The Nasuni Cloud Storage Blog

Securing Data in the Cloud: Unique Customer Credentials

Last week we touched on some of the reasons we provide each Nasuni customer with unique cloud credentials. This is an important point, though, so we decided to spell out a few more details here.

The basic idea is simple: Our cloud partners provide access to a given account based on credentials. There are a few different ways we could have facilitated this process, but we determined that providing each of our customers with unique credentials delivers the best combination of security, convenience, and performance.

More on that below. First, though, let’s go through some of the other authentication options, and their drawbacks.

Bring Your Own Credentials

This would be secure, but inconvenient. Nasuni is your gateway to cloud storage. We are trying to make the whole process easier, including the administrative details. With Nasuni, you get one bill, pricing that’s leveled down to dollars per gigabyte, with no bandwidth or transmission charges, and one vendor to call when you have a problem.

Intermediary Authentication

Several cloud providers suggested that we perform the authentication ourselves. But this would have meant that every time your data moved to or from the cloud, it would have passed through Nasuni servers. This would have added latency to every request, hindering performance and reliability.

Shared Credentials

If all Nasuni customers shared a single set of credentials, a malicious customer could—hypothetically—hack his copy of the Filer, uncover those shared credentials, and gain access to other Nasuni accounts. This malicious agent would not be able to read or make sense of any of those files, due to the encryption, but there is a chance he could delete them. With unique credentials, this attack is not possible. Each Nasuni customer is completely independent.

Stretching the Network

In this case, the Filer would be hosted in the cloud, not at your site, so the credentials wouldn’t be locally available. This would be secure, but slow. Nasuni would not be able to deliver local-like NAS performance.

However, with unique credentials, no other Nasuni customer can access your data. We are removed from the data path, and your copy of the Filer talks to the cloud directly, so you do not have to worry about problems with our servers. This translates to greater reliability.

Since each customer is unique, there’s no deduplication of files across our user base—we guarantee that our customers and their data are independent entities. Finally, if you decide the Nasuni Filer isn’t for you, we allow you to take those unique credentials with you.

Providing each customer with unique credentials proved to be our best option. Given our emphasis on security and performance, it was the only option.

Rob Mason

Rob Mason has more than 20 years of operational, management and software development experience, all of it in storage. A meticulous builder and obsessive tester, with an eye for talented engineers, Rob produces rock-solid software, and, through his own example of hard work and ingenuity, inspires his teams to outdo themselves. His determination for thoroughness extends to financial and operational matters, and at Nasuni, he is a powerhouse behind the scenes, managing the company’s operations, in addition to its engineering team. As the VP of Engineering at Archivas from 2004 to acquisition, Rob oversaw all development and quality assurance. After the Hitachi acquisition, he continued in his role, as VP of HCAP Engineering, managing the integration of his team with Hitachi’s and supporting the rollout of HCAP. Before joining Archivas, he was a senior manager at storage giant EMC, where he was responsible for the API, support applications and partner development for EMC’s content-addressed storage product, Centera. In a previous stint at EMC, he was Manager and Principal Design Engineer for the elite Symmetrix Group, where he improved the speed and reliability of EMC’s flagship enterprise storage disk array. Between Centera and Symmetrix, Rob was the co-founder and VP of engineering at I/O Integrity, a storage-based startup developing a high-performance caching appliance. He has a bachelor of science from Rensselaer Polytechnic Institute and a master’s in business administration with honors from Rutgers University. Rob holds upwards of 30 patents.

What is Nasuni?

Meet the Bloggers

  • Andres Rodriguez
  • David Shaw
  • Ed DeJesus
  • Fred Pinkett
  • John Gniadek
  • John Capello
  • Louis Abate
  • Rob Mason
  • Warren Arnold

Nasuni Buzz

  • @storagecz
    The Data Deluge [infographic by @Nasuni]: http://t.co/3v0iCUXcy0 5 days ago
  • @SaschaF80
    http://t.co/hlHK5rmryI Nasuni "Microsoft wurde das zweite Jahr in Folge als führender Clouddienstanbieter bei Speicher in Cloud eingestuft. 1 week ago
  • @The__Estella
    https://t.co/yjyDvpDfta Nice Infographics Comparison of cloud storage by Nasuni #Azure is proving to be ultimate… https://t.co/yjyDvpDfta 1 week ago