Re-Claim Your Data (Part 1: Run Your Own Storage Cloud)

12 Oct 2013Chris Fairey

In this first of a series of posts about re-claiming your private data from 'the cloud' I will explore how you can achieve all the functionality of services like Dropbox, while ensuring you know exactly where your data is.

ownCloud

Enter ownCloud

ownCloud is an Open Source web application that aims to provide you with all the functions you're used to from a service like Dropbox with one noticeable difference - the data you store in it is on a server you either run internally or own on the Internet.

Simple Yet Powerful

On the surface, ownCloud looks fairly simple - indeed it lives on a web server and you interact with it (at least initially) via your web browser. However, ownCloud has a few tricks up it's sleeve, in the form of ownCloud Apps.

One of the first 'Apps' you may want to install is the Encryption app - this basically sets up Server-side Encryption (more on this later) for all the files you store on ownCloud, which means they cannot be read easily by unauthorised individuals.

There are a number of pre-configured Apps in a basic ownCloud install: Contacts (with sync to Android/iOS devices), a Calendar (again syncing to Android/iOS devices), a Media section (allows you to play music files directly from the web interface).

You can also enable an Anti-virus App - which will check any files you upload for viruses (as the name would suggest).

Want Even More Apps?

If you want more Apps for your ownCloud installation, there is a directory of Apps that includes:

  • integration with popular third-party webmail client Roundcube
  • integration with WordPress (for both authentication and the WordPress media library)
  • and many more...

Desktop & Mobile Clients

ownCloud has a free desktop client for Windows, OS X and Linux that works exactly like the clients for many cloud storage services - you install it, point it at the URL of your ownCloud installation, log in and it'll synchronise your cloud storage with a folder on your computer.

There are also clients available for iOS and Android devices (although these will cost you a small amount of money - 63p in the case of the official Android app), but give you access to your ownCloud data on the move (with the ability to upload files from your mobile device).

Server-side Encryption

I mentioned that the Encryption App for ownCloud sets up 'Server-side Encryption' but what does this mean?

It basically means that the server you install ownCloud on holds the encryption keys for the files in each users account, and therefore if someone does manage to gain access to the server running your ownCloud installation, they can decrypt the files.

This is not an ideal encryption system to use, but the ownCloud development team is trying to figure out if there is any way they can use client-side encryption (where the client applications store the keys and encrypt the data before sending it to the server) without breaking the web interface or mobile clients.

User Accounts, Groups & Sharing

ownCloud is a multi-user application. The first account it asks you to create after installation is set up as the 'admin' account (it can change ownCloud's configuration, add/remove Apps, create users/groups and view logs).

You can create groups that users can belong to, and users can then share files in their ownCloud account with either individual users or entire groups (if you share a file with a group, every member of the group gets a copy of the file in their 'Shared' folder).

Sharing files/folders even gives your users the ability to set an expiry date for the share (after which it will be removed from the accounts it has been shared with) and determine if the user/group is able to write to the shared file/folder or not.

Sounds Good - How do I get ownCloud?

If you are reading this and thinking 'I want to ditch Dropbox and run ownCloud', there are several ways you can do this:

  1. Add ownCloud to your existing web server
    You can install ownCloud on the same server that currently runs your public website, under either a separate sub-domain (cloud.yourdomain.com for example) or a directory under your existing website (not recommended).You will ideally need an SSL certificate for your ownCloud installation (to secure the communications link between your clients and the server), but your hosting provider should be able to sell you one of those.
  2. Run ownCloud on it's own Web Server
    You can choose to run your ownCloud installation on it's own Internet-facing hosting.This would ensure that an attack on your public website wouldn't necessarily compromise your cloud storage and that, should users upload/download large numbers of files, the performance of your public website wouldn't be affected.
  3. Run ownCloud in-house
    You may decide that running ownCloud on a server inside your network is the safest option (and we would tend to agree).This gives you the greatest level of control over how your ownCloud installation can be accessed, and enables you to only allow access via pre-existing secure remote communication links (like VPNs for example) if needed.

    You may also choose to integrate the ownCloud authentication with something like Active Directory, so all your existing users can start using it without needing to remember new usernames and passwords.

Want To Know More?

If reading this post has you seriously considering implementing ownCloud for your business, why not give us a call and we can explain more about ownCloud's advanced features (it can even access accounts from Dropbox, if needed!) and work with you to see how best to configure and deploy ownCloud to meet your needs.

We take the pain out of IT and Cyber Security

Contact us today to cure your IT & Cyber Security headache

Tell us about your Issues
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram