back to article Inside the Box thinking: People want software for the public cloud

On-premises file sync and share and collaboration is yesterday's story. The future is the public cloud with dedicated software service suppliers, like Box. File sync, share and collaboration is not a feature, but a product, best expressed as a service (SaaS) through Box's three data centres and the public cloud, and not …

  1. tiggity Silver badge



    1. Novex

      Re: Advertorial

      You summed up my thoughts in one word that I don't believe I've heard before - have an upvote :-)

      The article came across as trying to sell their particular solution, rather than being a proper unbiased analysis of file synchronisation and collaboration services via cloud.

      1. Korev Silver badge

        Re: Advertorial

        El Reg even reported on vbloggers having to mark their videos as adverts a few years ago (story here)

        Maybe they need to read guidelines on labeling "advertisment features" clearly.

  2. Anonymous Coward
    Anonymous Coward

    "through Box's three data centres and the public cloud"

    Eh? What's the "public cloud"? Do I pay for this out of my tax money?

    Also, I thought Box was 'the cloud'?

    As I can now get a 'private cloud' in a small NAS sitting on my desk, Box doesn't seem to be cloud anymore and there is now a public cloud, I don't know what 'the cloud' is anymore, did I ever know? Did anyone? Does it even exist?

    It all seems a bit nebulous.

    1. Novex


      ...sounded more cumulus to me, and just about as solid ;-)

    2. P. Lee Silver badge

      The cloud


      and you can't configure it.

      Seriously, why do you want proprietary drivers instead of SATA? That is what the cloud is, right? Commodity hardware with proprietary storage drivers. Worse, there's no software layering, no standard storage driver API being used so that anyone can write to it, each "commodity" cloud vendor has its own API so every application has to be "disk drive" specific. Welcome back to the 70's!

      Is this all because getting SMB through a firewall is going to hit a brick wall in form of CorpSecurity? Do you think all the problems magically go away because it runs over TLS/443? People complain that SSH is dodgy because anything could run over it. Hello! HTTPS?

      It appears to me that there are several issues:

      1. File systems have not kept up with metadata requirements. (think sharepoint)

      2. Selling data sharing gateways is hard - its easier to be "shadow IT" than to make a big official corporate sale. I know companies where SFTP means HTTPS access to a file server with a really clunky interface.

      3. Corporate security. CISO's generally try to do the right thing. The risks are generally very high, but perhaps the baseline is, "will this data be shared by email if we don't do it some better way." Get your data classified, get your identity management sorted. Everything else hangs on that.

      4. Outsourcing. Everyone wants to run their IT like MacDonalds. Here's a heads up - people aren't interchangeable - at least not without a lot of cost in downtime, recruitment and training. They tried buying expensive systems a chimp could use. CAPEX went through the roof, so now they try to rent expensive systems so it doesn't look so bad on the balance sheets. Sadly that means business logic gets petrified in the IT system because in the past we had a chap we called Sheldon who used procmail to filter all the timesheets and batch feed them into the green-screen application using expect, but now we have a cloud-based solution with an API which changes every year and no dev environment in which to test scripts. That's all moot because we outsourced our IT support to India so we no longer have anyone around who has scripting skills - everything we do with IT has to be bought as an application from professional devs or done by hand - so we don't do that. Everyone enters their time in themselves using IE6 because that's all the portal supports. Eventually our IT is so petrified it bears no relation to what we do on the ground, so we have to duplicate masses of effort, and put rubbish values into systems which have no useful purpose because no-one really knows what anything does any more but we're scared stiff of breaking it.

      Weirdly, companies accept very limited facilities from a third-party which they wouldn't accept from an in-house solution. People need to get over that.

      I'm fairly gob-smacked that no-one has done more with sshfs... maybe for Windows too? Get your PKI in AD sorted and go for something simple. Simple is good.

  3. Howard Long


    No, I don't want a 100% cloud based service, where the services offered come and go as the vendor pleases, I cannot access my data without a working high speed internet link, service terms and conditions are unilaterally changed on a weekly basis, or one serviced by a company surviving off VC piss.

    1. Mark 85 Silver badge

      Re: No

      Given that is a very real issue, there's also the matter of the reading the T&C as indicated by a below post. I wouldn't touch the cloud with a 10 foot pole, muchless put any company data there. Just too damn risky as previous articles have shown.

  4. Howard Long


    No, I don't want a 100% cloud based service, where the services offered come and go as the vendor pleases, I cannot access my data without a working high speed internet link, service terms and conditions are unilaterally changed on a weekly basis, or one serviced by a company likely surviving off VC piss.

  5. Anonymous Coward
    Anonymous Coward

    Read the 10K...

    If you want to know what you're really getting, read the Box 10K. The "Risks" section is particularly enlightening, with such gems as...

    "88% of our registered users are non-paying users..."

    "We have a history of cumulative losses, and we do not expect to be profitable for the foreseeable future."

    "Furthermore, while our errors and omissions insurance policies include liability coverage for these matters, if we experienced a widespread security breach that impacted a significant number of our customers for whom we have these indemnity obligations, we could be subject to indemnity

    claims that exceed such coverage."

    "Even with the disaster recovery arrangements, we have never performed a full live failover of our services and, in an actual disaster, we could learn our recovery arrangements are not sufficient to address all possible scenarios and our service could be interrupted for a longer period than expected."

    "Because of the large amount of data that we collect and manage, it is possible that hardware failures, errors in our systems or user errors could result in data loss or corruption that our customers regard as significant. "

    I wonder how many CEOs and Board members of companies reliant on Box have ever read a single 10K, and if they did, how did they justify the risk?

  6. Gezza

    seems apt:

  7. Anonymous Coward
    Anonymous Coward


    "On-premises file sync and share and collaboration is yesterday's story." What the bloody hell Chris? Did you talk to ANY enterprise customers before writing this? This article is COMPLETELY wrong about how enterprises want to use enterprise file sync-n-share. There are also no enterprise customer references here. It's as if you re-wrote a data sheet.

    First: Enterprises want ON SITE (or hosted off site, not public cloud) content management so they have full and complete control of the data and how it is being accessed. This is VERY different from public cloud application hosting. This is not anti-public cloud, this about using the right tool for the right job. If you look at Box's revenue numbers and disclosures, they clearly are not grabbing enterprise customers. The biggest reason is corporate compliance and regulation (although many small companies have fewer issues with compliance).

    Secondly: Most enterprises want transparency and visibility into how their data is being managed. File and content is particularly sensitive as it can be subject to secret court orders. The host (Box, Dropbox or any of them) are not permitted to disclose those orders to the content owners. As a consequence of this alone, most enterprises do not want to use public cloud to host file content. While encryption can mitigate some of the concern, it is not fool proof. Enterprises want to know if their content is potentially exposed to court orders and will only know if they are hosting the content.

    Finally, there are numerous data sovereignty issues which makes it very difficult for multi-national orgs to use Box or Dropbox. This is a well known concern.

    I think if you would have interviewed a few large enterprise users about how they manage file content you would have some clarity about these tools.

    1. Graham Cobb

      Re: WHAT????

      To be fair to the Reg, I think your response comes from the large enterprise point of view. There are many, MANY SMEs who would find the Box service very attractive. Most of them are stuck in the 90's and have no idea what they could be doing (with a file server, let alone Sharepoint) and these cloud-based services are a good way to bring them forward to today's technology.

      They really don't have the same issues around regulations, sensitivity, or even availability. Their existing business-critical data is probably not being backed up at all and is easily readable if someone breaks a window and nicks the finance clerk's PC.

      If you run a local estate agent firm, with 10 shops and 100 employees, having cloud backup, document management, data sharing and mobile access would be a great benefit.

      And don't forget that SMEs make up about 50% of private sector employment in the UK. Half of private sector workers seems like a reasonable target for Box to be going after!

  8. joshuajamie

    Gob smacking oversight

    They give you a "box sync" tool for offline file access which is a must for road warriors, except you have to be an editor on the folder in order to use it. Now I have 100 users who I only want viewing content stuck with the choice of no offline file access or an editing free for all nightmare. Wish I would've known this before as I would've told them to take a hike.

  9. teebie

    Outsourced journalism

    My fellow interns, I think the conversation went like this

    "So for this fee you will put our advert on your site, but act like it is an article"

    "Yes, that's right"

    "And your journalists won't go through point out any inconsistencies, errors, or errors in the advert, or mention any alternative approaches that carry less risk. Or look into any problems with the company. Or express any scepticism of the putting everything in the cloud because 'cloud'"

    "No *our journalists* won't do that"

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019