Reply to post: Re: Still somone else's computer

OK Google: A stranger with stash of pirated films is spamming my Google Team Drive


Re: Still somone else's computer

Sure, it's easy. Just stand up your server and install nextcloud on it. Well, of course, then you should automate the deployment somehow just in case you need to do it again. Then you're gonna have to figure out how to scale it if you have a significant number of users, of course.

Oh, well, and then set up some kinda access control system, of course. No problem, you can just maintain a list in the admin interface by hand. Now who was the person who looked after the list again? We need to add someone new. Why are they on vacation? Sigh. I guess we need some sort of maintenance rota for this thing. Oh, someone *did* remember to take that disgruntled guy we had to fire last month off of the list of folks approved for access? Right? right?

What's that you say, the hard disk in the file sharing server died and now everyone's lost all their data? Well, crap. Now we're bankrupt. For my new company, I guess we'd better think about redundancy and backups for the shared file server...

...okay, now NewCorp has its file server complete with expensive enterprise-level redundant storage, regular scheduled and tested backups, a rock solid access control policy and a team of five to maintain it. Great. Problem solved. Oh crap, now we need to let remote folks access it. Better hire some network admins to figure out all the necessary networking policy. Make sure nothing is exposed to people who don't work for the company. Maybe put it behind a VPN? But then we have to maintain the VPN and everyone hates dealing with access to a VPN. Also, crap, we'd best make sure this server has a solid TLS configuration. And make sure its certificates are kept up to date. And make sure the software is kept secure. What's that you say, Nextcloud is written in PHP and has a record of security vulns as long as your arm just like everything else that's ever been written in PHP? Well, crap.

tl;dr: running servers (file servers, mail servers, web servers, whatever servers) is superficially easy. Doing it in a safe, sustainable, secure way is absolutely not and it very often *is* the best idea to pay someone else who does it at scale to do it for you.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019