The Nasuni Cloud Storage Blog

Securing Data in the Cloud: Unique Customer Credentials

Last week we touched on some of the reasons we provide each Nasuni customer with unique cloud credentials. This is an important point, though, so we decided to spell out a few more details here.

The basic idea is simple: Our cloud partners provide access to a given account based on credentials. There are a few different ways we could have facilitated this process, but we determined that providing each of our customers with unique credentials delivers the best combination of security, convenience, and performance.

More on that below. First, though, let’s go through some of the other authentication options, and their drawbacks.

Bring Your Own Credentials

This would be secure, but inconvenient. Nasuni is your gateway to cloud storage. We are trying to make the whole process easier, including the administrative details. With Nasuni, you get one bill, pricing that’s leveled down to dollars per gigabyte, with no bandwidth or transmission charges, and one vendor to call when you have a problem.

Intermediary Authentication

Several cloud providers suggested that we perform the authentication ourselves. But this would have meant that every time your data moved to or from the cloud, it would have passed through Nasuni servers. This would have added latency to every request, hindering performance and reliability.

Shared Credentials

If all Nasuni customers shared a single set of credentials, a malicious customer could—hypothetically—hack his copy of the Filer, uncover those shared credentials, and gain access to other Nasuni accounts. This malicious agent would not be able to read or make sense of any of those files, due to the encryption, but there is a chance he could delete them. With unique credentials, this attack is not possible. Each Nasuni customer is completely independent.

Stretching the Network

In this case, the Filer would be hosted in the cloud, not at your site, so the credentials wouldn’t be locally available. This would be secure, but slow. Nasuni would not be able to deliver local-like NAS performance.

However, with unique credentials, no other Nasuni customer can access your data. We are removed from the data path, and your copy of the Filer talks to the cloud directly, so you do not have to worry about problems with our servers. This translates to greater reliability.

Since each customer is unique, there’s no deduplication of files across our user base—we guarantee that our customers and their data are independent entities. Finally, if you decide the Nasuni Filer isn’t for you, we allow you to take those unique credentials with you.

Providing each customer with unique credentials proved to be our best option. Given our emphasis on security and performance, it was the only option.

Rob Mason

Rob Mason has more than 20 years of operational, management and software development experience, all of it in storage. A meticulous builder and obsessive tester, with an eye for talented engineers, Rob produces rock-solid software, and, through his own example of hard work and ingenuity, inspires his teams to outdo themselves. His determination for thoroughness extends to financial and operational matters, and at Nasuni, he is a powerhouse behind the scenes, managing the company’s operations, in addition to its engineering team. As the VP of Engineering at Archivas from 2004 to acquisition, Rob oversaw all development and quality assurance. After the Hitachi acquisition, he continued in his role, as VP of HCAP Engineering, managing the integration of his team with Hitachi’s and supporting the rollout of HCAP. Before joining Archivas, he was a senior manager at storage giant EMC, where he was responsible for the API, support applications and partner development for EMC’s content-addressed storage product, Centera. In a previous stint at EMC, he was Manager and Principal Design Engineer for the elite Symmetrix Group, where he improved the speed and reliability of EMC’s flagship enterprise storage disk array. Between Centera and Symmetrix, Rob was the co-founder and VP of engineering at I/O Integrity, a storage-based startup developing a high-performance caching appliance. He has a bachelor of science from Rensselaer Polytechnic Institute and a master’s in business administration with honors from Rutgers University. Rob holds upwards of 30 patents.

What is Nasuni?

Sign Up For Email Updates

Meet the Bloggers

  • Andres Rodriguez
  • Anne Blanchard
  • Bill Fields
  • Chris Sledz
  • David Shaw
  • Dezie Okpoebo
  • Ed DeJesus
  • Fred Pinkett
  • Joe Gately
  • John Capello
  • Louis Abate
  • Tony Giannini
  • Warren Arnold
  • Zeljko Dodlek

Nasuni Buzz

  • @bgewehr
    All our sites use #gigabit fiber internet, now @Nasuni #hybrid #cloud #UniFS feels like working locally. Everywhere! 5 days ago
  • @bgewehr
    Hey @Nasuni you know what? We used a virtual #Nasuni filer to host a #nfs share on which #vmdk files for a bunch of #ESX hosts are stored! 2 weeks ago
  • @MTC_WW
    Ready to have 1 master copy of your data securely accessible from anywhere in the cloud? Thought so. Watch:… 4 weeks ago