Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The IPad data dilemma: Where cloud storage can help

Mel Beckman | Feb. 22, 2011
Tablets and cloud storage seem like a marriage made in heaven, but it takes third-party apps to bring them together

No single provider delivers all of these features. In its team edition, Dropbox (one of the most widely adopted services) lets users create a group service for five or more members, with a shared storage pool and individual quotas, centralized administration, access logging, and the ability to retrieve previous versions of a file. The team package costs less than an equivalent number of individual user accounts.

Box.net's Business and Enterprise offering sports similar features and additional collaboration capabilities, including fine-grained permissions control for arbitrary user groups, audit reporting, and custom branding. The latter feature is especially helpful when sharing content with external partners, by making data ownership more visible.

Ironically, Google offers no specific Google Docs app for either tablets or phones, opting to deliver a cross-platform mobile-optimized Web portal instead. However, all Google services, including Google Docs, support open APIs that let third parties build apps to access files stored on it; Documents to Go, GoodReader, and Quickoffice all connect to Google Docs this way.

Keeping cloud-stored data secure Business users like what they see with tablet cloud capabilities, but want specific security features, such as encryption and two-factor authentication, that aren't usually part of basic cloud products and apps.

Entry-level cloud services don't generally offer any security beyond a basic user ID and password. Data transfers and cloud storage are both unencrypted. Most cloud services, at least in their business offerings, encrypt data during transmission, usually via the SSL/TLS (HTTPS) protocol. (Dropbox is an exception: It encrypts even free account data transfers via SSL.)

But data residing on the provider's servers could be vulnerable in the event a user account -- or the provider itself -- is compromised. Businesses can always encrypt data at the client end to ensure security, but then they must manage a key distribution process to share files with other users. This also defeats the compression and deduplication feature offered by some cloud providers.

An alternative is provider-implemented "at rest" encryption. Amazon.com's S3 service supports this capability, with user-generated secret keys that Amazon.com stores on behalf of the client. This lets Amazon.com implement compression and deduplication while adding an at-rest encryption layer. Any intermediary provider, such as Dropbox and Spot Documents, running Amazon.com's S3 as a back end can provide this encryption for its users. Some intermediary providers implement their own encryption and escrow the user's secret keys themselves. For example, Box.net offers 256-bit AES encryption with its enterprise-class service.

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.