As with past entries, we’ll discuss some easy ways to take care of your company and keep things where they should be. We’ll cover a range of topics:
There is an emotional tactile response to holding on to, and reading off of a piece of paper. I personally enjoy reading a physical copy of a book rather than a revolving screen. From a business perspective, that world is largely behind us. While some organizations require a tangible document, you can’t deny that the world is going digital. Filing cabinets and the thousands of pounds of paper stressing every joint of your office’s structural integrity are largely a thing of the past. All that information can all be housed in a little box in the closet, or off site completely, saving space and money.
As with all technology the conflict lies between convenience and security. Having a little black box that contains the entirety of your company is great, but no one was ever motivated to steal 4 tons of filing cabinets. In addition, short of having a scriptorium, digital files are simpler to duplicate. That’s good and bad, depending on the file. How you approach the storage your information takes a bit of foresight.
Servers and External Hard Drives
One of the benefits to keeping digital files on physical storage is that it’s laughably inexpensive now. Hard drives and other storage devices have never been cheaper. Just ten years ago, a medium office would have to make a distinct investment. Today. there are few reasons file storage should be a serious fiscal concern unless you have a truly unique circumstance.
File servers are a common solution and act as a network destination to access what you need. A server is basically a normal computer with a specific purpose. While acting as a file server, the computer can play many roles. They can double as domain controllers*, RAID arrays**, and act as hosts for internal company sites. Plus, file servers are easy to backup, restore, and protect.
The downside to servers is the space required and lack of portability. You’ll need to find a place to put the server, plan for network access, and set up an interface. Depending on what you’re asking the server to do, you’ll also need to be aware that changing some things invites consequences.
Maybe you simply need storage. External hard drives are a good way to keep information portable, long-lasting, and accessible. All while keeping storage space to a minimum. They can be directly attached to your network or a single computer.
But of course, everyone (including us) loves the shiny new objects:
Firstly, don’t be intimidated by the term “Cloud”. Cloud is just a general term for off-site. It’s not a new concept, someone just found a marketable name to apply to something that’s been around for decades (much like Pet Rock). Cloud Storage is effectively an online data repository. We promise there’s no magic involved.
The nice thing about Cloud Storage is the hyper-portability. Files can be accessed anywhere by any device with a network connection. Cloud storage is also normally redundant, which means there are multiple secure copies of your data. This is a nice if you ever find yourself needing to restore important documents that may have been deleted by accident.
The physical concerns about cloud storage don’t really apply. Having a place for a server, worrying about disasters (fire, flood, etc.), keeping those devices physically secure… online storage solves most of them.
Even if this is the direction the world is going, it’s also the method that needs the most attention. Having a fast and reliable network connection is a must. If you mean to run your business largely online, you can’t find yourself offline for too long.
Naturally, Online and Physical file storage solutions come with their own security concerns. They share some common issues, but they’re two different beasts for the most part.
Which employees see what files is the major concern for any file storage solution. Most security in the modern world is centered on a restrictions and exceptions model. Meaning that you restrict everyone from everything at a minimum, and then grant access or make exceptions when someone needs access.
Your paralegal doesn’t normally need to see your malpractice insurance forms. The front desk likely isn’t privy to payroll documents. You can store all these files and restrict access to keep information siloed. Permissions for a specific user to see a specific part of your business are easily configured via groups, and roles. This is true with file servers and with whatever online service is chosen.
BitLocker and Physical Storage
Securing physical storage beyond permissions is as simple as good encryption. Less likely with a file server, but this applies to any internal or external hard drives.
One encryption option is BitLocker. BitLocker is a program integrated with Windows that encrypts the entirety of your hard drive. Whenever you try to access it, it requires you to input a dedicated passcode**. We talk at length about BitLocker in this previous post.
Crossroads IT is fond of BitLocker for the simple reason that it’s so entwined with Windows. There are other programs that do the same thing, but having that natural affinity for the Windows platform makes working with it simpler.
Moving Files in an Online World
Cloud storage is less concerned with anything tangible being lost or stolen. However, the nature of online storage does mean there’s data moving in the wild from your network to an online destination. This begs a few questions that need to be answered:
- How secure is that transit?
