Cloud Computing Use Cases – Page 2 – Storage Made Easy Blog

October 11, 2013July 1, 2016

How to encrypt, secure and access sensitive cloud storage data

**Updated 1st July 2016*

The recent PRISM Data snooping controversies have heightened almost every companies awareness of the potential vulnerabilities of data stored off-premise in the Cloud. Many Cloud Storage companies’ talk about encrypting data ‘at rest’ but the real issue is that the storage companies control the encryption rather than the company whose data is stored controlling the private key.

One of the features that Storage Made Easy provides is an encryption feature that can encrypt data uploaded to remote (and local) Cloud Storage. SME supports 50+ cloud storage vendors, which means companies are able to take advantage of private key encryption for some, or all data, across cloud storage providers.

For individual users of our cloud SaaS services SME uses a key entered by a user to encrypt data, but the key is not stored on the SME hosted service. If the key is lost, or forgotten, then when trying to subsequently access the file the user will not be able to gain access to the file as the correct key phrase will not be known.

For companies that use the SME SaaS hosted service team Admins specify a key that uses a similar mechanism but is applied to all users. Unlike the personal encryption the key phrase is either stored encrypted by the SME service, or it can be stored with a self hosted Vault instance.

For enterprise users who self-host the SME service then the key is can be stored on the service behind the corporate firewall or again it could use the open source Vault software on a key server.

SME uses AES-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. A random initialisation vector is generated when the user supplies an encryption key. The cipher Rijndael consists of:

– an initial Round Key addition
– Nr-1Rounds
– a final round.

The chaining variable goes into the “input” and the message block goes into the “Cipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael.

Once files are encrypted in this manner they can be accessed by an of the comprehensive SME desktop (Web, Mac, Windows, Linux) or mobile tools (Windows Phone, iOS, Android, BlackBerry). When an encrypted file is accessed the user is prompted to provide the private key phrase before the file can be opened.

If the file is accessed direct from the underlying storage then it will not be able to be used as it will be encrypted and without being opened via the SME service, either hosted or on-premises, it will not be able to be un-encrypted. This makes sensitive data stored on remote servers ultra-secure.

The SME also on-premises Cloud Control service resides behind the corporate firewall. It enables the ability to keep very sensitive data behind the corporate firewall but still enable secure file sharing and at the same time offers the ability to encrypt data that is stored on remote cloud storage and other SaaS services for additional security.

The Storage Made Easy Cloud Encryption service is available to all SME users inclusive of free, Personal Cloud, Business Cloud and Enterprise Cloud

September 13, 2013September 16, 2013

Cloud Computing Use Case: Extending Remote Desktop with a Cloud Drive

Many service providers and companies offer Remote Desktop Services to enable companies to access their desktop remotely. Applications are installed for the users where user settings and data are saved to their profile.

We’ve had a few requests from companies and service providers now who wanted users to easily be able to access data on remote clouds (such as Azure, DropBox, Box, FTP, WebDav, Sharepoint Amazon S3 etc) from a remote desktop.

With Storage Made Easy, this is easily done as SME presents a WebDav entry point to all clouds that SME supports whether they support WebDav or not. This means the service provider needs only co-locate the SME software appliance (supplied as an OVF compliant file) in their network and add a simple script to the users startup. The script it:

NET USE * \\webdav.storagemadeeasy.com@SSL\DavWWWRoot
pause

This enables user to get a mapped drive to remote cloud storage as soon as they login to their remote desktop and to browse and access these files like any other data drive and is a simple solution for bringing remote clouds directly into a users remote desktop using a simple metaphor they understand, “a drive”.

April 5, 2013April 5, 2013

Cloud Computing Use Case: Automatic notifications of new or changed iWork Numbers documents stored on Google Drive

We had an interesting Use Case recently in which the requirements were as follows:

The Company in question had a Google Apps Account and therefore used Google Drive for their Storage. They had a number of iWork Numbers documents that were modified by their team members whilst on the move using iWork and iPad’s. Currently their process was editing the files, and then trying to send the resultant file via email to other team members. Due to file size some files were not received and in general the email server was quickly eating up storage. What they cam to SME for was to figure out how they could refine this process.

