Cloud storage, also known as file sync & share, has become as important as email for collaboration in today’s workplace. Digitally-native employees demand a better solution than sending attachments back and forth, a time-consuming process that can lead to conflicting changes between team members.
Subscription-based services may seem like a simple solution; in fact, your employees may even use personal accounts to do company work, perpetuating a “shadow IT” and data governance problem. Not only do you lose control over your data as employees join and leave your organization, you also turn over your valuable intellectual property to tech giants like Dropbox, Microsoft or Google under their Terms of Service.
NextCloud is a cloud storage solution trusted by first-class organizations including CERN in Switzerland. You can deploy it in your own environment on-premise, on a dedicated server, or in the public cloud. By cutting out the middleman of a subscription-based cloud storage provider, you pay only for the resources you provision on an Infrastructure-as-a-Service (IaaS) platform – instead of on a per-user basis. Why pay for 1TB or “Unlimited” storage per user, when the major cloud storage services count on overselling their storage, and terminating users who exceed an arbitrary “fair usage policy” ?
With your dedicated NextCloud storage cluster, you retain full control over security, versioning and backup. The resources, including highly-resilient, block storage volumes, are reserved for your instance and can be expanded as your needs grow. Many organizations who made the switch decided to contact us because their existing cloud storage provider became more restrictive on policies such as bandwidth usage, and length of retention for older data.
Did you know Dropbox will temporarily suspend access to a file if too many downloads are requested for it within a 24 hour period? Also, Dropbox eliminated the Extended Version History addon for Dropbox Plus accounts, which allowed paying users to revert back to a previous version of a file for up to 1 year. Even the highest tier of paying accounts, Professional or Business now only offer 120 days of version history, with Plus and Free accounts limited to a paltry 30 days. With NextCloud, the administrator can set how many days version history should be kept before it is purged from the server – and even set different policies based on the tags associated with a file.
NextCloud has excellent cross-platform support, with sync clients for Windows, Mac OS X, Linux, Android and iOS, compared to Google Drive and OneDrive for Business, which still do not have a native client for Linux. No matter where your global workforce is, they’ll remain productive with their documents & media at their fingertips.
While you can easily deploy NextCloud in any Linux environment, there are many considerations that an administrator should take into account to prepare an instance for production use.
- Geolocation, bandwidth and throughput requirements of the NextCloud server
- Right-sizing the dedicated servers or cloud instances (RAM and CPU) based on the number of simultaneous users, maximum file size and volume of data to be uploaded
- Performant storage with high IOPS, preferably SSD-backed block storage using RAID and advanced file systems such as ZFS or Btrfs with live snapshotting/redundancy
- Using elastic volumes that can be dynamically expanded as storage grows over time
- Setting up a web server for secure SSL termination, either Apache or NGINX
- Determining the right mode and version of PHP to run for optimal performance, whether mod_php as an Apache module or PHP-FPM (FastCGI) as a separate process
- Tuning of PHP.ini and PHP Opcache modules to enable large file uploads
- Adding in-memory caches such as PHP APCu and Redis to accelerate the front-end performance of NextCloud and scaling these to separate servers if necessary
- Choosing a backend database such as MySQL or Postgres and implementing master-slave replication, failover, sharding or a full-blown Galera cluster
- Enabling full-disk encryption of data at-rest to protect sensitive, proprietary data
- Locking down communication between application and database servers with strong authentication, cryptographically secure ciphers and strict firewall rules
- Scheduling and managing downtime for maintenance, such as backups and updates
- Implementing cron jobs for NextCloud’s background tasks and running shell scripts to push backups to an object storage service such as Amazon S3 or Backblaze B2
- Connecting a third-party email gateway such as Amazon SES, Sendgrid or Mailgun to the NextCloud instance to deliver shared file notifications and password reset emails
- Setting storage quotas, password and retention policies for NextCloud users and user groups based on business requirements
- Integrating NextCloud with advanced authentication methods such as LDAP for single- sign on (SSO) or 2-Factor-Authentication (2FA) for additional security
- Planning to recover from failures if the database becomes unsynced with the NextCloud data directory or if rolling back to a prior snapshot of the application is required
- Adding additional NextCloud Apps such as Collabora Office for real-time collaboration between users on documents, KeeWeb for password management, or Talk for WebRTC video conferencing
Sound complex? You’re not alone. Luckily our professional NextCloud administrators can help you plan a successful deployment and implement it for you in the environment of your choice. We can recommend an ideal cloud or dedicated server provider which fits your budget, performance and data governance requirements. Contact us today and we would be pleased to provide you a proposal based on your number of intended users, volume of data and potential savings over your existing cloud storage provider.