I am a new user so I don’t know if I will be able to answer if you ask me questions… we’ll see.
I am an IT manager in a company, and I have a lot of computer equipment at my disposal. I would like to use Storj to archive data.
I know that the genesis of Storj is not to be deployed in a private and closed network, but I have sensitive data that cannot leave my network.
I have already gone through several posts where it is explained that it does not work in this sense like this one
I have tested the “Storj V3 Test Network” project which proves to me that it is possible to deploy the Storj solution in a closed network.
So, I would like to know if someone could help me to deploy the following scheme on my infrastructure.
Of course, I will share the results and my progress.
Hello. Could you elaborate a bit further on this? I always try to understand the (potential) customer side to get a grip who could benefit from becoming a Storj customer, but also who would not?
I would be especially interested if missing certification of compliance (for example Wasabi compliance like HIPAA, CJIS, FERPA, GDPR or MPA) are a reason in your case.
And I also would be interested to hear (and understand) why Storj encryption does not help in your case or even if you encrypt data yourself before uploading it, is not an option?
That would be really helpful to learn.
Often, when you make data storage agreements with customers, you have outlined that the data will not leave your data center/servers. If you go back and try to renegotiate with them in order to move things to “the cloud” it can become tricky because that often invites them to look at your competition to determine if they want to stay with you or go to them if they have what they want. It is often better to not push a customer into a new agreement, but rather wait for the customer to ask for certain features and then provide them where possible.
You really don’t want to get into a situation where your customer is happy with your service and then you are calling them telling them you want to change the nature of how their data is stored, and start to explain encryption and distributed storage to people who are not that tech savy. Maybe new customers, ok, but not existing ones. In addition, there are challenges with audit documentation that needs to be filled out to determine a data center’s security. Since these documents have not been written to include the distributed storage model, a customer would need a lot of exceptions and variants to get approved. When dealing with competitors, you want as few bumps in the road as possible.
New customers, on the other hand, might be more apt to be sold on the new model. But even now, it’s difficult to get companies to have copies of their data off-site. That has been changing as the cloud becomes more well known. But many companies still prefer to control their own data.
The problem with my sensitive data is that I am in France and I have health data. In our legislation we are not allowed to take out health data.
Moreover, it seems complicated (if not impossible) to convince my management to use a cloud solution.
In my sector of activity, people find it difficult to open up to the cloud.
Concerning the encryption solution, it’s obvious that I can’t do without it to avoid that these data can be read by another user and that’s why Storj is interesting because everything is integrated.
Hello again and “Vive la France” !
We are practically neighbors as I am from Germany.
In Germany we also tend to be rather skeptical to move data to the cloud. Even more if it is personal data like health data etc. and there is always the GDPR that has to complied to.
I just googled a bit about the situation in France and found an interesting read that there were plans to build a National Health Data Hub hosted on Microsoft Azure but France data regulator CNIL has recommended to avoid American companies totally due to European Court ruling that the EU-US Data Protection Shield is invalid?
And therefore now that Hub will resp. has to be build with national or at least European providers. I wasn’t really aware of that courts decision and potential consequences but it is interesting.
On the other hand Storj is an American company but all data is encrypted before upload and only the users are holding the keys to the data. So normally the Storj storage model would be a natural fit for customers who want or need privacy. And users with additional privacy demands could always pre-encrypt data before upload for additional security.
Unfortunately Storj does not support node selection by regions, which would be a great help in GDPR related matters, if customer would be able to choose the region where their data is allowed to be stored, But maybe this will be implemented if there is demand for it by customers:
Storj DCS compliance with GDPR and others have been asked many times in the past. Just recently again and has been answered as follows:
In those privacy regards, maybe also the recent Storj DCS Webinar gives you some additional information:
Well thanks for your insights. I would like to bring those privacy/GDPR/compliance related skepticism to the attention of @John (COO) once more but also to marketing/product (@bre , @sorendanielson) and @keleffew (business development) who might have further facts or ideas how your management could be get interested into the Storj DCS approach of decentralized storage rather than building their own solution.
@Rossignol, your use case is interesting and valid. As @Knowledge mentioned, we haven’t focused on it as a business offering, but from a technology point of view, it should be possible with the project’s current state.
As you will control all entities in the network (satellite, storage nodes, and users), your use case is significantly simpler than the untrusted environment we have with Storj DCS. You wouldn’t need to deal with crypto as no payouts to storage nodes would happen. You can also select a more optimal erasure coding scheme with a smaller expansion factor, as it will be less likely for a storage node to leave the network unexpectedly.
You’ve already successfully run “Storj V3 Test Network”. As a next step, I recommend building on top of it. For example, try setting up one or more storage nodes manually and connecting them to the Test Network. Then do the same with manually installed satellite. This would be a good learning experience on how to set up things.
Keep us posted on how you are doing. I will try to assist.
@jammerdan, hello, thank you for your sympathy and for clarifying the regulations on our continent.
@kaloyan, hello and thank you very much for your answer which gives me hope that what I imagine is possible.
I am finalizing my tests with Glusterfs which are quite interesting and give very good results for a first step towards distributed storage but I will restart my tests with Storj.
@kaloyan, I will need your help for the next steps because I can see how to add nodes and connect them to “Storj V3 Test Network” but concerning the installation of a satellite and its configuration I confess that for the moment I have not found anything.
See you soon for new advances and thank you again for your answers.