With Storage Made Easy the process became much simpler. Firstly the company subscribed to a Cloud File Server SaaS Account. The SME Cloud Admin then added the companies Google Drive account to be accessible via SME and invited other team members to be part of the Cloud File Server. On the Folder(s) in question the Cloud Admin simply set permissions so that relevant team members had access and added a notification rule specific to keynote file to ensure that all subscribers to the shared folder received an email notification on new files or updates to existing files. As per our prior article on Twitter and SMS Gateways on these changes to file events SME can easily generate instant SMS notifications.

As Storage Made Easy enables WebDav above any Cloud added to it then Google Drive becomes instantly accessible via WebDav. For the Company this means that they can simply open and create new keynote files directly in Keynote from their shared Google Drive folder and then on completion simply save them back. The very act of doing this generates a file event on completion which send an email and/or SMS to users subscribed to the shared folder vastly simplifying the process.

Another added benefit to the company is the complete end-to-end joined up audit tracking they get on all Google Drive documents:

April 2, 2013December 31, 2013

Cloud Computing Use Case: Annotating PDF files on Amazon S3 (and other clouds) from an iPad with audit tracking

One of the legal companies that use the Storage Made Easy on-premise Cloud File Server Appliance had a recent request that we felt was worth exposing as we can see it could be a common use case.

The company has legal and para-legal resources that had the need to be able to annotate PDF’s whilst away from the office using their iPad’s. The legal data is stored on an EU Amazon S3 instance and the SME Cloud File Server Appliance is used to provide single sign on with the internal Active Directory Server whilst also providing granular permissions and auditing services for full document tracking.

A key point for the company was that any PDF document editing would be able to be done on the move from an iPad, saved back to the S3 Cloud from the iPad, and also that any changes were audit trackable. and users were instantly notified of changes. The SME Cloud on-premise Cloud Appliance, which unifies public and private data sources, as well as providing a full audit trail for all file interactions was used to satisfy this requirement in the following way:

– SME Cloud Appliance was already installed on-premise behind the corporate firewall
– The companies own EU S3 Account had been added as a Cloud to be monitored from the Appliance
– Auditing of any file events was set
– Access to the S3 files was available via the WebDav protocol using the users Active Directory username / password as Active Directory SSO was enabled via the Appliance
– As S3 files were available via WebDav the iAnnotate iPad App could be used to login and annotate files as outlined below.

Setting up access to Storage Made Easy from the cloud appliance is done as follows:

1. First setup a new WebDav cloud connection

2. Enter the SME WebDav Details

3. Connect

4. After Annotating the document then simply save it.

5. On completion the annotated document is saved back to Amazon S3 (or any other WebDav Cloud it was access from).

All interactions that occur are also fully audited with the remote IP Address, username, and document details and these are available as part of the Audit logs provided by the SME Appliance that can be exported as a .cvs or excel and / or can be archived.

March 24, 2012March 24, 2012

How to sync files from Google Docs, SkyDrive, S3 and other Clouds with your BlackBerry Playbook

As we recently posted details about our HTML5 client for the BlackBerry Playbook we thought it would be useful to outline how you can sync files from any number of Clouds with your Playbook.

For this walk through we will be using a third party tool for the Playbook called Mobile FTP and the SMEStorage CloudFTP protocol adaptor. This solution will work with any free, personal or business Cloud File Server Account that has the Protocol Adaptor added to their account.

First purchase the Mobile FTP App for your Playbook and install it (t is £1.00)

Next setup the SME CloudFTP protocol adaptor connection in the App. This enables the SMEStorage Clouds you have mapped to your account to be accessible over FTP even if they don’t natively support FTP.

This will result in a new bookmark called SME FTP

At this point all your files are acessible through MobileFTP on the Playbook simply by selecting the bookmark and connecting

You can download files or upload them to the various cloud using the Mobile FTP App

Now we will set up Sync. First we need to create a bookmark of the directory we wish to sync within the Mobile FTP App. We wil choose a folder called ‘Android Docs’ that is hosted on Google Docs.

We will name the Bookmark “Docs to Sync”.

Now we’ll go back to the root of the Mobile FTP and edit the Sync example to change it for sync bookmark we just created:

We changed the name to “SME Sync GDocs” and chose the boomarked directory “Docs to Sync” as the directory to sync with the root of the SD Card. Now we can simply run the sync.

Once the sync is completed the nested directory structure and files are available from the SD card on the Playbook. We can re-run the sync when we wish to pick up any changes, and we can add as many sync profiles, to as many different clouds, as we wish.

February 24, 2012February 24, 2012

Cloud Computing Use Case: Editing Google Docs, Office365 and DropBox files in iWork on the iPad

We recently did a roll out of our Cloud File Server service to a company of just under 150 people. The primary driver of this was federating data sources, governance and auditing of data, and the ability to edit files directly on iWork on the iPad.

For this use case we’ll concentrate on the latter, enabling ubiquitous document editing on the iPad using the Apple iWork product which encompasses Pages, Keynote and Numbers.

The company is a technology company in which different parts of the businesses use different Cloud Services. The core business admin and management uses Office365. Google Docs is used by the sales team, primarily as a way to share Google Docs files easily with their customers and prospects, whom they found to be predominately Google Docs users. DropBox is used by the tech team who like the ability to have replicated to all their code, tech papers etc instantly to any device.

Interestingly, whereas you would think this disparate use of similar Cloud storage services is an edge case, we find it is not. The storage vendor names may change, but the disparate number, of what appear to be, similar services remains.

When questioned about why they don’t use the other in-house services each team had a different USP as to why:

Tech Team: “With DropBox I don’t have to remember to bring my files. They are always with me”

Admin / Management: “Office365 works and Syncs with what I use like my Outlook task list and calendar”

Sales Team: “most of our customers use Google Apps, so sharing files with the Google Group we have setup for Sales is the best way to get new deals / propositions to them”

One thing this company has jointly bought into was iPad’s. They all used them and their preference was to use Apple iWork as their document editor as they liked it’s simplicity, ease of use, and WYSIWYG features. The problem was it did not work with any of their Cloud products.as it only supported iCloud, MobileMe and WebDav.

The company in question had already bought into the SME Cloud File Server. It enabled them to audit files above all the clouds they used and provide Organisation Shared folders that worked above a “set” of Clouds, giving them a single view on disparate resources.

As the SME Cloud File Server also supports a WebDav protocol adaptor above any Cloud, something we call CloudDav, then it became very easy for all the teams to create, load, edit, and save documents to either Google Docs, Office365, or DropBox.

The steps to achieve this were simple:

1. Launch Pages, Numbers or Keynote

2. Click the ‘+’ button and choose ‘Copy from Webdav’ (assume a doc is to be loaded)

3. Enter https://Webdav.storagemadeeasy.com as the server address and your smestorage username and password as authentication. This will then load the file tree and the clouds available to the account.

4. Tap on a document to load it and start editing

5. When finished just choose the “Copy to WebDAV” button and it will be saved.

In this way documents in Clouds not supported by iWork can be edited and saved.

February 12, 2012February 14, 2012

Cloud Computing Case Study: Google Docs continuous backup / sync to DropBox

We very often have businesses who want to keep files in sync between two clouds. This can be as simple as having a backup copy held between two providers in the cloud for continuous availability should one provider go down, or it could be due to a particular use case in which files need to be made available on two Clouds. In any case the request is a common enough for us to highlight it in our Cloud use cases section to show how this is easily achieved using the SME Open Cloud Platform.

We will look at providing a continuous backup / sync between Google Docs and DropBox, in which Google Docs is what we will refer to as the primary cloud, and DropBox will be the backup cloud. The first thing to note is that this option that we highlight below is only available to users who have a personal business or Cloud File Server account with us, and that it is available in our normal hosted offering as well as our appliance offering.

The guide to setup the continuous backup / sync are outlined step by step below:

1. Log into the personal business or Cloud File Server account either on the web or the appliance

2. Navigate to the “My DashBoard” link

3. Choose to add a new Backup provider and choose DropBox

4. Authorise the DropBox account to be accessed

5. The DropBox OAuth screen will appear an you can sign into DropBox and choose to authorise access

6. The sync will now be kicked off an you will see the settings screen of the backup provider you just added.

7. If we now visit the dropbox account we can see a new folder called “My GMail files” has been created

8. If we look inside this folder we can see the files and folders have been copied across

After the initial sync any news files that are uploaded direct to Google Docs via SME are also backed up to DropBox. Any files uploaded direct to Google Docs are uploaded to DropBox when SME discovers them either through you accessing your account if real-time update is enabled or by forcing a refresh between the SME meta-data and Google Docs. You are also able to control whether files are deleted on the backup if they are deleted on the primary from the settings page in step 6.

Although we used Google Docs to DropBox as an example this is equally applicable to any of the 35 clouds that SME supports, including private data to public clouds or vice-versa.

February 7, 2012

Cloud Computing Use Case: CCTV still images stored on Amazon S3 via FTP

Continuing our theme on Cloud Computing user cases, this one makes use of the SMEStorage CloudFTP protocol adaptor that adds the ability for any Cloud that SME supports to be accessible from the ubiquitous FTP protocol. For this particular use case, we now have had four businesses using SMEStorage as enabler for using S3 via FTP so we thought it would be useful to highlight.

The use case revolves around CCTV cameras that monitor a property and are configured to take pictures (.jpg files) at either intermittent points and/or on movement detection. Currently 2 of the businesses used sensr.net and two where using FTP from an ISP, but all were looking at Amazon S3 and trying to figure out how to get there images onto S3, given S3 does not support FTP.

Interestingly they had tried automated scripts and other mechanisms but none had really worked. At this point they discovered CloudFTP which simply adds FTP access to S3 (and any other Clouds SME supports).

Everything is accessed using standard FTP and using standard ports (and secure ports for FTPS).

After registering for a SMEStorage Account, adding their S3 account and then purchasing CloudFTP and then adding the correct FTP configuration to the CCTV hardware, this was done.

A Simple but effective use of the Cloud.

February 2, 2012February 2, 2012

Turning any Storage Cloud into an Amazon S3 compatible Private, Public or hybrid Cloud

In the past we have written about Amazon S3 and how, aas the 100 pound gorilla, of the Cloud Storage world, it’s S3 API has become almost a de facto interface for developers. This is one of the reasons that we originally added an S3 API protocol adaptor to our service.

Many start up’s, small businesses and even enterprises choose initially to use S3 for storage. This can be fine initially, however, when the volume increases the monthly bill can become an OPEX issue and small companies (and Enterprise) are looking for ways to slash their costs in any way they can. Aside from this other companies have stringent issues about where data is stored (for clarification, Amazon S3 is PCI DSS 2.0 compliant, SAS 70 Type II certified, and VPV ISO 27001 certified) or wish to store it within their own data centre or site.

As SMEStorage supports over 35 Clouds and SaaS services, you could very easily turn Google Docs, Box, Windows Azure or DropBox into an S3 Platform, or you could just add your own NetGear or PogoPlug appliance, or other private storage implementation.

The SME hosted service, and Cloud Appliance, provides the ability access to any Saas or cloud storage mapped to your account via multiple protocols. These include FTP, WebDav and also S3. These work even if the backend provider does not support the protocol natively. The SME protocol adaptors will do the protocol translation to the native storage provider protocol. One of the benefits of this that the users don’t need any special software to be able to access the Clouds. They can use any FTP, or WebDav client, or in the case of S3 any S3 client or code in which the host endpoint can be changed.

To demonstrate compatibility with the S3 API and tools we will now look at how to use AWS s3curl with a smestorage account.

