Online Storage 2.0: Six Sites Reviewed

mikemuch writes "Services like box.net, openomy, and eSnips are more than just places to access your files from the web. Some include media organization tools, Windows shell integration, drag-and-drop uploading, tagging, and social content sharing. ExtremeTech has a review up of six online storage services with Web 2.0 twists."

Store your YouTube videos here!

[jusDfaqs]

Well at least I have the nes advertising slogan worked out......

I surprised they didn't include XDrive.

[IANAAC]

They give you 5 Gig free. It's owned by AOL, but there don't seem to be any realy limitations placed on the user.

Re:

[uradu]

Agree. The only problem I have with XDrive is their totally retarded sign-up mechanism: they require you to register an AOL "screen name", and that system seems to be at least intermittently broken. I've tried to sign up a friend several times using both FF and IE and never received an actual screen name, but it did register his email address each time and did not let me use it again the next time, so I always had to use a different email address, and still no screen name to this day.

Re:

[kilbo]

Especially since they complain in the summary about a lack of OS integration which is where XDrive does a really good job and includes 5GB to boot

Re:

[MsGeek]

I could use an XDrive backup client for Mac OS X. Sure, the Java/Javascript setup XDrive uses works not just on Mac OS X with Firefox and the Apple JVM, but also in Linux with Sun's JVM. However a client and OS integration could be nice. Especially when it's considered that .MAC gives you less storage space and you also have to pay $99/year for it.

Re:

[Anonymous Coward]

I'm a developer at Xdrive, we develop the freaking service on MacBook Pro's, but we can't get an OS X client into the feature list. With Apple poised to make major gains against Microsoft re: Vista, I'm floored that we don't consider an OS X client a strategic feature.

Please, please, bitch and moan about it. Louder. Your voices count for more than mine.

Grrr... I was going to provide a link to the community forums website (from http://www.xdrive.com/support [xdrive.com]), but that's broken at the moment. Give it a d

I couldn't get XDrive to work for remote XP user

[walterbyrd]

xdrive seems to think there's a firewall installed, but there isn't. At least not one that I could find.

Re:

[popo]

Especially since XDrive has been around since 1997, was one of the original web 1.0
storage pioneers and features excellent OS integration (becoming drive X: on your machine).
It's also both the slickest and most reliable.

And it gives you 5x the storage of the new players.

What these newcomers offer that XDrive doesn't isn't at all clear.

Re:

[jp10558]

Well, mediamax gives you 25GB. But their OS integration is somewhat lacking.

Links people links...

[rovingeyes]

Now isn't this link much better? [extremetech.com]. Why is it so difficult to submit these links instead? Sigh...

Re:

[lessthanjakejohn]

Well, if someone doesn't read the entire article (which most I assume will not) then it could save bandwidth and reduce the effect of a slashdot on an incapable site.

Re:Links people links...

[LMacG]

Since it's almost a certainty that the author of the piece submitted the article --cf. "mikemuch writes", "Six Free Online Storage Services - By Michael W. Muchmore" -- one might imagine the point was to gain page hits and ad impressions.

Re:

[xiong.chiamiov]

Also the fact that the name mikemuch is a link to extremetech...

Re:

[Fifty Points]

Maybe because without an internal referral URL, your link just redirects to the same thing, hmmm?

Re:

[Jainith]

Or just skip right to the final page [extremetech.com]...

Personally...

[rainman_bc]

I just use a program called Unison and sync up my photos and home videos to an NFS share on another box on my lan, but the idea of off site storage has always appealed to me...

I wonder what kind of solutions that support Linux users are out there... Just talking about a way for a user like me to do an off site backup without having to burn a dvd and take it off site to a safety deposit box...

Or you could get a hosting account...

[Paulrothrock]

I've got 224 GB of storage space and 2.6 TB of monthly bandwidth, along with an image gallery, blog, SSH and FTP access, and email with spam filtering for $9.99/month + $10/year for the domain name.

Absolutely.

[benevixit]

For those willing to forgo drag-and-drop interfaces, the shared hosting account is a much better storage deal for the buck. The better companies will provide in excess of 100GB for $5-8 per month with regular off-site backups. Oh, and you get web hosting too.

In contrast, the consumer market companies in the article generally charge the same amount for an order of magnitude less storage. Maybe there's less competition for consumer storage, or higher marketing costs? Regardless, the discrepancy looks l

Re:Absolutely.

[adamfranco]

For those willing to forgo drag-and-drop interfaces, the shared hosting account is a much better storage deal for the buck. The better companies will provide in excess of 100GB for $5-8 per month with regular off-site backups. Oh, and you get web hosting too.

No need to forgo drag-and-drop. I use Apache-WebDAV over SSL for off-desktop storage. OS X allows you to connect to a WebDAV share just like you would a samba share, and at that point all applications just think it is another drive. There are also a number of dedicated WebDAV clients that can handle all of the file management and permission-setting.

Granted, getting this set up the first time was quite a pain and you also have to do the work maintaining your own server. Once up and running though, it works like a charm.

Re:

[jp10558]

Well, Mediamax certainly provides somewhere near that though I don't know about the transfer - that might be better with a hosting account. That is, for $10 a month you get 250GB storage and 25GB transfer, plus they support hotlinking to your hosted files and I've seen people host websites right off of there. Of course, what makes mediamax so interesting is the ease of sharing files with other users so you're not paying for everyone's transfer unless you want to.

Of course, if the above 2.6TB transfer is rea

Re:

[0100010001010011]

Agreed.

I get:
225.3 GB plus an additional 1GB every week.
2671 GB plus an additional 16GB every week.

In addition I have a home server.

3 times a day my laptop rsyncs everything irreplaceable to the server.
2 times a day the server rsyncs things to other hard drives internally.
1 time a day the server rsyncs everything to my host.

My laptop could be run over tomorrow and I'd only lose maybe a few photos at most. My house could burn down tomorrow and everything I really care about (Family Pictures, College Picture

Re:

[Paulrothrock]

Another Dreamhost customer, I see. The great thing about them is that they've got a great backup policy. You should check out the wiki article [dreamhost.com]

I've been meaning to write the scripts that'll handle all that stuff for me, but haven't really had the time. I've taken to autosyncing my irreplaceables to my iPod whenever it's connected and keeping financial documents in encrypted disk images.

What I really would like is the ability to mount FTP sites as writeable on my Mac. Rsyncing is fine for backing up, but th

Re:

[LordNimon]

Use WebDAV. You can mount a WebDAV server like any other remote file system, and copy files to/from it with ease. If you put your WebDAV directory under your web site's root folder, you can also access the contents via http.

Re:

[0100010001010011]

NO.

SFTP or Rsync. FTP is plain text. Even then, you're not out of the water. Everything will be plain text on dreamhost's servers incase your account gets hacked.

See my other post under the great-grandparent. I don't know if linux or windows have anything equivalent to encrypted disk images, but store important stuff like that encrypted.

Windows has an rsync port, but I've never used it, nor have I ever used automatic scheduling on windows. For linux you might be able to hash together a script to tar.bz2 the

here's my method

[way2trivial]

a combination of webdrive http://www.webdrive.com/ [webdrive.com]
(to mount dreamhost like a drive letter)
and vice versa pro http://www.tgrmn.com/ [tgrmn.com]

vvp encryption on the dreamhost side only...

works VERY well with one exception, webdrive uses 100% of my uplink, 100-120 kb/s not option to throttle it down.
my temp workaround is that I have VVP set to a max of 30kb/s which means it's slower than the uploads, it releases my bandwidth time to slices of 1/3 available time.

I really need a way to throttle webdrive on it's own.

Re:

[0100010001010011]

Yes and No.

E-mails, Photos, Writings are saved unencrypted. I'm sure if I ran for president some of the drunken photos could be incriminating, but I'm not to concerned about those.

Taxes, Finances, other important stuff is saved on an encrypted compressed disk image. Sure there is a bit of overhead because if anything changes the whole disk image has to change.

I forget how many bits it is, but I think I set it to the max that Disk Utility.app allowed me to.

I also don't have the password stored in key chain,

Re:

[gbjbaanb]

Go to Webhostingtalk.com and search their forums, you will find many (no, Many) hosting providers and a ton of comments about them all.

If you want cheap and cheerful go for the hugely large providers like 1&1 or fasthosts. They may lack customer service, but you're not going there for that after all.

Re:

[0100010001010011]

I have dreamhost. What I get for the money is awesome.

Now they are down occasionally. I'm not talking a few hours a week or anything major. But from time to time my host times out. Sometimes it'll be up in a minute (and makes me wonder if it's even on my end). Sometimes I submit a ticket and it turns out to be a burned out NIC or something. I just use it as offsite backup and hosting for some pictures and personal stuff. I wouldn't put anything mission critical on there but they do their job.

They did rework

Re:

[0100010001010011]

Dreamhost.

I even use aliases and hosts to make my life simpler.
alias send="rsync -a -z -e ssh --partial --progress --stats"

So I have document X.jpg I want to send to my dreamhost.

send X.jpg dh:

It comes in great handy when moving files quickly.

Streamload/Mediamax

[RogueyWon]

Mediamax used to be rather good (very good, in fact) back when it was still called streamload. Unfortunately, last year, they went through a big upgrading and rebranding exercise in August that has virtually destroyed its functionality and reliability.

The old, usable interface was replaced by a hideous, slow nightmare that, frankly, didn't even look as good as the old version. Files now routinely vanish while being moved between folders, or fail to show up at all after being uploaded. The interface for hosting files for non-members to access has been crippled and passwords or IP restrictions set on such public-hosted folders frequently disappear and reset themselves. Many files uploaded before the conversion to Mediamax have vanished, or remain visible but inaccessible.

For a month or so after the "upgrade", the support staff seemed to be genuinely trying to fix things. After that, all of the customer interface points were effectively shut down and the company went into full-on spin mode. I can only come to the conclusion that the new back-end for the service is effectively unworkable, but that for whatever reason, either management or the line (or both) cannot admit this and roll back to the old technology.

I'm on the verge of backing up all my stored content to DVD until I can find another store for it and cancelling my account. I know others will be having similar thoughts. The entire thing seems to be an object lesson into how to run a successful service into the ground.

A similar experience

[postbigbang]

MediaMax has below average Mac support, and gets easily confused with batch transfers. Box can do these, at least, but has weak to poor Safari/Gecko support.

And none of these has a cool API where one can just write a stream to. It all involves lots of miscellaneous, semi-intuitive file manipulations. All of them should have a method that requires file encryption, unless a file's going to be published freely as none of them USES STRONG PASSWORD ENFORCEMENT. This stuff is rife for a dictionary-attach-afternoo

Re:

[jp10558]

I'm also quite disappointed with the results of moving from Streamload to MediaMax. That said, I haven't lost any files. But the interface is unuseable in Opera now (when it worked fine before) and extremely painfully slow in IE. If any of the other services offer easy sharing and decent space for a decent price I might well switch. But I've yet to see anyone duplicate what SL has for sharing.

That said, I was going to use them for backup, but their beta app is really beta, crashing every time I close the UI

Online Storage == Awful Idea

[jeevesbond]

Putting sensitive documents in online storage, on computers not under the document owners control is stupid. The fact these services are met with some success is deeply worrying, why are people not aware it's a bad idea to put so much personal data in the hands of an anonymous corporation?

But then, I remember MySpace exists... *sigh*

Re:

[Stewie241]

In its current form, there are a lot of shortcomings.

But if one were able to build a client that did on the fly encryption/decryption when uploading and downloading, then you could make it much safer. Of course, you would still not put the most sensitive of sensitive documents there (i.e. don't put your password database there), encrypted or not.

Re:

[jcnnghm]

I offer an online storage system to my clients that does just that. I have a SAN with over 5TB free, so offering a few hundred GBs of storage out is no big deal. All files are encrypted on their end before transmission, and we never get the key.

Even with the source code, I was unable to recover (rightly so) any data for a client that had lost their key. I now offer clients the option of storing the key encrypted on our systems, and then copying their private key onto a usb key for them to keep, in case t

Re:

[hey]

Yeah, but most people's documents aren't that sensitive.
Let say you want to archive your digital photos.
For average computer users, I'd recommend this kind of thing.

Re:

[rainman_bc]

Let say you want to archive your digital photos.

As a parent I take photos of my baby daughter in the tub having a bath (no bottom shots or anything) because I think it's cute. I don't take pictures of her naked because I'm a perv, I take it because bath time is so damned cute. I wonder if that can get into the wrong hands if I upload to one of these companies.

That'd really kinda suck, and might even land me in trouble if the wrong person were to read something bad into that that really shouldn't be read.

Re:

[Blakey Rat]

So don't use it if you don't like it. What's the point of commenting on a topic you're not interested in just to say that it sucks?

Re:

[jeevesbond]

What's the point of commenting on a topic you're not interested in just to say that it sucks?

I never said I wasn't interested.

ssh rsync?

[Kludge]

Does anyone know of a service that will allow me to rsync across ssh to an encrypted partition?
That would be useful.

Re:

[gbjbaanb]

not quite (well, not unless you get yourself a hosting account with ssh access and run rsync yourself), but there is mozy.com which is very similar (if you do go mozy, please use my referral link [mozy.com]). It's a backup service really but it sends changes over the net periodically, and has a web interface to restore files. Everything is encrypted and you can specify your own key.

If you do go the rsync-yourself route, try BackupPC [sourceforge.net] which is a web frontend to a rsync server, you can get your files from it over the web

Re:ssh rsync?

[VE3MTM]

How about http://www.rsync.net/ [rsync.net]?

I have no affiliation with them, and I've never used their service, but it sounds like what you asked for.

Dude!

[Kludge]

Thanks.
I would mod you up if I could.

Re:

[bigberk]

rsync.net is a fantastic service. I use them for my home and business backups, it is (as implied) ideal for using rsync but the drives also map. With the open source developer discount I pay around $5 a month for 5 GB of space. Reliable service and expertly maintained, highly recommended.

Not a storage service

[tcopeland]

...but close: getindi [getindi.com]. More of a "share stuff with the groups I'm in", e.g., your softball team, church choir, etc.

For Mac users: .Mac

[MarkWatson]

As a Mac user, I am used to paying a little more :-)

Seriously, the .Mac service for $99/year is a good deal: 1/2 gig storage, nice integration with OS X and Backup, and apparently fairly unlimited bandwidth (I use .Mac as a mirror for some of my downloads).

Re:

[Paulrothrock]

I recommended .Mac to my parents and they're very happy with it. My dad set up a web page for his band with audio clips and a photo gallery all by himself, and he and my mom have email and a backup system.

My only beef is that you can't get the Backup program without buying .Mac. I've already got a web host, but would love to use it to back up my system to my web host, which I talk about a little bit above your post.

And, probably because of .Mac, I can't mount an FTP drive as writeable without jumping thro

Re:

[SuperMog2002]

You can mount FTP drives as writable with jumping through hoops? Better than my current state of not being able to do it at all. Care to elaborate?

Re:

[TheRaven64]

I've not tried it, but I believe there is a FUSE FTP filesystem. You could always use that with the Mac FUSE driver.

10.4 got the ability to mount WebDAV folders over HTTPS, so you might find that a better solution.

Re:

[SuperMog2002]

I've used Mac FUSE with SSH, but haven't tried FTP yet. I'll poke around and see what I can find out. Thanks.

How come these never mention Apple's .Mac?

[Blakey Rat]

How come these reviews never mention Apple's .Mac service? That's what I'm currently using, and I'd LOVE to find an alternative, as iDisk seizes up Finder all the freakin' time, but I have no clue which of those services integrate with OS X. But even a basic review showing how .Mac compares to the other options would be nice.

Does anybody have any advice for Mac-compatible (preferably Finder-integrated, like .Mac) online storage?

Re:

[SuperMog2002]

Anything that allows you to access your files over NFS or SMB will integrate quite nicely, as OS X can mount both those file systems as read/write. SMB is how I get my Mac to share files with my Windows machine, and it works flawlessly. Unfortunately, I have't actually found any such services on the web yet. Note that I haven't really looked much either.

Never Again

[mlk]

Many moons ago when I left Uni I dumpped all my data on to a "free" online storage location, knowning that for a month or so I'd be netless, and unable to move my data any other way.

A month later and it was no longer free, and all my content was "pay up in 60days, or we will delete the lot".

No webdav?

[oliderid]

Why is there no services using Webdav (AKA Web Folder for Windows)?
It is quite simple to setup (Apache + webdav module). it is a built-in feature in all OS (except Windows 98 IMHO). You can use HTTP Basic Authentification or something more secured with SSL. And your app will be fully integrated with your client's OS.

I have developped a large extranet service based on this technology. Pretty simple. You can choose either 100% JAVA based application (and using TOMCAT and all) or Apache 1.X (or 2.X). You don

Re:

[oggiejnr]

If you want to use WebDav with Windows XP SP2 it has to use authentication over SSL or Windows Authentication otherwise XP blocks it on site. The only way around is through changing a registry key which isn't an apropriate solution for most users

Amazon S3?

[daeg]

Has anyone used Amazon's S3 service? [ http://www.amazon.com/gp/browse.html?node=16427261 [amazon.com] ]

We're considering using it for yet-another offsite backup of some of our records, in an encrypted form.

The prospect of being able to use a simple API to update and download backups seems like a great idea to me, but I've yet to find any decent service reviews.

Re:

[puppetman]

Ya, I'm surprised as well; I guess because it's a service with a low-level interface (rather than some nifty Web 2.0 UI).

I am considering writing a small app to manage an S3 account to store our digital photos. It's cheap, and unlike all the small, new companies listed in the ExtremeTech article, unlikely to be going anywhere soon. They also state a 99.99% up-time, and I suspect they could hit that mark pretty easily.

I also want the ability to be able to sync a local directory to a remote one (only upload w

Re:

[Anonymous Coward]

I haven't used it myself but it sounds like you want s3sync.net.

Re:

[StanS]

I've been using s3sync to upload/download stuff to Amazon's S3 service for months. It works great. I even use it on Windows (since it's a ruby program, it works anywhere).

There are many graphical managers as well, I use jetS3t [amazonaws.com], which is a java based gui client.

The huge added bonus (for me) is that with S3 it's trivial to make something public (with or without authentication), or even have it host a torrent.

Bleh

[Valdez]

A few more readers need to tag this as slashvertising

Bleh.

If you submit a link to an article you wrote under the guise "[Website] has just [posted] a new [review of thing]"... where in fact [you] were the one doing the posting of said [review] under the employ of said [website]... you should be stoned.

Or modded down.

Wow, a whole 1 GB of storage. Whoopty Doo

[elrous0]

Can someone tell me what the point of using these sites for backup purposes is, when you can buy a frickin' flash drive with 4 times that much storage, take it with you anywhere on your keychain, and never have to worry about monthly bandwidth restrictions or trying to upload a 1 GB backup over a crappy broadband connection?

-Eric

Re:

[sammyo]

Just what I was saying to my cubemate, look at this it holds all
my files, wait, it was right on my keychain. Oh no, if I don't
find that darned bit of plastic I'm doomed...

Re:

[SCHecklerX]

Personally the data on my servers is worth a hell of a lot more than the servers themselves (years of work). Any local storage backup, including USB drives would go up in flames with the servers in any disaster. This is why automated offsite storage is important. No, I'm not going to go to the server room and grab the USB disk to take with me every day, and then try to remember to plug it in at night. Also, I already have a USB keydisk that I carry around, and it certainly isn't used for backups. No, I'

encryption? backup?

[snitmo]

This article concentrates on the interface and sharing, but I want to know answers to these questions before thinking about using them.

Are the data encrypted on the server? If so, how?

What prevents a server operator from stealing my data on the server?

How long are the data kept on the server?

How are they backed up?

What kind of guarantee do they give regarding to these?

eSnips is going to have trouble someday

[TubeSteak]

eSnips is riddled with searchable MP3s
http://esnips.com/_t_/metallica [esnips.com]

It's only a matter of time before we hear about them in the news

How do these storgage companies afford it?

[Bloodwine]

The amount of bandwidth and storage they offer at such low prices, I cannot understand how they offer what they do for the price. Perhaps I am being a bit too cynical.

Re:

[wwmedia]

lowest price bandwidth is 8-10$ per mbit with cogentco after 1gbit commit 1mbit / month flatout ~ 320GB so yea do the maths

Stashbox

[Benski]

http://stashbox.org/ [stashbox.org] is an up-and-coming storage site. Includes the incredible useful and usable Shup [stashbox.org] screencapture and file upload utility. It can even upload to sites other than stashbox.org

It's still a work in progress, but the site and tools receive frequent updates.

MOD PARENT UP

[Will Fisher]

I use stashbox all the time. The shell extension lets me upload a file in 2 clicks (by putting an item on the right click context menu).

 

got to ask...

[A_Non_Moose]

was I the only one who reflexivly covered my groin upon seeing "eSnips"?

Almost an engrish.com worthy name.

Could be worse, I suppose, or maybe eUnichs or eBobbitizing was already taken.

Use what you've got

[Relic of the Future]

I'm already paying for an always-on broadband connection at home. For no additional cost, I can access as many "Gigabytes of free storage" as I care to hook up to my home system, and I don't have to worry about some corp reading my private documents, either. I don't understand why more people don't do that (or, to put it another way, why there isn't a piece of software that makes doing it easy enough for everyone and their mother). Dynamic IPs are tricky, but the workarounds aren't that hard to come up w

Run your own

[Plug]

I spent quite some time looking for a way to run my own web-based file transfer site so accountants could stop e-mailling 10MB data files to each other.

