Announcement

Collapse
No announcement yet.

On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

    We are attempting to build a secure infrastructure for a start-up company we're running. We have purchased almost all the stuff we need to get the company up and running. For some services, we found it makes more sense to outsource.

    We use the Cloud Solutions from Microsoft (CSP) instead of hosting our own Windows, Active Directory, and Exchange server. This is because of price. If we had the money, we'd be running a hybrid setup. We have a 22-core CPU for the main server, and with Microsoft moving to core-based licenses, this adds up quickly for on-premise software licenses.

    We use a mix of Linux, Windows, and Android clients.

    We are at the point where we're starting to look into how to securely store some of the data. Certain stuff, we keep hard copies. There's data we want to access via the network though. We have a RAID5 array built out of 12Gbps SAS hdd's.

    We're looking for solutions for archival purposes. Originally, we were thinking a tape library or NAS backup solution, but one of my account executives mentioned something that made sense to me. With a reputable company that specializes in secure data storage, they can devote the resources that we cannot currently devote, to monitor the servers that the data is stored on.

    When I say archival, I am talking about data that we will occasionally need to access, such as invoices, quotes, contracts, license agreements, but data we won't be accessing on a regular basis.

    So I'm reaching out to the BadCaps community to help me build a list of the pro's and con's with the various backup solutions.

    What I've learned is on-site can be pricey. We don't have a second facility for off-site backups. If something were to happen here, we'd lose the data. By outsourcing for secure data storage, we could make sure our data is stored at two seperate locations. We would go for a reputable company, who has the resources to watch server logs 24/7 and train their employees on the various types of attacks, etc. I phished my other two fellow workers and my wife failed all three of the phishing tests. They were tests found in the wild and targeted directly towards the individual workers.

    So a con would be with outsourcing, we'd have to pay a monthly fee, but initiale price would probably be much lower than on-site. It would more than likely be more secured, but might be opened to all who have the password (I don't know if we can whitelist IPs for access but if we could, that should solve that issue).

    Can anyone else think of any pro's or con's for either options? On-premise storage vs outsourcing? Thanks!
    -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

    #2
    Re: On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

    You're already storing most of your data on site. You need to ensure your network is secure and work out a backup/DR solution.

    Paying experts doesn't always result in an expert service.

    https://www.theregister.co.uk/2018/0...g_hot_in_here/
    Last edited by diif; 09-11-2018, 12:48 AM.

    Comment


      #3
      Re: On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

      So reliability is definitely a con for third-party hosting. Also, internet goes down, we don't have access to the data, unless we're storing a local copy as well.

      That's the biggest thing that's been stopping me from signing up with one of those on-line companies. They're online, and like you said in the other thread, if it's important, it shouldn't be online. I want to create a seperate network for an internal LAN that isn't accessible from the net and I don't think that'd be too hard to do. Just gotta lock down the firewall and play with some settings. I've been real sick for a while but the docs figured it out recently and gonna start me on some antiviral that should help me get back to work.

      We occasionally run into issues with the various Microsoft online services. The biggest so far was us missing an Urgent message in the message center (because there's just a LOT of messages there!) saying they were removing a certain configuration setup we used and anyone using it had to move to another. That broke things for a bit. I really wish I had a copy of the Windows Server, Exchange, Active-Directory, etc, so we were in control of changes like that but that gets pricey when you got a few cores. I sent them feedback on their messaging center and suggested they implement a future that allowed clients to have certain messages (or all) sent to them via email and they said they're implementing it, so hopefully we don't miss anything important like that again.

      What do you guys use for accessible backup? The main data will probably be stored in a virtual machine running probably CentOS. I'd probably create a VM just for the internal webserver, so it doesn't have to be too large. I could probably back up the entire VM, but I'm thinking maybe it'd be best to backup the individual databases, copies of the PDFs, etc, and the VM. I could easily store them on another machine, like one of the workstations or the backup server, but I'd like to have some sort of physical copies as well.
      Last edited by Spork Schivago; 09-11-2018, 10:11 PM.
      -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

      Comment

      Working...
      X