To use s3 curl you will need to modify s3curl.pl and change the end point to

‘s3.smetorage.com’ (US Server) or ‘s3eu.storagemadeeasy.com‘ (EU Server) e.g my @endpoints = ( ‘s3.storagemadeeasy.com‘);

Your id is your smestorage account user name and you can obtain your secret key by logging into SMEStorage.com going to “My Dashboard” (from the sidebar) and copying the API key from the“Tech Info” section where the “API secret Key” resides.

Now you are all set to use s3curl. For example to list all the buckets you can use

./s3curl.pl –id smestorageusername –key API secret key http://s3.storagemadeeasy.com

For s3curl command line options please see the README file that is part of the s3curl package. Also note that the secure way to use s3curl is to use the .s3curl file in your home directory to pass the id and and key.

January 23, 2012

Cloud Computing Use Case: Enabling Cross Cloud file abstraction with unified ACLs and BYOD

Continuing our ongoing blogs on Cloud Computing Use Cases, this one is from a real customer with a complex use which details how and why they use SMEStorage:

Please tell us a little about what you do:

AlliedComm provides turn-key communication and web information applications. AlliedComm consists of four micro brands that service niche industries and organizations. These brands include JurisComm, FaithComm, Healthcomm and CiviComm

What were the technical challenge you were trying to solve:

1) Quickly allocate cloud-based ‘Private Organization Decentralized Storage’ for clients (‘pods’) that can be shed/discharged with client attrition.
2) Create a seamless management layer between cloud storage asset (pod) and respective client with flexible ACL permissions for individual client access.
3) Provide a branded, feature-rich portal with an improved GUI cloud-management experience for clients to independently manage cloud assets.

Why did you choose SMEStorage?

#1 BYOD. Whether by Windows, Mac, Android, iPhone, Blackberry, WinPhone, CloudDav, HTTP, FTP, email, fax and web, …you name it, SME’ supports it. (I wouldn’t be surprised if SME’ announces ‘messenger pigeon-to-cloud’ support coming early Q2 2012 *April fools). Our customers demand access to their cloud on their terms. SME allows us to provide all of this at a fraction of the cost compared to other vendors and with zero infrastructure.

#2 Features, features, features …they go on and on and on. They are easy to get to and intuitively laid out. EVERY setting is flexible and customizable. SME’s flexibility allows for limitless applications and ease of management specific to our business’s needs. With ‘power user’ features, we can really manipulate our settings. Nuance matters and we like the flexibility SMEstorage gives us to groom our SME’ service specific to the way we need it to operate.

#3 No ‘sky high’ corporate-centric pricing. Fair is fair. No gimmicks. No games. Pay for what you use. A la carte add-ons. We LOVE that.

#4 Easy security, backup and redundancy. With SMEstorage, we’re able to isolate our clients’ respective cloud assets as separate ‘pods’ but manage them from a layer above on one interface from within SMEstorage. SMEstorage gives us the ability to import, integrate and transfer assets between virtually EVERY cloud storage provider.

#5 Integration, inclusion and extensibility. We can can still access and manage our cloud vendor resources outside of SME’ if we choose to. SME’ provides the flexibility to integrate web storage with our web applications directly with each cloud storage vendor or, alternatively, by proxy with SME’. Often times SME’ provides integration capabilities not available directly from the cloud storage vendor.

Give us an example of how you decided to use SMEStorage

A good example of one application we use SME’ for is FaithComm’s Cloud Media Storage and CDN. Our client’s’ sites are hosted on FaithComm’s standalone servers while the large media and image files are offloaded to cloud storage ‘pods’ and broadcasted across our CDN. We’re able to manage everything from our SMEstorage account yet each client’s cloud storage assets are independent from each other as separate S3, Azure, Rackspace, etc. accounts. From the client’s point of view, the two applications are seamless. Additionally, we provide each client with group ACL login credentials to collaborate on, access, combine, transfer and manage all of their their cloud storage assets via SME’ on the device of their choice. SMEstorage, in our opinion, is a brilliant development in the storage and management of cloud-based assets.

