Feeds

Aah, that warm sharing feeling. Just don't let the cloud rain on your firm

How to get biz-level file sharing right the first time, every time

HP ProLiant Gen8: Integrated lifecycle automation

Data is the lifeblood of every business. Without it we would know nothing of our products, our customers, our processes, our policies, our staff or our financial state.

Data is everything. Well, almost everything. Storing it is one thing, but it is irrelevant if the right people can't access it in the right way at the right time.

Role play

All but the tiniest businesses use shared filestore areas on servers that can be accessed across the company network. Access control is based on group and personal permissions to each folder, and the security layer is provided by the directory service of your server operating system – primarily, but not always, Microsoft Active Directory.

Role-based security, which dictates who has access to what based not on who they are but on what they do day to day, is a popular choice.

The concept is pretty simple, except when you try to define and enforce who owns which areas of data. At this point the will to live starts to ebb and you decide you'd rather herd cats or try to drink soup with a fork.

Eventually, though, you arrive at some kind of agreement, and so long as access control is done sensibly you are able to work usefully with your data.

Long distance

When your business spreads beyond a single location, you have to know how to make data accessible in more than one place.

Of course much of your London data will be accessed only by the London office and most of your Paris data will never travel outside Paris. Unless you have two entirely unrelated offices, though, you will have some kind of need for data sharing, even if it is just for common functions such as HR and financial reporting.

As long as there is some way to connect the offices together – whether it is a high-speed fixed link or a simple virtual private network (VPN) service using inexpensive internet connections – you can either configure “trusts” between the directory services at each location or alternatively have them as components of an over-arching umbrella directory service.

The concept of role-based permissions works superbly in this type of context because each location needs to know nothing about the people in the other; they simply define which roles have access to which data and let their distant colleagues assign roles to user IDs.

Global connections

If you have a London fileserver and a Paris fileserver, and a user in London wants to access a Paris file, it is easy enough for that user to navigate to the Paris server and find the file in question.

Imagine, though, that you have a couple of dozen offices around the world and you want to pull a file from Bob Smith's public folder. You know that Bob is in one of the US offices, but you can't remember which.

Wouldn't it be great simply to be able to navigate to a directory called \\mycompany\users\bob.smith without having to know where those files actually reside?

Distributed fileserver protocols such as Microsoft's DFS do precisely this. As well as including replication services (more about that later), they allow you to abstract a set of specifically named distributed filestores under a generic non-geographic structure and relieve the need for users to know anything about the underlying structure.

They are also clever enough to figure out where a user is located relative to the servers in the network (primarily by observing the time taken to move traffic between the client and the various servers) and maximise performance by doing cunning things such as authenticating users against their closest directory server.

Eight steps to building an HP BladeSystem

More from The Register

next story
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Seagate chances ARM with NAS boxes for the SOHO crowd
There's an Atom-powered offering, too
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.