all points in the process.


Some consumer services will claim that a rich security feature set like that described above will increase complexity and once the device has been compromised, any further encryption is rendered useless anyway. The details assumed by this ‘either / or’ mindset are simply not accurate. With an encrypted local cache on a user’s device, even if the device is physically compromised, the content would remain unreadable without the user’s account login credentials to authorize access. In addition, encryption keys can be managed so that they’re only valid from specific machines. Any new device would need to go through a re-authorization process. For example, if someone was able to copy data from the user laptop’s local encrypted cache to their own, the data would be unreadable on the hacker’s laptop since they would not have the device-specific encryption keys on their system. In this case, a cloud storage solution like Oxygen Cloud actually makes the data safer.


Security measures are not just limited to encryption and preventing data from being accessed. In the enterprise people come and go; they can leave a group or leave an entire organization. The problem with consumer-based cloud sharing models is that when a person leaves the entire data set that they were working on goes with them. Ownership of files and control over sharing should not reside with individuals managing their own shared folders; enterprise organizations must own and protect their data. Even if the user is removed from access to the shared folders the consumer cloud service was providing, any data on their local device is still usable. With the correct technology, access rights can be removed from that user when they leave the group or organization. Some services like Oxygen Cloud are extending this capability to even include a remote ‘wipe’ function, giving IT the ability to restrict data access from unauthorized users, and remotely delete data from lost or stolen devices.



Consumer vs. Enterprise - Control


Enterprise data needs to be controlled. This is not an IT power grab, but a required responsibility in this data centric era. While there are compliance and regulatory issues, as well as corporate governance policies, users are busy and don't always have the time to make sure the people being granted access to certain data sets are the ones that should be. When left to users this often leads to broad data sharing parameters that are too generic and provide too many people with access to too much data. Users also don't have the time to make sure that new data sets and mount points being created in the cloud are still being properly backed up and protected. The IT administration team needs access to this data so it can include these collaborated, cloud-based data sets within the protection process. This provides flexibility to the enterprise. They can count on the cloud provider to protect the data, they can protect it themselves or they can leverage both.


There is also a need for control over where that data actually resides. Again, there are some countries in which certain types of data are not allowed to be stored outside their borders. By leveraging a software solution that’s not tied exclusively to one cloud storage provider, the customer can decide which data center from which cloud provider will be responsible for storing that data. Some cloud solutions like Oxygen Cloud will even allow the use of a hybrid model where a private cloud can be set up for some data sets and a public cloud can be leveraged for others.


Finally, there needs to be master control over all users and groups. If fear exists that a group’s data set has been compromised, IT administrators need the ability to make sure that ALL keys for a particular user or group are invalidated, so that all access can be re-keyed. Centralized management of users is critical for an organization, but consumer-oriented services lack these features because they’re designed for individuals, rather than an enterprise.



Consumer vs. Enterprise - Collaboration vs. Sharing


Most consumer cloud solutions were designed primarily for backup, assuring the user there is an extra copy of their data. The more popular of these solutions extended this capability to provide data synchronization between devices. Some have now added the ability to share access to other users, but this was really designed more for consumer file sharing than realtime document collaboration. This is because in most cases consumer cloud services treat users like devices, the assumption being a single user will be accessing data from one device at a time. In a true collaborative model, people are not devices and multiple users may be accessing data at the same time, from a variety of their own devices. Without this important distinction it’s difficult to understand who is working on which file at any given point in time.


An enterprise solution should be able to support the ‘flow’ of a document as it is created, edited and finalized. For example, Oxygen provides automatic file versioning, file recovery, file locking, conflict detection and notification to support multiple users sharing and working on the same set of documents. The change in workflow is significant. Enterprise collaboration like this not only provides more than the basic file sharing and multiple device access that some consumer services do, but it actually can improve productivity.



Why is the Enterprise Different?


The enterprise can’t simply use a ‘good’ consumer based tool; it needs specific, team oriented solutions that provide the members with an effective way of sharing and collaborating on file based data. The administrators of these teams need to protect the enterprise’s assets by making sure that both the data is secure and the right users are accessing the right data. They also need to make sure that transient users no longer have access to data. For a cloud based collaboration tool to accomplish these goals without being overly complex in its own right, requires that all of these ingredients be part of the DNA of the product before the first line of code is ever written.

George Crump, Senior Analyst

Oxygen Cloud is a client of Storage Switzerland

- Consumer Cloud vs. Enterprise Cloud