October 10, 2011July 28, 2016

Cloud Computing Use Case: Automating Website backup to Amazon S3 using Plesk

Continuing on our theme of presenting interesting use cases that we come across when dealing with customers and businesses, this one is to do with backing up data to Amazon S3 in an automated fashion using Plesk. This was the request from the company involved. The condition being that the control panel can only backup to an external server via FTP. There is no native way to back up to S3 via Plesk.

This of course is tailor made for our CloudFTP product which turns any Storage Cloud into an FTP Server even if the Storage Cloud does not support FTP. This works with any of the Clouds you add to a SME Account, and of course S3 is one of these.

To satisfy this use case, the first thing to do is ensure the relevant S3 account is added to your account. This can even be a free account. You can do this either as part of sign up or from the Cloud DashBoard.

Once you have added the S3 Provider You can add CloudFTP to your account from “Cloud Add On’s” available on the right sidebar after login to the website. Once this is added to your account you can access any Cloud mapped to your account over ftp (Ftp://ftp.storagemadeeasy.com) with your username and password as authentication. This works even though the underlying Cloud, in this case, S3 does not natively support the FTP protocol.

Once this is done you can then automate your website backups using Plesk and your recently created S3-FTP. First login to the Plesk Control Panel:

Next navigate to the correct domain:

and finally navigate to the Backup Manager:

from here you can select to backup to a personal FTP repository:

and then enter the StorageMadeEasy.com FTP settings as outlined earlier in the post:

The end result is your website backed up safely to S3 (or any other Cloud that we support that you can choose).

October 5, 2011January 23, 2012

Cloud Computing Use Case: Sharing PDF’s stored on SkyDrive with an “on the road” team using Galaxy Tab and iPad’s

Given the propensity for so many different use cases that using the Cloud with Files can come up with we thought we’d start sharing some of the day-to-day use cases we deal with here on our blog.

This one is an inbound request in which a business has a series of PDF’s stored in a folder hierarchy on SkyDrive that they need to share with a distributed team that uses a combination of Galaxy Tab and iPad’s. The files need to be synchronised for offline use and the files can be updated each evening so the remote people need to be able to resync the files locally to get the latest versions for offline use.

Firstly lets address SlyDrive. In this event all the business needs to is to start using our Cloud File Server and add the SkyDrive Cloud to their account from the Cloud DashBoard. This starts a wizard in which the user is stepped through adding the SkyDrive Cloud.

Once this is done the Business Admin of the Cloud File Server needs to convert the folder containing the PDF’s into a shared Organization Folder. This means that any users that are added to the Cloud File Server will be able to see this folder.

The Business Cloud Admin can now choose to set the types of permissions that they wish to set on the folder (read only, etc).

Once this is done The Cloud Admin can add the users:

Now this is setup lets move to the tablet side. We’ll take the iPad first:

IPAD:

Each of the users that the Cloud File Server Admin added to the Cloud File Server can access their account using the iSMEStorage iPad App. once logged in they will be able to view files on the Cloud in a unique Cloud Files view.

However as per the business requirements we need to be able to sync the folder that was shared containing PDF’s down to the device. To do this the user needs to visit that particular folder in the Cloud File Manager and nominate the folder for local sync.

Once this is done the user can go to ‘My Syncs’ from the menu and action a sync which will download all the PDF’s locally. In future as the documents are updated overnight he just needs to visit My Syncs again and choose to resync which will download the newest files.

Galaxy Tab:

As with the iPad the user needs to visit the PDF directory from the Cloud Files view and nominate the PDF folder for Sync in the SMEStorage Android App.

Once this is done the user can return to My syncs, click on the directory and choose to sync. This will download the relevant PDF’s to the iPad. Again a sync can be done each day to update the latest files.

As there is less restriction on Android devices users can set the App to do a scheduled sync daily. Unfortunately this is not currently possible on the iPad.