Slashdot Mirror
Ask Slashdot: Secure DropBox Alternative For a Small Business?
First time accepted submitter MrClappy writes "I manage the network for a defense contractor that needs a cloud-based storage service and am having a lot of trouble finding an appropriate solution that meets our requirements. We are currently using DropBox and I am terrified of seeing another data leak like last year. Some of our data is classified under International Traffic in Arms Regulations (ITAR) which requires that all data to remain inside the US, including any cloud storage or redundant backups. We tried using Box as a more secure replacement but ended up canceling the service due to lack of functionality; 40,000 file sync limit, Linux-based domain controller compatibility issues and the fact that the sync application does not work while our computers are locked (which is an explicit policy for my users). I've been calling different companies and just can't seem to find a decent solution. Unless I'm severely missing something, I'm just blown away that no one offers this functionality with today's tech capabilities. Am I wrong?"
You want "Someone Else" to manage your data that is classified under ITAR? Uhmmm... Why don't you build your backup solution - put links in to remote data centers and handle the problem correctly and professionally. The last thing we need is some external entity getting a hold of this stuff because you don't want to have the budget to do things right instead of at a consumer level.
Gah - I can't believe this is even a question
I have mod points and I am not afraid to use them
"I manage the network for a defense contractor that needs a cloud-based storage service" No you don't. At least I sure as hell hope you don't. Cloud + defense don't mix but since you are managing such a network, why am I telling you this? Why don't you contact 'defense' for options...
I know that Amazon Web Services have several cloud-based sites that are certified to not allow traffic out of the US (I work there currently). I don't know how it fits your other needs, but there are a number of government agencies that use them.
Someone needs to write a RAID 0 style encrypted 'driver' that stores your data striped on Google Drive, Skydrive and Dropbox (and what ever else).
EMail: 0110001101100010010000000110001101110010 0110000101111010011011100110000101110010 0010111001100011011011110110
Could you not add a layer of encryption to Dropbox, such as BoxCryptor (https://www.boxcryptor.com/)?
I don't know if they keep data elsewhere that *isn't* in the US, but you could look at both SpiderOak and Bitcasa. (throw .com on the end of each). Both claim to encrypt data on the client side before upload. SpiderOak has a "hive" feature that operates pretty much just like Dropbox. Bitcasa is a little different but you may be able to shoehorn it into a solution if you need to.
Another option you could consider would be grabbing an S3 account from Amazon (or Rackspace Cloud Files could work too), keep your data in the US, and then create your own background client or script to encrypt the data on your machine and then upload it. There are several apps out there that can upload data to one of these cloud providers - there's Forklift in the Apple store and the popular "Cyberduck" which has support for both options. (I happen to be a Mac user so I'm not sure what Windows/Linux alternatives are there, but both have APIs so it's possible to roll your own if you want).
You could also consider virtual machines and mounting them as NFS for shared storage. Obviously some form of encryption would be key here since this is all going over the internet.
I can't guarantee any of these options will work for your use case (especially with your ITAR regulation requirements), but they may be a place to start.
Good luck!
Comment removed based on user account deletion
I've worked contingency operations and recovery for data under federal regulations. You will NEVER find a service that will provide the kind of security, financial and geographical restrictions that you really need. That is the single most compelling reason why banks have backup data centers...
errr....umm...*whooosh* *whoosh* Is this thing on ?
Store it on a server at your business that you control.
Run open-source software which gives you DropBox functionality, such as BitTorrent Sync.
The only way to be sure is to host it on a server you control, using software that can be inspected.
Sparkleshare is a git based program that you can configure and use entirely in-house. . I use it for hosting our IT documentation for a small city government.
Why would you be looking for a provider for classified info instead of looking to create your own solution? Google ownCloud. Works just like Dropbox, opensource so you can always change it to fit your needs if it's missing something.
I am surprised no one else mentioned this yet, Wuala encrypts locally then uploads to their server. But its feature set isn't quite on par with DropBox yet....
You host it yourself, control the data/features. Supports LDAP authentication. Client software is pretty quick. There is commercial support if you need it. Gracefully recovers from network loss. Oh and it has the appropriate iOS and Android clients. I have been slowly rolling it out in production without any complaints so far. Hope that helps!
- Too lazy to login
I believe SpiderOak provides some encryption that you might think meets your needs, but I also agree with others that by the time you're asking this question something has already gone tragically wrong.
