It’s no surprise that interest in storage in the cloud has been rising: Storage in the cloud can be less expensive than storing data yourself, and it can be more scalable, more efficient and more secure.
Of course, that assumes you do everything right. Done wrong, cloud-based storage will gain you little. Worse, it could get you and your organization into a lot of trouble.
With a cloud storage solution, you send your data to a storage provider and let the provider manage it. It sounds simple, and, in concept, it is. On your end, cloud storage means that you determine what needs to be stored, encrypt that data, and then transmit it across the Internet (or another network) to the provider’s site, where there is a repository that’s shared among many companies. The provider keeps track of where your data is and makes it available to you when you need it.
It’s unclear exactly how many companies are offering cloud storage services because the number changes almost on a daily basis.
Adding to the complexity of picking a provider is the fact that there are different types of providers for different storage tasks. Some providers, such as Iron Mountain, focus on storing enterprise data that would otherwise reside on an on-site SAN. Others, such as Mozy and Carbonite, focus on individual desktop computers and servers for small businesses. (With that said, Mozy’s biggest customer is General Electric.)
Enterprise-class storage providers such as Iron Mountain provide very high performance, significant scalability and high levels of security.
Northwestern Medical Center in St. Albans, Vt., uses Iron Mountain to store medical images older than five years. The hospital is still migrating X-ray, MRI and other images, but is already pulling down some images from the cloud. According to IT Team Leader Dennis Boucher, performance is “pretty amazing.”
Boucher said that because his data must meet a number of compliance requirements, including HIPAA, security was also critically important. “[Iron Mountain is] highly secure, they have very secure sites, they use encryption, and they’re using a VPN tunnel to secure the transmission,” Boucher said.
But not every enterprise works the same way. When General Electric signed on with Mozy (a division of EMC), the goal was to have a reliable means of backing up employee desktop computers.
According to Dave Robinson, Mozy’s vice president of marketing, about 300,000 GE employees use Mozy, with the company managing the process via a Web-based administrative console.
Most of Mozy’s and Carbonite’s customers are small and midsize businesses, and the services are publicly available for individual use. Carbonite just announced that it’s offering a new service aimed at larger businesses. The new service, Carbonite Pro, will back up servers and network-attached storage.
Finding the Right Solution
Finding the Right Solution
There’s more to finding the right cloud storage provider than just looking for the lowest cost. What matters more is that the cloud storage provider meets your needs. You need to make sure it is able to work with your company’s enterprise environment, that it meets your security requirements, and that it is going to be in business in the long term.
It’s important that any cloud-based storage service you choose is easy to use. These services are designed to have little or no impact on the IT staff. In fact, one of the primary markets for cloud storage is companies that have no IT staff. To be useful, setup and operation need to be as close to automatic as possible.
Iron Mountain, for example, delivers a preconfigured appliance to customers to manage the storage. Other services provide a client software package that performs automatic online backup. In each of these examples, the data is encrypted before it leaves the computer where it resides and rides a secure, encrypted link to the storage facility.
Make sure the company you go with stores data in functional, enterprise-class data centers. This will not only help ensure that your data is safe, but will also serve as a reliable means of disaster recovery.
You also need to ensure that your storage provider meets all of the regulations that apply to your organization in regard to data storage. This means, among other things, that you need to ensure a level of encryption appropriate to the sensitivity of the material being stored. You need to know that the storage site for your data will meet compliance requirements, and your auditors must be able to confirm this. The storage provider must be willing to have auditors appear on-site and see for themselves where your stuff is being stored, and confirm that it’s safe and that the physical security standards are up to snuff.
In some cases, you must be able to prove that your data isn’t being transmitted or stored outside specific political jurisdictions. For example, sensitive data from European customers must reside in servers that are in Europe and must not travel outside Europe on the way to being stored. Likewise, some types of data in the United States must reside in and be transmitted only in the United States.
Perhaps most importantly, you have to make sure your organization is ready for the cloud. You need enough bandwidth to handle storage, you need to know what you have to store and how much of it there is, and you need to know what level of performance you require.
Contributing Analyst Wayne Rash can be reached at [email protected]