After ranting recently about the choices we make to give "big data" companies access to our private information in ways that might be abused or exploited by government eavesdroppers, I thought it would be worth sharing some of the options I've found for using "the cloud" while also retaining a reasonable level of control over access to the data stored there.
This post has information about tools and software you can deploy yourself to approximate some of the functionality that third party services might provide, but that might also make you vulnerable to privacy and security vulnerabilities. It's based on my experiences designing and implementing solutions for my own company, so it's mostly applicable to the interests of businesses and organizations, but may also be useful for personal projects.
A few important disclaimers: any time you make your personal or corporate data available on Internet-connected devices, you're creating a potential privacy and security vulnerability; if you need to keep something truly protected from unauthorized access, think hard first about whether it belongs online at all. Also, the tools and services I'm listing here are harder to setup and configure than just signing up for one of the more well-known third party services, and may require ongoing maintenance and updates that take time and specialized knowledge. In some cases, it requires advanced technical skills to deploy these tools at all, which is the reason most people don't or can't go this route. Hosting and maintaining your own tools can often have a higher initial and/or ongoing cost, depending on what financial value you assign to data privacy. Sometimes the privacy and security tradeoffs that come with using a third-party service are well worth it.
Still interested in options for using the cloud without giving up control over your data? Read on.
Email and Calendar Sharing
- Standard cloud tools: Gmail and Google Calendar, Yahoo mail, Outlook.com
- Suggested DIY option: Zimbra Collaboration Server Open Source Edition
Need a powerful, free email account? Need robust calendar management and sharing capabilities? Everybody uses Gmail and Google Calendar, so just sign up for an account there, right? Unless you don't want Google having access to all of your email communications and usage patterns, and potentially sharing that information with advertisers, government agencies or other entities.
As an alternative, consider deploying the Zimbra Collaboration Server. It's a full suite of email and calendar management tools, including email that you can access over the web or via desktop and mobile clients, calendar sharing that includes multiple calendar layers that can be shared with others, contact management and sharing (including syncing with software like Apple's address book apps on OS X and iOS), and lots of other tools. It has a relatively simple installation process but requires some server/system administration knowledge, and can be scaled to handle a handful of users or thousands of users. The Open Source Edition is free, and if you need commercial support, there are other editions to choose from. There are regular security and feature updates that keep these tools current with best practices.
We use Zimbra at my company and it means that I get a seamless experience with accessing and managing my email and calendars across all of my devices wherever I am. We host it on a server that we control, and so no third-party company needs access to the contents of my mail messages or appointments. There are plenty of Google features and integrations that may make Gmail and Google Calendar cooler to use, but Zimbra largely does everything we need it to for our business purposes.
Dropbox is an amazing, well designed and easy-to-use cloud file sharing service, and I use it all the time. But when it comes to storing and managing sensitive internal documents and company information that was largely accessed by the same group of people on the same network, it didn't make sense to hand over all of that data to a third-party company if an acceptable internally hosted solution existed.
We found what we were looking for in Owncloud, which we installed on our own internal server that we control. Owncloud offers a lot of the same features of Dropbox, including uploading, managing and accessing files and folders across multiple devices (including a Mac desktop client and an iOS app), sharing individual folders and files with other users (with the option to give write access), file versioning and "undelete," basic collaborative editing of text documents, image gallery views and multi-media inline players, and much more. Owncloud can also integrate with external storage options like Amazon S3 and Samba servers, and it will even let you hook up a Dropbox share within its folder structure.
Owncloud is not as polished as Dropbox and we've encountered a number of bugs and non-intuitive user interface issues along the way, but they release new versions regularly and each one seems to bring great sets of improvements. The installation process is as simple as setting up other content management systems like WordPress, and although some of the administrative configuration options require some close reading of the documentation, the default settings are usually fine.
Using Owncloud for sensitive internal data means that we don't have to store our files with a third-party company like Dropbox if we don't want to.
Shared Documentation and Knowledgebase
- Standard cloud tools: Google Drive, Google Apps, Microsoft Sharepoint
- Suggested DIY option: MediaWiki
If you're trying to capture institutional and organizational knowledge into a centrally available set of documents, you could use any of the myriad intranet-management services out there, but most all of them mean that the companies running them can capture that knowledge too.
To have powerful internal collaborative documentation and knowledgebase features while retaining control over our data, we use MediaWiki, the wiki software that powers the Wikipedia online encyclopedia. It allows anyone on our staff to create and improve documents about company processes and procedures, guidelines and best practices. It has powerful versioning that lets us see who made what changes and roll back those changes if need be. With templates, easy inter-document linking and a lot of community-created functionality extensions, it's a great tool for building and storing our collective knowledge. We run it on a server that we control, and so we don't have to worry about third party companies having direct access to our internal and potentially sensitive information.
MediaWiki requires some technical savvy to install and configure initially, but is largely self-maintaining once you get it setup, and the wiki language that users need to know to format documents is relatively standard and straightforward.
There are lots of great online chat tools and services out there that have neat integration with other business processes. Using most any of them mean that each message you send through them is routed to a system controlled by a third-party company.
We use an internally hosted IRC server, running the IRCD-hybrid software. It allows us to have group chat rooms along with direct one-to-one chat. There are IRC client software tools for every system out there, including mobile devices. We can also use IRC "bots" to integrate with other internal services (e.g. our system status monitoring tool puts an alert in one of our chat rooms when there's a problem with a server we maintain). And the best part is that our conversations stay private to our company network instead of being potentially available to a third-party company.
For user support and issue tracking, a lot of people use cloud tools like GetSatisfaction or Zendesk. We use Request Tracker. It's not as pretty and doesn't have a lot of the social/user community features.
Those are some of the tools we're using to get the benefits of the cloud without some of the data privacy and control concerns that usually go with it.
What software, tools and services are you using, and how do you balance the issues of maintaining data control with providing convenience and modern features?