Of course there's always the counter argument that your data has in fact already been hacked and pretending you can keep it secure is just self deception.
fencepost
just a little off
I'm sure he does not mean 'Classified' information. He means classified under ITAR. It was probably a poor choice of word to use classified rather than categorized.
I'm very intrigued by the fact that you actually want to use an external cloud based storage solution. I would have thought that defense would have required not to use a third party for remote file storage. The best solution would be to "roll your own" and set up something in a private cloud hosted in a datacenter that meets your requirements. If you are a VMware shop, you should seriously take a look at Horizon Workspace as it provides a Dropbox like product that would be a great fit. If you want to run this on a budget, check out OwnCloud. I use that myself to keep home/work documents in sync between machines and always wanted the equivalent of Dropbox but syncing onto my own servers.
needs a cloud-based storage service
You want to put classified data on someone else's servers? You're putting a HUGE amount of trust in the laziest/least ethical/most incompetent sysadmin that company hires. Why in hell would you think you "need" cloud-based anything?
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
I know that Amazon Web Services have several cloud-based sites that are certified to not allow traffic out of the US (I work there currently). I don't know how it fits your other needs, but there are a number of government agencies that use them.
Look here -> https://aws.amazon.com/govcloud-us/
Pay somebody (contractor/consultant) who knoes what he does. Seriously, man. Ask for a 10 page concept with the tree best options fulfilling all your specific requirements (which you probably did not mention here), and offer him to implement it if you like one of these.
My 2 cents on this: To me it is completely non-obvious how dropbox could have ended up in the stack of possible solutions - to little control, intransparent business model, other use case is the dominant one. I would start by looking at the obvious storage providers (amazon, telecoms, specialized local/regional/natinal storage providers), compare them by the options/price they offer, look separately at software fulfilling my local needs and being capable of talking to the storage providers. Then i would create local scenarios about additional dedicated hw needed and after that i would make my choice/give the best options to my manager to select, based on business criteria.
I just looked at it. I need an account with them to encrypt my files? And it seems that my files may even transfer to them before encryption and after decryption. or am I missing something? And the video even is narrated by someone with a foreign accent and shows the names of encrypted files change to something that looks like Chinese????? If I'm going to encrypt my files for security or safety or even privacy, I'm certainly going to do it on my own computers, not with something where I need an "account" with someone else to have them encrypted. Adding a layer of encryption would be nice (although likely not good enough to protect ITAR data properly), but doing it after the data leaves the computer is just crazy talk.
I'm an American. I love this country and the freedoms that we used to have.
EMC's Syncplicity allows you to have a "cloud" backup that's actually domain authenticated and resides in your own data center. Some of the Dropbox-esque features people want, with the in-house security.
Some of our data is classified under International Traffic in Arms Regulations (ITAR) which requires that all data to remain inside the US, including any cloud storage or redundant backups.
It is much tighter than that. You must ensure that only "US Persons" have access to that data without appropriate export licences/approvals/agreements. Can you guarantee that no foreign national, dual citizen, or employee of a foreign company is working at your cloud host or in any data centre that might be housing your data?
Patent litigation: A doctrine of Mutually Assured Destruction... in which everyone seems willing to push the button
I would suggest AeroFS it's P2P sync, they support multiple users and let you use your own Amazon EC3 instances if you want. It is fully encrypted.
null
I'm not in defense (and never will), but isn't (public key) encryption not invented to keep something secure in a unsecure enviroment (i.e. internet). Encrypt your files with very decent encryption, such as PGP/GPG, and upload to dropbox or whatever. Manage keys well.
SFTP, the cloud can go **** itself.
Tomorrow is another day...
There is no way to ensure that any third party company is going to protect your ITAR data, so you can't use cloud based storage. Tell your boss it's (1) a bad idea and (2) you are not going to jail to make it happen.
"I manage the network for a defense contractor that needs a cloud-based storage service and am having a lot of trouble finding an appropriate solution that meets our requirements. We are currently using DropBox and I am terrified of seeing another data leak like last year. Some of our data is classified under International Traffic in Arms Regulations (ITAR) which requires that all data to remain inside the US, including any cloud storage or redundant backups.
If you want Dropbox's functionality; I suggest you use Dropbox.
However: DO NOT ALLOW ANY CONTENT REGULATED UNDER ITAR into a cloud service
Second: DO NOT ALLOW ANY CLASSIFIED MATERIALS into a cloud service
One possibility would be to implement Active Directory Rights Management Service (RMS) inside your organization. And set a policy that All sensitive documents must be composed using Microsoft Office, AND Users must encrypt all sensitive documents before saving them
If your clients are running recent versions of Windows; there are some interesting things you can do to make sure that files get saved get encrypted. You can also use various third party scanning and Data Leak Prevention software products to help you with making sure RMS rights templates get applied to existing documents' that got stored on enterprise users' workstations
If the file is RMS protected; in theory, Dropbox doesn't matter as much, because if someone accidentally places a file there; the file was encrypted, anyhow --- it can't be decrypted, unless your RMS server says it's OKAY and issues out a license to open the document (which contains the necessary crypto keys).
You just need to be very firm about your security labelling and encryption policies for sensitive documents.
HORIZON WORKSPACE!
https://www.vmware.com/products/desktop_virtualization/horizon-workspace/overview.html
"Flyin' in just a sweet place,
Never been known to fail..."
To get a ruling on whether you may do what you want. Otherwise, as others have noted, you may be very deep waters (not only will you be in violation, but anyone in the organization using the service will be, and you will have induced them to do it. Think serious civil as well as criminal consequences).
From a technology angle, it may be "possible" if the folks in charge sign off.
"All" you need to do is encrypt the data before it goes offsite, encrypt it well enough that the data is protected commensurate with its value, etc.
For commercial users, https://jungledisk.com/ provides a very usable interface and GUI. Of course, if the client isn't trustworthy (and you have to take their word for it ;>) that goes out the window even if the algorithms are secure themselves ;>
I use it for some SOHO confidential data; it wouldn't be the end of the world if the data were disclosed, but we have committed to make good faith effort(s) to keep it secure, so we do (rather than moving files to subs via email, etc.). Not all subcontractors could handle sftp and friends.
If you need to access your data remotely and securely, why not just use sftp or ftps to log in to your in-house server? That way you can keep logs on the users that connect, set up who can access what, and have the traffic encrypted. I don't know why everyone is so hooked on "the cloud".
You should look into sharefile. It is a secure alternitive to drop box. You can also optionally host an on prem appliance while still utilizing their cloud based access and front end.
Check out this on prem option from Varonis http://www.varonis.com/products/datanywhere
LiteTree Litecoin Exchange
4: Maybe the best solution is for the OP's firm to spend the dough, and create a remote recovery site here in the US.
Unmanned remote sites are not hard to make, they can be stored in a secure area (there are lots of unmarked data centers used as co-locs with each customer having cages for both their equipment and their dancers.)
Get with a FISMA certified provider. Get a backend SAN, or a SAN dedicated for backups. Add a read-only domain controller and a CIFS data mover.
Call it done. Data stays encrypted, because it goes through routers that encrypt links, and can be encrypted at the drive end, or anywhere in between. To boot, it stays in the US.
No staff needed at the remote site if done right. Set up iLO, remote rebooting, and remote consoles.
No rocket science here... take a server, lock it in a cage, tack a pipe to it, and move on.
SpiderOak (https://spideroak.com/business/) encrypts locally before putting the data into their cloud and supports linux AD.
Worth looking into, I guess.
So - your use of terminology would lead me to think that you haven't been at this too long (I apologize in advance for the snark if that is not the case). If you deal with certain information, you would certainly NOT use the term CLASSIFIED in discussing the status of that information. CLASSIFIED has a VERY specific meaning in certain domains - including the domain that you seem to indicate that you work in. If you are, indeed, handling such information, I would suggest running, not walking to your FSO for a conversation. It will probably be fairly brutish and short. If, however, you are dealing with ITAR regulated information, then you have a different set of issues. You may not export the data without a permit, but you don't need to control it specifically within the US. Also, the regulations around foreign persons (or those of dual nationalities) relate to export activities. So, you can't transfer to a foreign person if you know (or suspect) that they are going to export the data. However, foreign persons in the US that aren't an export channel are not an issue (else a whole lot of commerce in the US would halt since I have no idea if another company has any foreign nationals employed, and I don't have to get an ITAR export license to ship something to another domestic company). In the later case (where we are talking regulation, not classification), you don't have an issue if you don't export the data (don't pick a company with foreign presence for cloud storage). Actually, one could probably be ok if they encrypted it (strongly) and then stored (but you may (or may not) want to talk to your DDTC rep about that. You should have no problems finding an offsite storage company to provide the service, and/or use someone who allows you to restrict the S3 zones (if AWS is the backend store) to us-* regions. Similar for rackfiles, dream objects, etc. Another comment here is worth highlighting, however - use consumer services, get consumer service. Go upmarket a bit if you are actually looking for something that your company's bottom line is hung on.
There are a bunch of folks who add client side encryption to drop box.
This mob: http://lock-box.com/ do a bunch of fancy client side key management to allow strong PKI management including revocation and re-keying of group accessed data. They're pretty good if you need a strong crypto layer on top of drop box, but there's a bunch of folks who add security to drop box with some balance of security and convenience. ... but like many other posters have said, be very careful before sticking classified data on any of this stuff; it's unlikely to be suitable unless the solution's been given a rating.
Wer mit Ungeheuern kämpft, mag zusehn, dass er nicht dabei zum Ungeheuer wird.
Is there a way you could encrypt the files or folders that are shared via dropbox, so that only people you have authorized (via a key) could decrypt them?
Repetition does not transform a lie into the truth. - FDR
You might start with looking at FEDRAMP complaint providers found here: http://www.gsa.gov/portal/content/131931 I would imagine that those listed providers also have FISMA certification so you'll be able to determine if the categorization of the data you are trying to protect is met by the provider. ITAR categorized data must be stored in CONUS and I believe AWS Government Community Cloud and the USDA National Information Technology Center offered by United States Department of Agriculture supports CONUS only storage. I believe Google Apps for Government does as well. But the key thing is to ensure the FiSMA cert matches the categorization of your data.
"He's using a quantum encryption scheme! That'll take hours to break!"
I'll 3rd filr..Granted we've not been using it long enough to say how it will fair under stress, but so far it's been flawless.
Dropbox + security? Sorry, they don't go together.
Don't people remember the day when everyone could get into anybody else's dropbox account without a password? The dedupe hack where people were getting instant access to other people's files on dropbox with the file hash - a quick way to download movies but has more sinister applications. How about the problem where you get the illusion of locking people you've shared stuff with before out by changing the password, but it doesn't actually lock them out?
It started off as a hack with a few python scripts as a front end to Amazon's storage and sadly it still shows. It's an epic failure in terms of security due to those I've mentioned and many more. In a business environment with multiple clients and a need to share things with one client and not another the dropbox sharing model is just an accidental disclosure waiting to happen. It's one to many and not one to one.
Seriously, there are dozens of alternatives out there and dropbox doesn't even measure up to plain old FTP from thirty years ago in a business setting. Use it for a hobby if you want with your own personal stuff but it's just an accident waiting to happen if you are going to use it for anything business related where there would be consequences if it ended up on the front page of a newspaper.
So if you've got nothing to hide you could use dropbox - or you could just put the files to download on your website. Dropbox is for those who can't put files on their website to download.
I don't know much about it, but my employer, probably a larger company than yours, specifies that we should use EMC's Syncplicity Enterprise (http://www.syncplicity.com/products/enterprise-edition) for secure cloud storage. It offers the option of keeping the storage in-house. Worth a look.
Owncloud looks quite good at the moment and is very simple to set up and run. You host the data yourself and it is shared via a sync client, a web front end or links sent by email, which can have expiry times set. The email thing can be turned off if you are quite correctly worried that there are far too many people capable of reading your email.
There is commercial support and some commercial extras but you can use the open version to try it out first (or indefinitely if that's all you need).
We use SparkleShare because we have our own git server anyway. Not sure how robust the security is compared to something specifically built for security (EG it's not like it has multi factor authentication).
Still as others have pointed out what the fuck are you doing with a cloud based service as a defense contractor. We do open source software and the only stuff we're storing in sparkleshare is scratch work, images, document templates and random crap that anyone could steal and we wouldn't care anyway.
I managed accellion for web based and sftp file transfers, it's pretty mature, not too expensive. Check
www.accellion.com
The setup I used was a virtual server on vmware with an encrypted file system from a file server on our SAN.
The link for government services is at:
http://www.accellion.com/why-accellion/for-government
You can limit it to VPN and sync folders peer-to-peer. It monitors and syncs changes for you, and is great for making a redundant backup/dropbox-type distribution system.
This is exactly what the system is designed for: https://aws.amazon.com/govcloud-us/
It is only secure when you put your hands all around it and have full control. There are products out in the market for you to self-host the solution. You can put a DNS name on your instance and all the data stays in your infrastructure. Check out Gladinet Cloud Enterprise - a Self-Hosted Dropbox Alternative Solution. http://www.gladinet.com/serviceprovider/selfhosteddropbox.aspx
Whatever you chose should really be run over a VPN for external usage. Period.
I'd look at using ownCloud - and you can get commercial support if it is required. I used to work for a company which used Novell iFolder and that was pretty good - but looking into that a little more it seems like Novell has a new thing called Filr which seems to tick the boxes (especially from a Manager perspective).
Literally email dropbox and tell them you need to purchase some of their servers.
If you're seriously using this feature and price isn't a big deal, they'll sell the literal servers which can be insulated within your own network with slightly different settings so it isn't immediately obvious to probes what sort of software you're using.
The first rule of computer security is physical security.
This is very very key. If you really want your data to be secure. You have to have physical possession of it. It cannot be on some remote server that you don't control. And by control, I mean you can walk up to it kick the power cord out of the wall if you so desired. THAT is control.
If you don't have that you're "trusting" someone else which is not how security works. Security is not about trust. Security is about paranoia.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Although its a very limited solution, for a small number of documents your needs may be met by uploading individually encrypted documents an encrypted drive image.
Synology have been moving from the personal to the enterprise space as of late with their "DiskStation" NAS line of products. Some of their high end "NAS" boxes can get pretty powerful. There is a function of the DiskStation is called "Cloud Station", essentially a Dropbox clone.
Basically what you would be doing is having your own on-premises 'Dropbox appliance'. It is very easy to setup/integrate with it's user-friendly interface for the admin, and then all you really need to do then is forward the ports and install the client software.
Tresorit is another Dropbox clone with client-side encryption. I couldn't find any information about it beyond the marketing materials though.
https://tresorit.com/
If you have zfs based fileservers to sync you can try a solution called ZFS-DR by RackTop Systems. But it doesn't sound like that's what you're after if Dropbox was what you were using previously.
You do government work and you are this clueless? No wonder the USA is in the state it is in. You should start by reading the ITSG.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Try this: http://www.novell.com/products/filr/
Stop right there, I think I've spotted the problem.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Nobody else but you will be blameable in case of a leak. And you can tailor the solution to your needs, to your specifications and to your use cases, both technical and functional. Oh, and here is a well-meant piece of advice: stop thinking of "the cloud". Don't. Just don't. If your data is so important, then host some hardware in a fire-proof, earthquake-proof place, run your self-built solution on that hardware in that facility, and off you go.
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
it's not open-source, if you care about that, and it's still in beta (what isn't these days?), but it's free, secure and it works well.
Citrix ShareFile?
...You are over-qualified and under-paid. If we give you a raise, we will break the cosmic balance of the universe.
Office 365 isn’t cheap but it has SkyDrive Pro included, which is protected by multiple U.S. data centers, and is only in the U.S.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
www.egnyte.com
Citrix ShareFile On-Premises. Drop Box-like interface, encrypted onsite data storage.
Filr is amazing. You get everything Dropbox provides but the data stays on your file servers and all your existing ACLs are respected.
You are stating that you need a secure data solution under ITAR, keeping your cloud based data within the USA. Alfresco Enterprise http://www.alfresco.com/ would be a solution, since you can limit what data is being handled by your users via the web, mobile or PC via role based management using Alfresco Share. Developer tools for Alfresco allows you create custom plugins, if one does not exist at the moment, have your developer team create a custom plugin to meet those requirements (say, ITAR??). And it works with either Windows or Linux. Data inside your firewall is kept secure on both sides of the firewall. Will probably catch hell for even suggesting this for your organization.
Setup your own storage at your office. Don't trust public companies for your data.
If you dont/cant do it yourself, hire someone to come in and doit. And audit the hell out of what they do.
---- Booth was a patriot ----
I completely do not understand anyone storing even remotely confidential data, much less security-related data, on servers hosted by another organization.
pr0n - keeping monitor glass spotless since 1981.
VPN, a Samba share with required domain authentication, and inside the share a Truecrypt volume (or volume(s) plural).
