This is kind of random, but here's an article about how the backup software on a laptop led to the capture of the bloke who stole it: http://perens.com/works/articles/Burglar/
Make sure you automatically backup those pictures!
Wednesday, May 6, 2009
As a follow-up to my last post, I have been looking at what solution would provide the most secure, extensible, and easy-to-use solution to storing documents online for small businesses. Here is what I have come up with to this point.
Most solutions that I have seen or read about involve either implementing WebDAV, custom web service-based API's, or a combination of the two. They both have their advantages and disadvantages:
Advantages are that no custom development is required on the protocol side, it's a widely-used standard, so it would be interoperable with many systems and clients, and it is easily secured.
It is an interesting solution because, as it's named Web-based Distributed Authoring and Versioning, it was intended for content-management systems but appears to have been extended to general file-storage. Therefore, it may not have the complete feature-set that is required by users when storing and sharing their files.
Custom APIs definitely have the advantage that you can program them to do anything you want without breaking a standard like WebDAV. However, the upfront and maintenance costs may be prohibitive and anything you develop would not be interoperable with other systems.
So, looking at these two options, I would opt for WebDAV. For a proper solution, it would have the following requirements:
1. Be Secure
- SSL-based transport
- Strong Authentication
- Encrypted on disk
- Be mountable as a drive in Windows
- Synchronize automatically (assuming local file cache)
- Automatically mount without user interaction
- Search is where it's at. Perhaps a local searchable index would be a solution to this requirement.
So, what I am thinking is this:
- WebDAV-based solution with Apache, mod_ssl (for secure transport and authentication), mod_dav (for WebDAV support)
- Client-based certificate for machine-based authentication
- Ability to mount the system as a drive
- Local Index for search
- Optionally, a web-based console for remote file access
- Ability to share documents, or a subset of documents with partners. They could access the system web-based using short-term certificates.
- Local file cache to optimize speed.
- A device that plugs into a local network that handles all of the above functionality and presents a file share. This is where the rubber hits the road!
Friday, May 1, 2009
This represents my currents thoughts on the topic of online document storage. It's Friday night and I've got Ted Turner on CNN, so perhaps my thoughts are not the most coherent.
Nonetheless, here goes:
When I talk to many small business owners about online services, they want to talk about their documents. The common requirements tend to include:
1. Be able to have quick and reliable access to their documents
2. Access the documents from everywhere
3. Share documents with business partners
4. Do all of this in a very secure manner.
So basically they want to have their cake and eat it too.
The discussion inevitably guides itself towards online document storage. Google Docs, Windows Live, etc. It seems perfect: Your documents are available from anywhere, you can share them with others, and it's relatively easy.
So I ask: Why don't you sign up then?
The answer varies from: "Well, you know Google is indexing my documents." to "I don't want Microsoft holding all of my docs." to "I don't trust those sons of a *gun*!"
So, the short answer: TRUST
My question for providers of online document storage: How do you convince your clients that
a) Their data is safe from intruders?
b) Their data is safe from you?
c) Their data is safe from system failure?
Further thoughts that I may write about later include providing a service to your clients that's seamless, flexible, and secure.
In the mean time, any thoughts are welcome.