On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

Collapse
X
Collapse
+ More Options
Posts
 
  • Time
  • Show
Clear All
new posts
  • Spork Schivago
    Badcaps Legend
    • Mar 2012
    • 4734
    • United States of America

    #1

    On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

    We are attempting to build a secure infrastructure for a start-up company we're running. We have purchased almost all the stuff we need to get the company up and running. For some services, we found it makes more sense to outsource.

    We use the Cloud Solutions from Microsoft (CSP) instead of hosting our own Windows, Active Directory, and Exchange server. This is because of price. If we had the money, we'd be running a hybrid setup. We have a 22-core CPU for the main server, and with Microsoft moving to core-based licenses, this adds up quickly for on-premise software licenses.

    We use a mix of Linux, Windows, and Android clients.

    We are at the point where we're starting to look into how to securely store some of the data. Certain stuff, we keep hard copies. There's data we want to access via the network though. We have a RAID5 array built out of 12Gbps SAS hdd's.

    We're looking for solutions for archival purposes. Originally, we were thinking a tape library or NAS backup solution, but one of my account executives mentioned something that made sense to me. With a reputable company that specializes in secure data storage, they can devote the resources that we cannot currently devote, to monitor the servers that the data is stored on.

    When I say archival, I am talking about data that we will occasionally need to access, such as invoices, quotes, contracts, license agreements, but data we won't be accessing on a regular basis.

    So I'm reaching out to the BadCaps community to help me build a list of the pro's and con's with the various backup solutions.

    What I've learned is on-site can be pricey. We don't have a second facility for off-site backups. If something were to happen here, we'd lose the data. By outsourcing for secure data storage, we could make sure our data is stored at two seperate locations. We would go for a reputable company, who has the resources to watch server logs 24/7 and train their employees on the various types of attacks, etc. I phished my other two fellow workers and my wife failed all three of the phishing tests. They were tests found in the wild and targeted directly towards the individual workers.

    So a con would be with outsourcing, we'd have to pay a monthly fee, but initiale price would probably be much lower than on-site. It would more than likely be more secured, but might be opened to all who have the password (I don't know if we can whitelist IPs for access but if we could, that should solve that issue).

    Can anyone else think of any pro's or con's for either options? On-premise storage vs outsourcing? Thanks!
    -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full
  • diif
    Badcaps Legend
    • Feb 2014
    • 6978
    • England

    #2
    Re: On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

    You're already storing most of your data on site. You need to ensure your network is secure and work out a backup/DR solution.

    Paying experts doesn't always result in an expert service.

    https://www.theregister.co.uk/2018/0...g_hot_in_here/
    Last edited by diif; 09-11-2018, 12:48 AM.

    Comment

    • Spork Schivago
      Badcaps Legend
      • Mar 2012
      • 4734
      • United States of America

      #3
      Re: On-Premise Secure Data Storage Solution vs 3rd Party Secure Data Storage Solution

      So reliability is definitely a con for third-party hosting. Also, internet goes down, we don't have access to the data, unless we're storing a local copy as well.

      That's the biggest thing that's been stopping me from signing up with one of those on-line companies. They're online, and like you said in the other thread, if it's important, it shouldn't be online. I want to create a seperate network for an internal LAN that isn't accessible from the net and I don't think that'd be too hard to do. Just gotta lock down the firewall and play with some settings. I've been real sick for a while but the docs figured it out recently and gonna start me on some antiviral that should help me get back to work.

      We occasionally run into issues with the various Microsoft online services. The biggest so far was us missing an Urgent message in the message center (because there's just a LOT of messages there!) saying they were removing a certain configuration setup we used and anyone using it had to move to another. That broke things for a bit. I really wish I had a copy of the Windows Server, Exchange, Active-Directory, etc, so we were in control of changes like that but that gets pricey when you got a few cores. I sent them feedback on their messaging center and suggested they implement a future that allowed clients to have certain messages (or all) sent to them via email and they said they're implementing it, so hopefully we don't miss anything important like that again.

      What do you guys use for accessible backup? The main data will probably be stored in a virtual machine running probably CentOS. I'd probably create a VM just for the internal webserver, so it doesn't have to be too large. I could probably back up the entire VM, but I'm thinking maybe it'd be best to backup the individual databases, copies of the PDFs, etc, and the VM. I could easily store them on another machine, like one of the workstations or the backup server, but I'd like to have some sort of physical copies as well.
      Last edited by Spork Schivago; 09-11-2018, 10:11 PM.
      -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

      Comment

      Related Topics

      Collapse

      • tommy97
        MacBook A1932 & A2337 MDM - Permanent solution?
        by tommy97
        Hi,

        we're getting quite a lot wiped A1932 & A2337 from scrap with MDM (Remote management), we'd like to find permanent solution to remove it without CPU swap as it gets not economical, I found iremove.tools website which offer permanent solution, however if they got shut-down i believe laptops would also get locked? Does anyone have any knowledge about this service & about any other possible method?
        06-18-2025, 02:43 AM
      • ktcar214
        Need help for HP ProBook 445R G6 Secure boot key removal from BIOS dump
        by ktcar214
        Hello.
        I tried to add a custom secure boot key (for secure booting Linux) to my bios, but after this, my laptop bricked. After adding secure boot key (via PowerShell) and enabling secure boot my laptop turns on, shows HP logo, and after 5 seconds it turns off and on, and it repeats forever.

        My goal is to either turn off secure boot or remove my custom key from BIOS dump.

        I'll attach my bios dump (version R79_011700) from my bios chip 25b127dsig, my keys (PK/KEK/db), and bios dump from another HP ProBook 445R G6(I found it on this forum. URL: https://www.ba...
        12-07-2021, 08:57 AM
      • abajor
        DELL XPS 9520 No 3rd party SSDs?
        by abajor
        So we have a DELL XPS 9520 a woman broke her screen and needed an immediate replacement so we removed bitlocker and put her Drive in an Asus TUF gaming laptop, everything is hunky dory.
        We happen to have another DELL XPS 9500 screen that is compatible with the 9520, so tried installing new SSD's and doing a clean windows 11 install.
        During formatting the installer can't find the Intel drivers for the nvme controller?

        I spend a long time figuring out how to extract the drivers from the official dell installer downloads tried different versions, was able to load the drivers...
        04-21-2024, 06:11 AM
      • badcaps411
        Lenovo T15 gen 1 secure boot
        by badcaps411
        Hello,

        I have a Lenovo T15 gen 1 where I can't get the secure boot disabled. I think it is related to the security chip. The BIOS is completely free, no password or anything. The only problem is that the option to disable secure boot is grayed out. Trying to boot it, GRUB 2.02 starts and expects a certain Software. If you want to change something you need to enter a username and password. While experimenting, I was able to load the firmware from the hard drive. There I found signed files, in one also the hashed password (cracking probably not possible in lifetime). It was probably...
        12-08-2022, 01:00 PM
      • bohaboha
        DO THERE IS A SOLUTION PREVENT MELTING DIFFUSER
        by bohaboha
        I want to find a solution, perhaps an ultimate, solution to this dilemma with your expertise. As it stands, the diffuser is too close, if not directly on the joint, there must be a way to separate without affecting image quality, I'm thinking with small glass strips or maybe pieces that make it a little distance, melan, them, or what do you suggest?
        03-06-2024, 12:59 PM
      • Loading...
      • No more items.
      Working...