Another Personal Storage Discussion
- 
 @Dashrender Well, the simple reasons I argue against "all data in the cloud" are as follows: - 
It's ****ing expensive. Way more expensive than local gear 
- 
Most people's (and business') internet connections are made out of [expletive deleted] 
- 
I (and my clients) run local workloads that generally work better if I work on local data. That whole bandwidth thing. 
- 
Oh yeah, even if you have the speed, the ISPs will get you on the volume of data. 
- 
What happens if someone pwns my login? 
- 
Cloud providers do some aspects of security better than me, but they're also a big, fat, homogenous and very tempting target. 
- 
Getting hit by drive bys sucks. Even if you aren't the target, it's increasingly common to have your realm taken offline because someone is DDoSing your neighbour. 
- 
[Expletive deleted] the NSA. (This is why I only use cloud providers with zero knowledge encryption, like http://www.sync.com) 
- 
Why use cloud if all the problems I have with it can be solved by a Synology? (Or better yet, an ioSafe.) 
- 
Google are creepy, Microsoft are creepier (and evil), and I don't trust Amazon as they seem pretty coldly amoral. (Just look at their labour practices.) Call me crazy, but I do sort of like to practice some ethical selection when I spend my cash with vendors. Bizarre concept, I know. 
 
- 
- 
 @Dashrender There are NASes without OneDrive clients at this point? Pretty ghetto NASes then. And if you're worried about someone nicking them, use the device's onboard encryption? See link above re: Synology. 
- 
 @BRRABill "Why are you storing data locally?" Because I am a rational, logical IT professional with over 20 years of experience. I am also a technology writer and technology marketing geek who has spent the past 5 years learning how the sausage is made. "Don't store data locally" is nothing more than a wishlist item from overly engaged marketing types and some really hardcore brand tribalists. I can introduce you to them. Most of them are even aware they're peddling bollocks. There are lots and lots of great reasons to store data locally that range from workloads that must be local which generally work better (and cost less) if you transact against local data, offline availability of data, the fact that ISPs are not perfectly reliable, cost, cost and cost as well as a host of availability and security concerns that are, quite frankly, more than I'm willing to go into here. If you want, however, I'm sure I can dig up about three dozen links to various articles I've written that cover every aspect of this topic from multiple angles. 
- 
 @cakeis_not_alie said in Another Personal Storage Discussion: @Dashrender There are NASes without OneDrive clients at this point? Pretty ghetto NASes then. And if you're worried about someone nicking them, use the device's onboard encryption? See link above re: Synology. Oh yeah, I forgot they could sync there. Again, I think this is the way to go. I'm looking for the "don't store data locally" side to argue their side. 
- 
 @BRRABill said in Another Personal Storage Discussion: @cakeis_not_alie said in Another Personal Storage Discussion: @Dashrender There are NASes without OneDrive clients at this point? Pretty ghetto NASes then. And if you're worried about someone nicking them, use the device's onboard encryption? See link above re: Synology. Oh yeah, I forgot they could sync there. Again, I think this is the way to go. I'm looking for the "don't store data locally" side to argue their side. I do not know anyone here that is on that "side." Sure it is recommended, but most of us can think for ourselves and make the right call for the business. 
- 
 Technically besides what's on end users desktops (Not much) we don't have any local data. Cause none of our datacenters are in our office buildings we connect to them via leased fiber. but we do host everything in house for the most part except Exchange Online. 
- 
 @cakeis_not_alie said in Another Personal Storage Discussion: @BRRABill "Why are you storing data locally?" Because I am a rational, logical IT professional with over 20 years of experience. I am also a technology writer and technology marketing geek who has spent the past 5 years learning how the sausage is made. "Don't store data locally" is nothing more than a wishlist item from overly engaged marketing types and some really hardcore brand tribalists. I can introduce you to them. Most of them are even aware they're peddling bollocks. There are lots and lots of great reasons to store data locally that range from workloads that must be local which generally work better (and cost less) if you transact against local data, offline availability of data, the fact that ISPs are not perfectly reliable, cost, cost and cost as well as a host of availability and security concerns that are, quite frankly, more than I'm willing to go into here. If you want, however, I'm sure I can dig up about three dozen links to various articles I've written that cover every aspect of this topic from multiple angles. No, I am just looking for an argument from the "no local data" side. Or, someone to tell me I am crazy and that no one actually said that. I'm also interested in the "no local server or NAS just use SharePoint/OneDrive" group to chime in as well. 
- 
 @BRRABill Why run Onedrive, Sync, Dropbox, etc on the local machine unless that machine tends to leave the office? Run it on a NAS so you download once for a fixed site, for multiple people to access from. Then mobile users can enable a local client that downloads selected folders onto their local device as needed. The NAS can encypt (so can the mobile devices) and it can back up to Backblaze/Glacier/etc in addition to its duties syncing with Onedrive/Sync/Dropbox/etc. 
- 
 @BRRABill The only argument "no local data" can offer is Koolaid.jpg 
- 
 @JaredBusch said in Another Personal Storage Discussion: @BRRABill said in Another Personal Storage Discussion: @cakeis_not_alie said in Another Personal Storage Discussion: @Dashrender There are NASes without OneDrive clients at this point? Pretty ghetto NASes then. And if you're worried about someone nicking them, use the device's onboard encryption? See link above re: Synology. Oh yeah, I forgot they could sync there. Again, I think this is the way to go. I'm looking for the "don't store data locally" side to argue their side. I do not know anyone here that is on that "side." Sure it is recommended, but most of us can think for ourselves and make the right call for the business. I always got the feeling that was the prevalent notion here. Perhaps I am 100% wrong. Of course most of us can make the decision. Again, just questioning some of the recent stuff that has been posted here on this topic. 
- 
 @BRRABill you are taking a post (lanless thing) way out of context. 
- 
 @BRRABill I can almost guarantee you that nobody wants your personal files as bad as you think they do... Business and personal are two different ball games. 
- 
 @IRJ Wrong. Your insurance company wants the analysis of your personal files quite badly. As do the credit agencies, banks, governments, border patrol...you name it! Pretty much every company or agency involved in risk assessment of individuals wants access to as much of your personal data as they can legally get. If they can't legally get it, they will settle for getting "grey market" analysis of data obtained illegally. (The law is still now in on just how illegal this is, or if it is.) You are kidding yourself if you think, for example, that the US border patrol doesn't want every single personal file of every single foreigner in the world to be fed through a gigantic Big Data engine so that they can determine if you're a risk. You could be a terrorist, a petty criminal or - far, far worse - someone who is trying to do business without claiming so, or claiming to do business in the wrong category. Sorry man, but everyone wants your data. They don't want to stare at your dick pics, but they absolutely want to know how many dick pics you have, how frequently to take them, who you send them to and what those dick pics reveal about your health, etc. If you don't understand that threat model, you're not ready to be a sysadmin in today's brave new world. 
- 
 @cakeis_not_alie said in Another Personal Storage Discussion: They don't want to stare at your dick pics, Speak for yourself. 
- 
 @cakeis_not_alie said in Another Personal Storage Discussion: - I (and my clients) run local workloads that generally work better if I work on local data. That whole bandwidth thing.
 The "no local" concept he is talking about is not about not having data "on premises" but not using end user gear like laptops as the storage device for that data. So using a NAS, for example, would fall under his "no local" here. 
- 
 @scottalanmiller Which I find equally insane. Unless you live in a hipster paradise and never, ever travel beyond the bounds of great wifi connected to awesome backhaul you're going to end up needing local storage to get real work done. Hell, I can't even shitpost on Twitter without the ability to access my picture and video archive, save things I find off the web, etc. And no, life in a browser doesn't cut it. Browsers have their own problems, not the least of which is that web services tend to be "change fast and break things" to the point of being polymorphic. I don't handle my computer not working the same as it did yesterday particularly well. It usually leads to rage. So, assuming I feel the need to use local applications for at least some things, that means needing either local storage or 100% rock solid connectivity to a NAS. Doable for a thin client type affair that's physically in a static location with known good connectivity to said NAS, but practically impossible for mobile use. 
- 
 @cakeis_not_alie said in Another Personal Storage Discussion: @IRJ Wrong. Your insurance company wants the analysis of your personal files quite badly. As do the credit agencies, banks, governments, border patrol...you name it! Pretty much every company or agency involved in risk assessment of individuals wants access to as much of your personal data as they can legally get. If they can't legally get it, they will settle for getting "grey market" analysis of data obtained illegally. (The law is still now in on just how illegal this is, or if it is.) You are kidding yourself if you think, for example, that the US border patrol doesn't want every single personal file of every single foreigner in the world to be fed through a gigantic Big Data engine so that they can determine if you're a risk. You could be a terrorist, a petty criminal or - far, far worse - someone who is trying to do business without claiming so, or claiming to do business in the wrong category. Sorry man, but everyone wants your data. They don't want to stare at your dick pics, but they absolutely want to know how many dick pics you have, how frequently to take them, who you send them to and what those dick pics reveal about your health, etc. If you don't understand that threat model, you're not ready to be a sysadmin in today's brave new world. I am a libertarian so by nature I am a conspiracy theorist and I agree that the US government wants access to your data. At the same time, if you think you can completely hide from the NSA, you are mistaken. I use VPN and TOR just like anyone else, but I am not foolish enough to believe I am 100% covering my tracks. The US government isn't going to rob you for money like your run of the mill hacker would. Run of the mill hackers that target personal accounts are looking for easy pickings. They aren't going to try to go out of their way to break any encryption when there is an infinite amount of low hanging fruit out there. 
- 
 @IRJ said in Another Personal Storage Discussion: @cakeis_not_alie said in Another Personal Storage Discussion: @IRJ Wrong. Your insurance company wants the analysis of your personal files quite badly. As do the credit agencies, banks, governments, border patrol...you name it! Pretty much every company or agency involved in risk assessment of individuals wants access to as much of your personal data as they can legally get. If they can't legally get it, they will settle for getting "grey market" analysis of data obtained illegally. (The law is still now in on just how illegal this is, or if it is.) You are kidding yourself if you think, for example, that the US border patrol doesn't want every single personal file of every single foreigner in the world to be fed through a gigantic Big Data engine so that they can determine if you're a risk. You could be a terrorist, a petty criminal or - far, far worse - someone who is trying to do business without claiming so, or claiming to do business in the wrong category. Sorry man, but everyone wants your data. They don't want to stare at your dick pics, but they absolutely want to know how many dick pics you have, how frequently to take them, who you send them to and what those dick pics reveal about your health, etc. If you don't understand that threat model, you're not ready to be a sysadmin in today's brave new world. I am a libertarian so by nature I am a conspiracy theorist and I agree that the US government wants access to your data. At the same time, if you think you can completely hide from the NSA, you are mistaken. I use VPN and TOR just like anyone else, but I am not foolish enough to believe I am 100% covering my tracks. The US government isn't going to rob you for money like your run of the mill hacker would. Run of the mill hackers that target personal accounts are looking for easy pickings. They aren't going to try to go out of their way to break any encryption when there is an infinite amount of low hanging fruit out there. Tor is super easy to track... NSA controls most of the exit nodes anyway.. 
- 
 @Jason said in Another Personal Storage Discussion: @IRJ said in Another Personal Storage Discussion: @cakeis_not_alie said in Another Personal Storage Discussion: @IRJ Wrong. Your insurance company wants the analysis of your personal files quite badly. As do the credit agencies, banks, governments, border patrol...you name it! Pretty much every company or agency involved in risk assessment of individuals wants access to as much of your personal data as they can legally get. If they can't legally get it, they will settle for getting "grey market" analysis of data obtained illegally. (The law is still now in on just how illegal this is, or if it is.) You are kidding yourself if you think, for example, that the US border patrol doesn't want every single personal file of every single foreigner in the world to be fed through a gigantic Big Data engine so that they can determine if you're a risk. You could be a terrorist, a petty criminal or - far, far worse - someone who is trying to do business without claiming so, or claiming to do business in the wrong category. Sorry man, but everyone wants your data. They don't want to stare at your dick pics, but they absolutely want to know how many dick pics you have, how frequently to take them, who you send them to and what those dick pics reveal about your health, etc. If you don't understand that threat model, you're not ready to be a sysadmin in today's brave new world. I am a libertarian so by nature I am a conspiracy theorist and I agree that the US government wants access to your data. At the same time, if you think you can completely hide from the NSA, you are mistaken. I use VPN and TOR just like anyone else, but I am not foolish enough to believe I am 100% covering my tracks. The US government isn't going to rob you for money like your run of the mill hacker would. Run of the mill hackers that target personal accounts are looking for easy pickings. They aren't going to try to go out of their way to break any encryption when there is an infinite amount of low hanging fruit out there. Tor is super easy to track... NSA controls most of the exit nodes anyway.. Like I said I am not foolish enough to believe I am anonymous. My goal is not going blocked by my ISP for certain things. 
- 
 @IRJ I'm not a conspiracy theorist. I'm advancing very real world concerns that are based on actual events. Maybe you don't care to build in mass surveillance into your threat models, but that doesn't mean it is irrational to do so. (Personally, I think you're a fool if you don't.) A lot more matters in life than the cash in your pocket or the numbers in your bank account. The border patrol thing is a great example. As a Canadian tech journo I need to periodically get into the US to do my job. If I am unable to do so because of data hoovered up by the US government, I've got a big problem. I can do absolutely nothing wrong and yet still have huge roadblocks put in my way because some algorithm interpreted data poorly, or because someone who knows someone I know did something wrong. That's simply the reality of how things work today. Can I keep the NSA out of my data if they are making a concerted effort to attack me personally? No. Targeted efforts by any state actor and 95% of non-state hacking groups would steamroller any defenses I (or any cloud/service provider) could mount. That's the cold, hard truth. Despite this, I can take some very simple efforts to remove myself from mass surveillance trawling. In reality, I am far more likely to be negatively affected by mass surveillance (and associated Big Data analysis) than I am a targeted attack. Targeted attacks are like meteor impacts: there isn't a heck of a lot you can do about them as an individual so you pretty much have to ignore them. (Disaster recovery is useful here, from an IT standpoint.) But mass surveillance is a very real, very tangible threat that impacts most if not all of us. And it is something we can do something about. So why not take the steps to protect yourself? 





