Want to pick up the right cloud storage for your business?

07 May 2023

Risk management consulting provider Leviathan Security Group has released a whitepaper discussing the issues in choosing local and cloud storage, as well as potential vulnerabilities and risks.

The paper on the value of cloud security, and vulnerabilities in storage, assumes three scenarios, based on small, medium and large businesses, and outlines solutions based on their business needs:

• For a small consultancy scenario, the nature of their work means they are unlikely to connect back to the office during the work day, although many will synchronise files from home using an in-house VPN service when they return. The storage space they require for 50 employees is 15TB. Leviathan notes the Dell PowerVault NX400 would be ideal as a storage server, with Windows 2012 R2 as an operating system, backup needs met by a Drobo 5D system, and Symantec Endpoint Protection leverage for protection against malware. Total three year cost for local storage is $48,000, while cloud is $60,000.
• A mid sized regional corporation, which would require around 150TB of storage accessible from the internal LAN as well as for VPN users, would be ideally suited for a Storinator Redundant NAS as a storage server, powered by an Intel Dual-core i3-3240 and 90 Seagate 4TB disks, and a Dell PowerEdge R520 Server as backup with Windows 2012 R2 as OS and 83 LTO-6 backup tapes. Malware protection would be handled by another Dell PowerEdge server, alongside Symantec Endpoint Protection.
• For a big corporation, 750TB of storage space would be necessary, with 24/7 support requirements and a four hour replacement part guarantee. For this, Leviathan recommends a Petarack High Availability SAN as a storage area network, with two Intel Xeon E5 Sandy-Bridge Processors. Backup solution would be a Tandberg Data T160+ Tape Library, consisting of a Dell PowerEdge R720xd server, Windows 2012 R2, and 2013 LTO-6 backup tapes. A single Symantec console managing Symantec Endpoint Protection, installed and run on a Dell PowerEdge R725xd, would be more than enough to handle malware.

It’s worth noting here that the researchers are not advocating any of these vendors, just that these vendors were able to provide the best fit for pricing. “As is commonly the case in real-world purchasing, the vendor that was able to provide the most accurate and timely pricing for a solution that met our needs was selected,” they explain.

The report also assesses the different types of vulnerabilities in these kinds of solutions. tVulnerabilites highlighted include process failure, malicious insiders, and hardware and software failure among others. Cloud-specific threats include a lack of monitoring and audit capabilities and problems with internet connectivity, while local storage threats include a loss of local knowledge, natural disasters, equipment scarcity and geographical restrictions.

The overall aim from the report is to show how capricious choosing a cloud storage solution is. “A simple price calculation – even one that contains significant detail and technical depth – cannot be the deciding factor for organisations with significant storage needs,” the report notes.

“An organisation should consider its predicted rate of expansion, its technical requirements, its appetite for capital outlay, its ability to establish a long-term supply chain, and its ability to recruit adequate technical and security personnel as criteria equal to or more significant than price.”