Email the data to your gmail account. That's what I do.
Why don't you check "Gith" ? www.gith-systems.com It's been released last week and everything is fully encrypted. The servers are hosted in France for now, not in the US yet !
You're missing the rsync component of the equation, but yes. This is the essence.
Now, administer for 250 users. :-)
"Flyin' in just a sweet place,
Never been known to fail..."
onehub lets you brand your own version of dropbox, stores it on aws, and lets you create your own local version. it's pretty great for companies that want dropbox but want control.
The combination of ClearOS and ownCloud enables you to build a Secure Hybrid Cloud offering based upon open source file sync and share technology that is as easy to use as Dropbox, but is hosted in your data center, on your servers, using your security policies, etc. Here are some helpful links: ClearOS Link: http://www.clearcenter.com/Software/clearos-professional-overview.html ownCloud Link: https://owncloud.com/products/enterprise Enjoy!
1. I act for a UK organization which has similar restrictions for handling Export Controlled matters & 'Classified' matters. These are not the same. The users and any intermediaries need to be known and locked down.
2. if "Cloud" storage for access from remote computer, then the store for both of above had better be within your own location and control and under your own domain, never under a 'third party external service' on remote servers to which you have no physical access.
3. ITAR and its equivalent UK Export Control restrict some things, 'Classified' by any government restricts other things. However the penalties are very severe for bad practice.
4. You have a problem if any person would access your servers from outside the USA, as internet access passes through non USA systems. If you and all your staff ONLY work within the USA then this is possible, but note, ITAR does allow staff to take laptops home, Classified (depending on level) does not allow staff to leave the locked building with any laptop or copy (USBs anyone?). The nationality or birth of any person outside the USA may forbid you having them in any chain that allows corporate computer access.
Example: The company I advise has some senior USA staff, I have to control that they have no access whatsoever or knowledge of certain UK EYES ONLY level matters.
Keep 'cloud' internal to USA (i.e. refuse and block all foreign incoming and outgoing signals). Check parentage of all staff. You have your work cut out!
Regards Eion MacDonald
Setup your own storage at your office. Don't trust public companies for your data.
If you dont/cant do it yourself, hire someone to come in and doit. And audit the hell out of what they do.
Alfresco takes the DIY out of this.
ITAR is a CLASSIFICATION. So saying "data classified as ITAR" is 100% correct.
They're nice guys too. https://www.cx.com/
Every rule has more than one consequence.
Why don't YOU create the product that your company wants, then market it to other companies with similar needs.
You could suggest it to your bosses as a new money-maker for your corporation, and when they turn you down (make sure it's in writing), get some people together and do it yourself.
Lot's of new businesses have been created by one business meeting it's own needs, then selling it's solution.
THINK! It's patriotic
You can try Seafile: http://seafile.com/en/home/ It's open source, you can build your own Dropbox like service.
Hi,
Check out this project on github: https://github.com/bokxing-it/sambadav
It is a bridge between samba and webdav. You run it on your webserver and it connects to shares/machines that have samba shares on your LAN. It uses smbclient to access the LNA shares, converts it in WebDav. It lets me mount samba network shares on a Win7 as a driveletter, without the need to make a VPN connection.
mu € 0.02
Dropbox + nCrypted Cloud (www.ncryptedcloud.com) = Enterprise Level Security in the cloud
take a look at bittorrent sync. http://labs.bittorrent.com/experiments/sync.html with cheap hardware and multiple locations(the locations could be virtual servers at different data centers around the world.) you could set up your own cloud for the cost of the hardware. run the host machines on your favorite flavor of linux and configure the different machines to do the rest. you add stuff to your onsite machine and it gets distributed securely and quickly to the other nodes. ive been playing around with the software for a week now but it seems to be exactly what we needed as a community.
Hello, Please have a quick look at www.vaultize.com . Vaultize is an enterprise-grade unified platform for secure file sharing - together with endpoint backup, endpoint encryption and Google Apps backup - that helps enterprises mitigate these risks through complete enterprise control and visibility on the use of unstructured data. It is the only solution that does military-grade (AES 256bit) encryption together with de-duplication at source (patent pending) – making it the most secure and efficient solution in the world. For product trial, please contact http://www.vaultize.com/try_it_free.html. Thanks, Sam sameer@vaultize.com