Feeds

Aah, that warm sharing feeling. Just don't let the cloud rain on your firm

How to get biz-level file sharing right the first time, every time

Choosing a cloud hosting partner with confidence

Data is the lifeblood of every business. Without it we would know nothing of our products, our customers, our processes, our policies, our staff or our financial state.

Data is everything. Well, almost everything. Storing it is one thing, but it is irrelevant if the right people can't access it in the right way at the right time.

Role play

All but the tiniest businesses use shared filestore areas on servers that can be accessed across the company network. Access control is based on group and personal permissions to each folder, and the security layer is provided by the directory service of your server operating system – primarily, but not always, Microsoft Active Directory.

Role-based security, which dictates who has access to what based not on who they are but on what they do day to day, is a popular choice.

The concept is pretty simple, except when you try to define and enforce who owns which areas of data. At this point the will to live starts to ebb and you decide you'd rather herd cats or try to drink soup with a fork.

Eventually, though, you arrive at some kind of agreement, and so long as access control is done sensibly you are able to work usefully with your data.

Long distance

When your business spreads beyond a single location, you have to know how to make data accessible in more than one place.

Of course much of your London data will be accessed only by the London office and most of your Paris data will never travel outside Paris. Unless you have two entirely unrelated offices, though, you will have some kind of need for data sharing, even if it is just for common functions such as HR and financial reporting.

As long as there is some way to connect the offices together – whether it is a high-speed fixed link or a simple virtual private network (VPN) service using inexpensive internet connections – you can either configure “trusts” between the directory services at each location or alternatively have them as components of an over-arching umbrella directory service.

The concept of role-based permissions works superbly in this type of context because each location needs to know nothing about the people in the other; they simply define which roles have access to which data and let their distant colleagues assign roles to user IDs.

Global connections

If you have a London fileserver and a Paris fileserver, and a user in London wants to access a Paris file, it is easy enough for that user to navigate to the Paris server and find the file in question.

Imagine, though, that you have a couple of dozen offices around the world and you want to pull a file from Bob Smith's public folder. You know that Bob is in one of the US offices, but you can't remember which.

Wouldn't it be great simply to be able to navigate to a directory called \\mycompany\users\bob.smith without having to know where those files actually reside?

Distributed fileserver protocols such as Microsoft's DFS do precisely this. As well as including replication services (more about that later), they allow you to abstract a set of specifically named distributed filestores under a generic non-geographic structure and relieve the need for users to know anything about the underlying structure.

They are also clever enough to figure out where a user is located relative to the servers in the network (primarily by observing the time taken to move traffic between the client and the various servers) and maximise performance by doing cunning things such as authenticating users against their closest directory server.

Internet Security Threat Report 2014

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Want to STUFF Facebook with blatant ADVERTISING? Fine! But you must PAY
Pony up or push off, Zuck tells social marketeers
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.