Offsite storage server - encrypt the data?

MrGuvernment

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
21,815
I am setting up an offsite storage server for work at my home which will sync a few times a day to grab data and i wanted to ask about options for encryption or if i should worry about it

i am going to be initially dumping about 1-1.5T worth of data, with then maybe a couple of gigs a day added of new stuff.

i am going to use server 2008 r2 as i am also doing a read only DC/AD for this system to give me and offsite controller just incase also.

I was thinking encryption for one more level of safety just incase something happened to the server, like theft or something but not sure what could reliably handle that much data ? System is only a dual core e7500 with 8G of ram, i have 2x500G SATA in raid 1 for the OS and 4 x 1T drives in raid 6 with 2 more coming.
 
I would think bandwidth would be the limiting factor, not encryption engine speed.
 
/usr/home said:
How are you backing up this data? Via ftp, ipsec, vpn, etc.
Click to expand...

Bingo. You not only have to think about security of the data at rest (which Bitlocker would be great at) but also when the data is traveling over the network/internet. You will want to think about how you are going to get the data off-site. If you are using some sort of backup software then sometimes there are encryption options but if you are just doing file transfers then you will want some sort of tunnel or VPN.
 
Bitlocker may work well, but don't use it if you'll have individual file sizes above ~2 GB.

Another alternative to consider are the full drive encryption (FDE) hard drives -- plus an interface card, in case your mobo doesn't support FDE authentication prompt or pass-through.
 
nitrobass24 said:
TrueCrypt
Click to expand...

Would work, but I could never get incremental updates working with a truecrypt volume. If I added/changed one file, I would have to copy over the entire volume, which would suck at 3GB+ container over internet connection.

This is assuming he is talking about working on locally encrypted container and backing it up to offsite. Would work better as a remote container with a secure channel to copy data to it.
 
i have a 4Mb line will be pulling down on (work is a 50/50 fiber), can upgrade to a 6Mb if required (fastest i can get in the area), the initial load of the data will be brought over on harddrive and copied to the storage system, to which i was then going to connect over VPN link to the office and use something simple at first to see how things work like Robocopy on a scheduled task, and if that works smooth then look to upgrade the system as i only have a desktop board with the e7500 and 4 x 1TB drive so i would want something a little more stable but wanted to make sure this could work well before spending money on anything better.

checking my logs for my server copies here that i do every night i am avg about 2-3Gig's of new data a day from employee's being backed up so allowing that to be grabbed after the system runs in the office it should be downloaded before lunch time offsite. Most of the files are small documents and work related images, nothing massive for %99 of things why i though encrypt the files once downloaded so that the system i use can do an incremental backup and not re-download everything ever day, only whats changed.

I am open of course to all suggestions!
 
Have you considered just using a cloud storage service like Amazon S3? It would only cost a couple hundred bucks a month for that amount of data.
 
Yeah but HOW are you going to copy the data over the internet? FTP, VPN, IPSEC, PPTP, etc?
 
Techmasta said:
Have you considered just using a cloud storage service like Amazon S3? It would only cost a couple hundred bucks a month for that amount of data.
Click to expand...

Because of the industry we are in, we don't trust hosting data with in the U.S with a U.S company, also, why pay someone else when we can do it ourselves, always fun to do new things!

/usr/home said:
Yeah but HOW are you going to copy the data over the internet? FTP, VPN, IPSEC, PPTP, etc?
Click to expand...

over a VPN connection to link to the work network, and then i was going to test for now using robocopy on a scheduled task to see the resource usage on it, how long it takes, will the conection stay stable enough to do it or not.
 
MrGuvernment said:
Because of the industry we are in, we don't trust hosting data with in the U.S with a U.S company, also, why pay someone else when we can do it ourselves, always fun to do new things!
Click to expand...

Host the data in Russia or China. Problem solved. :cool:
 
I would suggest looking into a couple offsite storage applications that are built to do exactly what you are looking to do from what it sounds like.

NovaStor NovaBACKUP xSP (disclaimer I work for this company)
Ahsay
Vembu
Asigra
Remote Backup Systems
I even think Acronis might be doing something like this now.
 
/usr/home said:
Host the data in Russia or China. Problem solved. :cool:
Click to expand...

ahah, until the provider steals our data or we get hacked to crap :D

AceXsmurF said:
I would suggest looking into a couple offsite storage applications that are built to do exactly what you are looking to do from what it sounds like.

NovaStor NovaBACKUP xSP (disclaimer I work for this company)
Ahsay
Vembu
Asigra
Remote Backup Systems
I even think Acronis might be doing something like this now.
Click to expand...

Appreciated, checking each one of them out!

Techmasta said:
Are you and your company located in the US?
Click to expand...

Nope, Central America.
 
good info to know :)

i do get the paranoia of can they be trusted since i assume they operate under U.S law?
 
You must log in or register to reply here.
Back
Top