0

In terms of maintaining Confidentiality, Integrity, and Availability, what are the risks and benefits associated with setting up a personal cloud storage device on your home network versus using a file sharing service (Dropbox, for example).

If one has a lot of files (in the hundreds of GBs) in would seem more economical to have a personal drive attached to your home network, which you could still route to over the internet and access just as you would a file sharing service.

It's obvious that file sharing services wins in terms of availability, what what about confidentiality and integrity?

The question basically boils down to: Is my privacy and my data more or less secure by using a 3rd party file storage solution, or my own hardware/security mechanisms for cloud storage?

Improve this question
1
  • 1
    Lutefisk, I'd take a look at that duplicate question since it answers the question of confidentiality. But it's not too informative on integrity. Maybe someone on the site has an answer to that part of your question.
    – Ohnana
    Commented Feb 11, 2016 at 16:09

2 Answers 2

Reset to default
1

Confidentiality

Encryption and key management should happen outside of the cloud service.

Availability

If your master keys are well controlled, keeping a copy of the subkeys encrypted in the cloud provider could be reasonable. Tools like Vault can automate this with certain backends. Cloud services are going to be more available for less cost than home-grown solutions.

Integrity

HMAC ensures that files are unaltered.

If one has a lot of files (in the hundreds of GBs) in would seem more economical to have a personal drive attached to your home network, which you could still route to over the internet and access just as you would a file sharing service.

Until you make considerations for disk failure, location failure (internet outage), or localized disaster (your neighbor's apartment burns down, there's an ice storm and power is out for a week, etc.). The capital cost of the drive is worth some time of cloud provisioning. If you're accessing large amounts of those files, sufficiently powerful networking will also factor into cost.

Improve this answer
1

A lot depends on how good you setup and secure you personal cloud storage. The risk you have when running one on your home-network is that potential malware could more easily spread to your storage. And your storage could cause vulnerabilities to attack your home-network. However, if you secure it well, or even ran it on a separate network these problems can be fixed.

When talking about integrity and confidentiality, home-network will win for sure. You shouldn't be trusting big companies with sensitive/personal data. There are services offering a secure and privacy-respecting cloud-storage, but yet, your own files hosted on your own device is of course better. If you're able to secure that device against others.

Another thing you could (should) do, is encrypting your files before uploading them to the cloud. Yet, would you give your most precious possession to a company, even when you've putted it in a 'safe'? Ain't it sometimes better to keep the safe at home? Otherwise the company could still be trying to crack your safe without you knowing.

And indeed, when you want to host loads of files your own cloud storage can be more economical depending on electricity costs etc.

Reliability? Depends. Those official services can offer up-time insurances you cannot. On the other hand, when your network is down you could eventually dial home and ask the person there what's wrong and instruct him to fix the problem. Google won't appreciate it when you dial them to give instructions.

tl;dr: I'd go for a home-based personal storage. But rather on a separated network and well secured.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .