Nasuni solves tricky cloud storage problems
Once again, I had a chance to speak with Andres Rodriguez, Founder and CEO, of Nasuni, and his colleague, Jennifer Sullivan, Vice President of Marketing. It was the first time I had a chance to meet Jennifer.
What Nasuni has to say about its solution to cloud backup and security problems
Secure deletion of files in the cloud is a tricky issue, mostly because the cloud architecture is so very different from a typical IT infrastructure. When files are uploaded to the cloud, for instance, there’s never any need to back it up, because the cloud constantly replicates data in different locations. That’s great when it comes to reliability, but when it comes to deletion that causes two problems, especially for organizations like law firms and healthcare organizations:
- No need for backups: When a file is deleted on the cloud, it’s gone for good, making accidental deletion by users a serious issue.
- Constant replication: Because the cloud constantly makes multiple copies of data and places it in different locations, there’s no guarantee that a copy of the file isn’t still lingering somewhere out there in the cloud. If the file contains sensitive information, this could cause liability issues.
Nasuni has announced it has come up with a solution that ensures files are irrevocably deleted, but that deletion occurs in a manner that’s completely safe against user error. In this way, customers can:
- Eliminate the possibility that user error will irrevocably delete files.
- Reduce the volume of storage in the cloud (and therefore associated costs).
- Reduce legal, security and compliance risks.
Quick take on how this trick works
Nasuni Filer captures snapshots of an organization's whole filesystem. These snapshots are encrypted so that only the organization can recover them. These snapshots are stored in the cloud but the pointer to them and some important directory information says local in the Nasuni Filer. Organizations can recover its files from any point in time captured by a snapshot.Nasuni understands that the cloud service provider makes multiple copies of data and places them in different locations to provide a higher level of reliability and performance. This means that they never have to back up data for their customers. It also means that organizations don't have to do additional work to back up their files. Personally, I would make sure that Nasuni's assertion here is true when I was contracting with a cloud storage service provider.
So, where is the problem?
Organizations don't control where those replicas are stored or who can access them. Organizations can't be sure that a replica is deleted when they do want them to disappear. Nasuni's encrypted snapshots help solve part of this problem. If the organization's data is hijacked somehow, it would be very difficult to anyone to obtain useful data just from the encrypted snapshot.Nasuni's Filer has a couple of other tricks. Nasuni's customers have the ability to set up policies telling the filer when to delete snapshots. The Filer can retrieve files until the last snapshot is retired. After that time the Filer has no pointer to the data and can't retrieve it.
Others that might capture the raw data before it is reused by the cloud storage supplier would not be able to do anything useful with it because it is encrypted and because important directory information is not stored in the snapshots.