File Storage in the Cloud: Still a Long Way to Go

I love Dropbox. Couldn’t live without it. You can pry it from my cold, dead hands.

But it’s still only the tip of the iceberg in functionality. With many more companies, most recently LogMeIn (with their Cubby service) entering the fray, we will hopefully see  a richer set of features that deliver what users really need. There’s a ton of entrepreneurial potential in this space and the race is far from over. Not to mention the specific requirements that non-US customers may have in the areas of security and regulatory compliance. More on that later.

Here’s what I want from my cloud storage provider:

Integration into my desktop that is easy to set up and easy to use. Think Dropbox. But: I also want the system to scan my network and discover attached drives and NAS drives. And to ask me to set up policies for these resources as well. And keep monitoring the network and keep reminding me to check the policies.

Whatever goes into the cloud should be filtered and encrypted.

Filtering policies may vary by user requirement. Possible parameters include file types and file sizes. I may have ripped a Blu-ray disc to my NAS and may not want 50 GB of easily replaceable material to be uploaded into the cloud. The price (storage size, upload bandwidth) is too high for the value.

Encrypted in this context is understood to mean zero-knowledge (aka operator-shielding) encryption. The keys don’t leave my control and the service provider cannot read my data. Period. Yes, this obviously has some interesting technical and, more importantly, legal implications. But I believe those can and need to be dealt with.

But this is not enough. Because I basically do not trust my cloud provider:

  • to not read my data. Or to suffer a break-in. This is of course already taken care of by the zero-knowledge architecture.
  • to not lose my data. Or the encryption keys. Or to just go bankrupt. Or offline.

So what I really want (no joke) is for a cloud-connected NAS box (think TimeCapsule) to sit somewhere in my network. This can be a 2nd-level cache of the cloud contents or, depending on usage scenarios, a local proxy for the cloud.

I will want to select if the data on that box are encrypted or not. If encrypted then I will want specific key management and recovery solutions. A variety of options come to mind.

I will also (at least I think I do) want the option of a second NAS box to serve as an off-site mirror for my local NAS box. And I’ll put that into another geographical location for complete disaster recoverability. And hook it to the network there so it can be updated all the time. This box I would like to stay encrypted at all times.

What would I pay? Well, a 3TB TimeCapsule currently retails for USD 499. I’d test the market with an appliance form factor and subscription-based pricing and I’d try out a price of USD 400 p.a. for the consumer edition and of USD 999 p.a. for the small business edition.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s