Happy New Year! I’m back with part 5 of a nine-part blog series that describes the requirements for hosting primary unstructured enterprise data in the cloud.
This entire blog series includes an introduction and the following set of requirements:
• Accessed like traditional storage
• Easy to use enterprise features
• Comprehensive data integrity/protection
• Data security/privacy
• Continuous availability
• Non-blocking performance
• Administrative transparency and control
• Provides good investment value
When talking to enterprise IT professionals (our customers), the second-most frequently-referenced concern/consideration (second only to “don’t lose or corrupt my data,” which was covered in my last post) is “don’t let anyone else see or steal my data.”
As this first post of the year comes right after Network World has named Zetta as one of the “10 Storage Startups to Watch,” I would like to say that it is certainly rewarding to see editors such as Jon Brodkin recognize that while “many companies are concerned about the safety of trusting their information to a third party, to help ease those concerns, Zetta has built a system that encrypts data at rest, and can withstand multiple hardware and network failures without losing data.” There are certain baseline security/privacy criteria that must be met prior to trusting a cloud storage solution with primary copies of enterprise data.
Wireline encryption: Using a storage service (as opposed to an inside-the-firewall solution) clearly implies a need to secure the data in transit from the enterprise to the service. Fortunately, this is increasingly facilitated by the protocols themselves. Most file transfer protocols and Web-optimized storage protocols have encrypted versions readily available today, including sFTP, FTPS, and Secure WebDAV, run over HTTPS. Even traditional storage access protocols are building in wireline encryption in recognition of our increasingly Internet-driven existence, such as NFSv4.
While we encourage customers to use these encrypted protocols, there are clearly use cases that require the use of unencrypted protocols. The solutions here are also tried and true — either encrypt prior to sending the data, contract for a dedicated network link, or work with the service provider to put in place a secure tunnel, such as a VPN.
Logical partitioning within multi-tenancy: By some definitions (certainly mine), a service must be multi-tenant before it can be considered a “cloud” service[i]. In order for enterprise IT professionals to have confidence using a cloud storage service for enterprise data, they must know that their data cannot be accessed while resident in service infrastructure. The first step to this is to ensure logical separation between customers at the “front door” of the service infrastructure — the initial customer access point to the service. Virtualization makes this easy — simply house every customer’s mountpoint as a unique URI within a distinct virtual machine instance. This way, you know that your access point is completely unique to you, and is not a shared resource comingled with other users.
At-Rest Encryption: By far the most significant feature to ensuring data security is default encryption at rest, supplied by your service provider at no additional cost. Ideally this should be facilitated by a full Public Key Infrastructure (PKI) backed by FIPS 140-2 compliant key repositories, with advanced bit encryption, a robust key rotation scheme, and ideally per-customer or per-volume keys. Strong encryption at rest is really table stakes for any enterprise-class data storage service.
To reiterate a common theme across these posts — it is important to remember that these are the baseline requirements that your cloud storage provider should take in consideration from the development phase. These types of customer requirements drove the design of the Zetta storage solution, which was built specifically to house enterprise primary data in the cloud.
I’ll be back in a few days to touch on the next requirement, continuous availability architecture.
[i] Note that this is not a statement unique to storage services, but to any kind of service.