- How secure is the destination?
- What about I configuring permissions?
- Can I audit employee access? Especially important for HIPAA or ISO style compliance.
Thankfully, these questions are readily answered by any reputable company by what’s called a White Paper. A White Paper explains specific details about a product or service.
Google’s G-suite is a good example of what you should see in a White Paper. G-Suite includes a range of products; notably Google Drive. The White Paper goes on to explain:
- How Google selects and trains employees.
- The internal audits they perform.
- How they physically secure your data and what sort of hardware they use.
- Encryption of your data in transit, at rest on their servers.
- How media backups are created and stored.
- What ISO certifications they meet.
- How your data is accessed and what restrictions you can put on it.
White Papers are intended to be thorough. They are the nerd sales pitch, and any IT admin worth their salt has gone through plenty when considering vendors for a project. I use Google as an example above, but other online storage companies (Dropbox, OneDrive, Carbonite, and so forth) have similar documents readily available. They are vital to understanding what you can and can’t do with a service.
2FA & U
Another benefit of having some sort of online storage solution is the security that comes with 2FA, or Two-Factor Authentication. This is available with any serious storage provider. Crossroads IT would not recommend any solution lacking said feature.
2FA requires a user to identify themselves in two independent ways. Normally a password followed up by entering a code randomly generated by another device. For example, a phone or a little dongle. Applications like Google Authenticator generate a 6-digit code every 30 seconds. Once linked, the storage solution can confirm your entry of the generated code.
The extra level of verification helps make sure that a stolen online password isn’t going to ruin your security efforts. If someone wants to break into your data, they’re going to need the specific physical device associated with that user. It’s a tall order, to say the least.
Proper Planning is Key
When Crossroads IT is tapped for a project dealing with storage, we ask a range of questions to get a good idea what a client is specifically looking for. What is the intent of the storage; File Share or Backup? Who should have access to what files? How much storage should we expect? How do we make sure data is backed up properly?
These are the beginnings of the discussion about what suits your business best. They’re also not always questions that you need immediate answers for. When planning these projects, there are times you think about something as a nice-to-have, it suddenly you realize it’s a requirement. Proper foresight allows flexibility to how storage is configured and controlled. Poor planning can cause headaches and endless band-aids.
What We Do
Crossroads IT expects to visit clients where they are, so we need to stay flexible. We keep many files online and accessible whenever we need them. Invoice templates allow us to create an invoice from a mobile device and print on-site at a client’s office. We can access inventory, orders, and templates of all kinds. For us, being able to access files remotely is a beautiful perk.
It’s also an easy way to telecommute, which invites its own set of pros and cons, but you’ll be able to appreciate it much more in February and March when the snow storms come rolling through Rochester.
Our situation notwithstanding, a larger company might benefit from a robust file server. Increased storage speed, cost control, and the comfort of having data on-site are strong proponents to keeping a machine onsite.
We aren’t the type of company to dictate how you solve your problems, we listen to your specific situation and suggest solutions accordingly. We’re here to help guide you through. Feel free to call or email us anytime and we can start discussing how to best fulfill your needs.
Next week we discuss HIPAA Compliance. Healthcare or otherwise, it’s a well-recognized set of measures that can help your business be more secure. It might even leave your customers more confident in your security.
* – Domain controllers provide excellent organizational oversight. With a DC, you can implement Active Directory and dictate the configuration of any machine in your company. For example, you can make password requirements, dictate user permissions, and change settings on a machine to ensure compliance. Domains are incredibly powerful. In companies over 4-5 people, they should be seriously considered.
** – RAID arrays come in a few different flavors, but the application of a RAID array is to keep data safe via redundancy. In other words, if I make a change to a file, it alters the file in the server hard drive and that change is mirrored on another hard drive. This protects you from failing hardware, providing a great fail-safe option.
*** – To that end, you can also set up your PC to require BitLocker’s passcode as well. This is considered an excellent practice, albeit a touch cumbersome. Again, convenience vs. security.
Copyright © 2018-2019 - Crossroads IT, L.L.C.