The best I've seen is Boxroom [rubyforge.org], an OSS Ruby on Rails application for web based file transfer. With the Mongrel web server it does upload progress, recent versions have had in-file search added, and my employer is currently sponsoring the implementation of virtual hosting in it.

I would like more people to know about this program - it's very cool, and more developers on it would be certainly be appreciated by all of us who use it!

iSCSI target

[Gothmolly]

I have a machine at home running the Linux iSCSI target, and the iSCSI initiator on my laptop. Mount it up just like local storage. Can even swap to it.

Re:Yippee - 6 more sites to add to the "banned" li

[Bonker]

Yippee - 6 more sites to add to the corporate "banned" list.
It's bad enough people try to use things like "Gmail" to send things that really ought to be sent securely. There are lot of semi-computer-literate yokels out there who see "SSL" and "SSH" and forget that their "private" data will be lying in the clear on someone else's server at the end of the day (free for the someone else or a server hacker to copy/read).

It's assholes like this who make IT difficult for everyone else by inspiring hatred and fostering a sense of rebellion among those they supposedly 'serve'. Perhaps as a Slashdot reader, you're familiar with the phrase, "The more you tighten your grip..."? This is the reason that people attempt to work around you by using encrypted links to offsite storage. It's the same reason they set up unofficial file servers and install 'unapproved' applications. They need or want something that you, in your capacity as the provider of IT services, are not providing.

Rather than arrogantly treating those you work with as 'Yokels', you could understand and provide for their needs. Why don't you try working with them rather than against them? Spend the time you would stamping out undesirable computer use by educating your users about security and providing them with the tools and services they want.

Then, when you have a *real* security problem (one that doesn't involve the use of GMail), they'll be less likely to revolt.

If you work in IT and aren't willing to treat those around you with more respect than you'd give to livestock, you need to find a different job.

Re:Yippee - 6 more sites to add to the "banned" li

[rainman_bc]

Props to you for such a great reply to such an ass hat IT person.

Truth is, many IT people don't seem to "get" it. They call everything a security hole and make b2b communications more difficult.

Not everything needs tight-arsed security. If I want my outside people to send me a file with not-so-sensitive information that isn't very useful to anyone else, I think they should be able to FTP it to me ( or SFTP or SCP or FTP with SSL if pedantic IT people were so inclined). Instead of an ass-hat saying " you can't have an ftp server up because it's a security hole", the ass hat IT person should say "I'll set up a secure FTP server instead and they can send it there".

I've had those conversations all the time with idiot IT people.

Truth is I think they're just on a rampage sometimes without any real knowledge of why they're doing something.

That said, the IT department at the company I work for is the first competent group I've seen. They locked down IM, but set up a jabber server instead with an MSN gateway. IMO that's the way to go - set something up that's a viable alternative instead of just saying "no" to anyone who wants anything.

Fuck sometimes it'd be just easier to pull all ethernet cables.

I can suggest a solution...

[jonathan_lampe]

If I want my outside people to send me a file with not-so-sensitive information that isn't very useful to anyone else, I think they should be able to FTP it to me ( or SFTP or SCP or FTP with SSL if pedantic IT people were so inclined). Instead of X saying " you can't have an ftp server up because it's a security hole", the IT person should say "I'll set up a secure FTP server instead and they can send it there".

Can I make a suggestion for this? It does SFTP and FTPS with automatic encrypted storage...
http [standardnetworks.com]

Re:

[rainman_bc]

It was a company I used to work for where the IT people were morons, more interested in working on the next cool thing (at that point was implementing NDS) instead of doing real IT work like managing the network and the like.

Never worked in IT, have you?

[xxxJonBoyxxx]

They need or want something that you, in your capacity as the provider of IT services, are not providing.

Never worked in IT, have you?

This is a classic example of a IT-provided service that employees already have (at least, if you've already invested in a good email system and a good secure file transfer system) that gets marketed directly to consumers as something they don't have. So...they "try it", often with something like a customer list or account statement that shouldn't really leave the company, and then just start using it without even telling the guy in the next cube, let alone IT.

Thus the need to ban (or at least listen for) such sites; if you don't, there will be people who just don't tell you.

I suppose I could safely modify my opening statement to, "Never worked with live humans, have you?" The same general principle I'm teaching you about today applies to other areas too. For example, if I don't lock my company's electrical closets, eventually someone will wander in there and do something that could get both of us in trouble. (Therefore I "ban" access to it by locking the door.)

Re:Never worked in IT, have you?

[swb]

You just can't win in IT. If you block access to something, you're all about control and limiting innovation. When something stupid happens, you own the problem 110% because you didn't do enough to prevent it from happening.

What's funny is that nobody seems to think its "unfair" that you can't make yourself more efficient by cutting a hole in the wall and creating your own doorway to the parking lot, but cutting a hole in IT security with filesharing is OK because it makes you more efficient.

I'm sympathetic to the end users as many IT policies do seem irrational, but I'm also sympathetic to IT since its unlikely they have been given a mandate to enable the end users to do whatever they want.

If I had mod points today, you'd have them all...

[xxxJonBoyxxx]

What's funny is that nobody seems to think its "unfair" that you can't make yourself more efficient by cutting a hole in the wall and creating your own doorway to the parking lot, but cutting a hole in IT security with filesharing is OK because it makes you more efficient.

That's the smartest/funniest thing I've read in a long time. God help me if I'm not using it in my own training by next week.

Re:

[daigu]

It is funny how people always talk about the best scenario when it comes to IT - like people using gmail instead of work email (leaving out important details like the corporate system is Lotus Notes) or something stupid happening. Rarely do people in IT talk about how they often don't even know what the business problems are for the company, divisions, units and work groups they are providing services for.

Even for those problems that they are aware of, frequently problem solving takes a back-seat to the pro

Re:

[swb]

Rarely do people in IT talk about how they often don't even know what the business problems are for the company, divisions, units and work groups they are providing services for.

When I worked in an IT department, I used to *beg* to have employees explain to me what their specific business problems were, only to be told I wouldn't understand, lacked the niche experience or some other bullshit answer that had more to do with maintaining exclusivity and power bases among middle management. So you guessed as best you could in keeping with the IT policies and procedures you *knew* existed and were enforced, but then got chided for not understanding the business problems. OK, great, y

Re:

[daigu]

I understand the issues. Some people think controlling information gives them more power (typically behavior of less competent people). Some people think their little corners of the company or few executives are more important than everyone else (which is ok, so long as you can tell them to get stuffed when it matters). I understand IT has its own agenda (but IT management should realize that their bread gets buttered by the people using IT services - a fact frequently forgotten).

I think the customer-cent

Re:

[daigu]

That IT does not provide it is likely a function of; A) prevented by security concerns/laws/policy at the top, B) not affordable, practical or do-able within current infrastructure, C) does not actually constitute a *justifiable* need or benefit, and so on.

This comment says it all. Why should I have to justify my need to IT - especially after you have just explained how IT is not at the table anywhere and has no basis from which to make a judgment? IT should present options and talk about the technical co

Re:

[_LORAX_]

You might want to read this piece.

http://www.cio.com/archive/021507/fea_user_mgmt.ht ml?page=1 [cio.com]

As IT you should not be giving users whatever they want, but you need to remember that each request means that IT is probably missing something. The article is a good read and contrasts the "control everything" motto that you have to a balanced approach that makes IT part of a total discussion on topics like "I need to do this work at home" or "I need to share these documents with joan in accounting".

Don't fear yo

Re:

[therobloe]

Although keep in mind, sometimes the "easy" way is not the right way. Yes, I know there is an arduous process to set up a secure FTP account on our servers, but there is a process. Suppose one of my users goes around that, and decides to use an alternative service instead. Now, I have to also be aware of and know the ins and outs of that particular service in order to be able to deal with it when problems arise when we have a perfectly fine and working system already.

What happens when my user quits or is fi

Re:Yippee - 6 more sites to add to the "banned" li

[bberens]

I call shenanigans. We use an SSL VPN solution through active-X or applet (the VPN router supports both) at my office. The SSL certificate we use is invalid and Firefox, Opera, Konqueror, etc. disallow me to view the page even after I've attempted manually importing the certificate. However, IE let's me right through with a simple warning. For those few of us without access to IE at home, that means we can't use the VPN. All they'd have to do is get a proper certificate and everything would be solved. But the response I get is "We can't support every flavor" or "We don't support linux." Nevermind the gaping security hole which is just waiting for someone to man-in-the-middle our VPN to gain access to important data files. This sort of response is typical to every IT department I've ever come across. I realize you may be nice and friendly and will at least attempt to be helpful but that makes you not in the 'norm'.

Re:

[thousandinone]

You are aware that there are costs involved with using an 'official' certificate authority, aren't you? It may not be in the budget.

Re:

[Rich0]

Then create a cert using CACert, provide instructions for users to import their root cert, and get on the bandwagon of people shouting for Mozilla to finally add them to the default list.

Or publish your own root cert for users to import.

There are solutions out there...

Re:

[bberens]

Your point is valid so I don't intend this as a flame at all. We're a huge company with a multi-billion dollar budget. Our network IT staff (network only, not dbas, sysadmins, etc) is comprised of like 6 people. They can easily afford the certificate.

Re:

[thousandinone]

In my experience, just because a company can afford it doesn't mean they'll fork over the money for it- and the more money a company has, the less inclined it is to spend it. The company I currently work for offers a VPN for those who would like to do some of their work from home, but they do so with a mentality of it being a luxury, and if it doesn't work, their option is to go to work. It's a ridiculous policy, and next to no support is offered for it. The company can most definitely afford to support

Re:

[Rich0]

The fact that you have a process to set up secure FTP for your users puts you MILES ahead of most IT groups out there.

In many companies getting an intranet website created on the official webserver requires tons of red tape and brings on questions like "Are you an official web dev in the official web dev group?" Then IT wonders why IIS or whatever is running on 47 PCs sitting under desks all over the company, completely unmanaged.

Likewise in many companies users get a 25MB email quota or something silly li

Re:

[Tarlus]

I think you're missing his point. While I wouldn't call them 'yokels', it should be agreed that there are plenty of people out there that just don't understand the dangers of transferring sensitive data.

Consider, for example, a medical researcher. This person may collect any volume of information on a patient for use in research. This person has a very strong medical understanding, but doesn't even know what file encryption is. They may store this information in a MS Word file. This is fine. Then they wa

Re:

[DnemoniX]

You know I took the time to write out a nice bit picking apart you little tantrum here. I previewed it and it was well done. Then I read your garbage once again and decided you were not worth the effort. So I am instead settling on this simple comment, "You sir are a Turd Sandwich".

Not all data is sensitive.

[deesine]

Really.

Just two weeks ago I had a client who needed to transfer ~20 10-30mg files to a printer in China, ASAP. Those files were not sensitive at all. The file sizes ruled out many of these online offerings. My client said he had already tried using gmail as storage, and one other, but they both had limits of around 5mg/file.

After hearing that I didn't bother doing more research. I wish, after reading this article that I had, because there I was hand-holding him through two (XP & OSX) ftp client installs

Re:

[kv9]

because there I was hand-holding him through two (XP & OSX) ftp client installs.

in XP it would have been easier to just type ftp ://username@ftpserver.com in the Explorer address bar. I expect such an advanced OS as OSX to have similar functionality out of the box.

Re:Yippee - 6 more sites to add to the "banned" li

[josath]

My gf works in a corporate office at Wells Fargo. They have the hardest time transfering files around, email is capped at 10MB, outside programs banned. The only 'approved' way of transfering files (for example large 500 page financial statement 30MB pdf) is through a "SwiftSend" program. The only problem, is that this custom/enterprise app is so buggy, she is afraid to even open it, because she knows there is a 90% chance it will crash hard, locking up the PC, and needing a visit from IT in order to get th

Re:

[WuphonsReach]

Definitely nicer to work in a small company in that regard. I try to make sure the user's have what they need, we don't lock down the machines and we spent the $$$ on Acronis or Ghost to make periodic images of the systems. Most of our users are well-behaved enough now that I don't worry as much. The ones that aren't, I make sure I always know where the "gold" image is for their machine.

As for the firewall we simply tell them: "we know what you're doing".

Now, generally, I don't bother watching the lo

Re:

[daeg]

If you're that concerned, you could keep your files in an encrypted volume using TrueCrypt [truecrypt.org] and then back up the volume. Unfortunately, TrueCrypt volumes don't lend themselves to incremental backups very well, but if you keep the volume size roughly at what the files require and you don't write often, it won't be that bad. You could split them up into multiple volumes if you'd like, too.

This applies not just to pictures but to sensitive e-mail backups, database dumps, etc.

Re:

[Anon-Admin]

What does the "Gay Nigger Association of America" GNAA corporate [www.gnaa.us] have to do with online storage?

NOTE: Just put GNAA into google and see what you get!