Why did you need to develop a "Russian dropbox"



At some point, Russian organizations acutely felt that sending files through foreign servers was not a good idea. Then there are three options: either decide administratively and “kick” those who send non-flash drive courier mail, or create a global data warehouse (for example, based on ECM Documentum, OpenText or Alfresco), or immediately deploy the cloud-based analog of Dropbox on your servers in the Russian Federation.

The first two ways work, but the simplest and most effective is the third. Therefore, we had to make our file sharing servicefor large business. Of the good features - authentication via LDAP, encryption, self-destructive links and other delights of paranoia. The funny thing is that it turned out to be quite comparable at the final prices with the Dropbox business license. Yes, we make Dropbox Business cheaper for medium and large companies.

Task


There are two types of installation: a la cloud storage (like Onedrive, Google Drive, Dropbox and other similar services), only taking into account Russian features and servers within the country. Or exclusively “your” solution with servers in your data center.

The initiators of the project, of course, were the security guards - primarily our own. None of them like to see company files behind the DMZ perimeter, so this solution was needed. For example, this is important when controlling access to files when an employee quits and you need to disable his account.

Then there are more requirements: the software administrator should have a detailed action log - who, where and how much has uploaded, what and who has rummaged. The only point is that in the final implementation the admin sees only the names of the files, but not their contents. Therefore, for example, there was a guy who kept some videos under the names of reports.

Next up are the standard chips. If the document is sent outside, you can make a public link, as usual, or a link with a password. And screw the timer, if you want. You can limit the number of downloads.

Implementation


A group of developers was found in Nizhny Novgorod who sawed a similar product for the domestic market and for Korean corporations. ASD, in general, was originally a Moscow company, which in 2012 opened an office in NN.

Their core (Cloudike platform) proved to be excellent at implementations by operators and service providers MegaFon, Vodafone, Ooredo Indosat, KoreaTelecom. The internal file sharing of these companies is built precisely on the code of the team from the Lower. We agreed with them and took their well-developed core, plus actually set the task of fine-tuning the product for the needs of large business and state-owned companies.

Then they deployed it in their cloud infrastructure (two data centers within Moscow), including the Compressor data center with Tier III level - Gold Certification of Operational Sustainability. This is for “shared” access.

This is how the result looks via the web:



There is another application for the phone, PC.

Our installation is located on an S3-compatible object storage on CEPH, on top of which 18 service virtuals work (all services are clustered). A new customer connects to the service within 10 minutes. This is now in demand by companies from 50 active users.

There is another option for deploying the service at the customer’s facilities - on-premise, so that all the data is inside the IT perimeter. In this case, the installation takes much longer. As a rule, we need our own special features for the security requirements of state-owned companies. The most common are direct access to files from the super administrator, pre-moderation of public links, integration with leak prevention systems, post-moderation, deletion through a security officer. There is even sending files only according to the white list of recipients (which is updated by a written request to the security guard). It is possible to encrypt the source and transmission. For example, for our own integration within the company, it was necessary to refine AD - we have the basis for accounting - not mail, but a name. We all log in by first name and last name.

The usual implementation period is 3-4 months, taking into account the completion of features.

Subscription service license (payment by the number of users). In the standard tariff per user there is 100 GB (quotas are managed by the administrator, for example, you can give one 500 GB, and five more - 20 GB each).

For installation inside the company - a large bill for customization, then - a one-time lifetime-license. Plus the ability to support or refine as needed.

Who uses


It may seem that the market for such a product ends on the fingers of a second hand - not many companies really worry about their safety. But no, it turned out that almost everyone needs a domestic exchange at a certain stage of the company's maturity.

There were actually hundreds of requests in the first weeks. Typically, this is a lot of construction business contractors who exchange design estimates and invoices. They are used to it this way: a folder for collaboration is made, accounts and so on are automatically placed there. The user enters the folder - and there everything is waiting for him.

Then architectural bureaus. We felt this on ourselves: while we were building the third data center, we exchanged schemes that quickly grew and ceased to fit into letters, and immediately versioned floated. Started to pay for Dropbox. Business was a direct necessity.

In general, almost all companies that did not implement a “heavy” EDS like banks from the TOP-10 and the big three operators. That is the whole medium business.

IT services are interested in that users themselves, without request, can manage shared folders, add and remove colleagues. Or have a local copy of the cloud files on your device with the ability to automatically manage collisions. For companies with a special attitude to security, there is a WEBDAV client (currently in a closed beta) that emulates a hard drive, and the files are not physically stored by the user.

About development


Collaboration with the team in Nizhny Novgorod was very informative in terms of how the dialogue is built between the corporation and a small independent team. The project manager on their part is the immediate girl Lena, who is always in touch.

For example, in the first month of communication I write a letter in the official language, according to etiquette, I describe a bug. It was Saturday night, as usual in theory - I am waiting for an answer on Monday at lunch. But no, in a couple of minutes a message arrives in the messenger: "I will check in an hour, because now in the pharmacy." Just a brain break! On the one hand, if it were so in a business letter from me to the customer - I would be mistaken for inadequacy. And on the other - a fantastic reaction by the standards of corporations in an hour.

In addition to the team in Nizhny, development was carried out in Kazan, Smolensk and Ulyanovsk (these are remote developers), plus, since the company is largely focused on exporting software to Korea, Indonesia and Turkey, 10 more specialists are sitting in Seoul (+6 in time, and one of them, frontend, does not know English).



Required resources for installing up to 10,000 users:

  • Total vCPU 33
  • Total RAM 75
  • Total HDD, Gb 2554

References



Also popular now: