Why did you need to develop a "Russian dropbox"

At some point, Russian organizations felt keenly that sending files through foreign servers was not a good idea. Then there are three options: either decide administratively and “kick” those who are not sent by courier mail, or create a global data repository (for example, based on ECM Documentum, OpenText or Alfresco), or immediately deploy the cloud analog of Dropbox on servers in the Russian Federation.

The first two ways work, but the easiest and most effective is the third. Therefore, we had to make our file-sharing service for a large business. From pleasant lotions - authentication through LDAP, encryption, auto-disable links and other delights of paranoia. The funny thing is, it turned out to be quite comparable at final prices to the business license for Dropbox. Yes, we are doing cheaper Dropbox Business for medium and large companies.
')

Task

There are two types of installation: a la cloud storage (like Onedrive, Google Drive, Dropbox and other similar services), only taking into account Russian features and servers inside the country. Or only “your” solution with servers in your data center.

The initiators of the project, of course, were the security guards - first and foremost our own. None of them likes to see the company's files behind the DMZ-perimeter, so this solution was needed. For example, this is important when managing access to files, when an employee leaves the company and his account must be turned off.

Then there are more requirements: the software administrator must have a detailed log of actions - who, where and how much has uploaded, what and who has rummaged. The only time - in the final implementation, the admin sees only the file names, but not their contents. Therefore, for example, there was a guy who kept some videos under the names of reports.

Next - standard chips. If the document is sent outside, you can make a public link, as usual, or a link with a password. And also fasten the timer if you want. You can limit the number of downloads.

Implementation

In Nizhny Novgorod, there was a group of developers who sawed a similar product for the domestic market and for Korean corporations. ASD, in general, was originally a Moscow company, which in 2012 opened an office in NN.

Their core (Cloudike platform) showed itself perfectly on the implementations of MegaFon, Vodafone, Ooredo Indosat, KoreaTelecom, operators and service providers. The internal file sharing of these companies is built precisely on the code of the team from the Lower. We agreed with them and took their well-developed core, plus actually set the task of fine-tuning the product for the needs of large businesses and state-owned companies.

Then it was deployed in its cloud infrastructure (two data centers within Moscow), including the Compressor data center with the Tier III level - Gold Certification of Operational Sustainability. This is for “shared” access.

This is how the result looks through the web:



There is also an application for phone, PC.

Our installation is hosted on S3-compatible object storage at CEPH, on top of which 18 service virtual machines operate (all services are clustered). Connecting a new customer to the service occurs within 10 minutes. It is claimed now by companies from 50 active users.

There is another option for deploying the service at the customer at its facilities - on-premise, so that all data is inside the IT perimeter. In this case, the installation lasts much longer. As a rule, we need our own special features for the security requirements of state-owned companies. The most frequently encountered are direct access to files from the super-administrator, pre-moderation of public links, integration with leak prevention systems, post-moderation, deletion through a security officer. There are even sending files only on the white list of recipients (which is updated upon written request to the security officer). There is the possibility of encryption on the source and on the transfer. For example, for our own integration within the company, it was necessary to refine AD - we have the basis of the account - not the post office, but the full name. We all log in by name.

The usual implementation period is 3-4 months, taking into account the finishing of features.

Subscription service license (payment by the number of users). The standard rate per user accounts for 100 GB (quotas are controlled by the administrator, for example, you can give 500 GB to one, and another five 20 GB each).

For installation within the company - a large bill for customization, then - a one-time lifetime-license. Plus the ability to support or refinement as needed.

Who uses

It may seem that the market for such a product ends on the fingers of the second hand - not many companies really care about their safety. But no, it turned out that almost everyone needs internal exchange at a certain stage of a company's maturity.

Requests in the first weeks came really hundreds. As a rule, these are many construction business contractors who exchange design and estimate documentation and invoices. They are accustomed to this: a collaboration folder is made, bills and so on are automatically put in there. The user enters the folder - and there everything is already waiting for him.

Then the architectural bureaus. We felt it on ourselves: while we were building the third data center, we exchanged charts that quickly grew and stopped getting into letters, and versionion immediately floated. Began to pay for dropbox. Business was a direct necessity.

In general, almost all companies that have not implemented a “heavy” SED, such as banks from TOP-10 and the big three operators. That is the whole medium business.

IT services are interested in that users themselves, without a request, can manage the “sharpened” folders, add and delete colleagues. Or have a local copy of the cloud files on your device with the ability to automatically manage collisions. For companies with a special relationship to security, there is a WEBDAV client (while in a closed beta) that emulates a hard disk, and the files are not physically stored by the user.

About development

Cooperation with the team in Nizhny Novgorod turned out to be very informative in terms of how the dialogue is built between the corporation and a small independent team. The project manager on their part is the immediate girl Lena, who is always in touch.

For example, in the first month of communication I write a letter in an official language, according to etiquette, I describe a bug. It was on Saturday evening, as usual in the idea - I look forward to hearing on Monday at lunch. But no, in a couple of minutes a message comes to the messenger: "I will check in an hour, because now at the pharmacy." Just a brain break! On the one hand, if it were so in the business letter from me to the customer - I would be taken for inadequate. And on the other - a fantastic reaction by the standards of corporations in an hour.

In addition to the team itself, Nizhny developed in Kazan, Smolensk, and Ulyanovsk (these are remote developers), plus, since the company is largely focused on software exports to Korea, Indonesia and Turkey, another 10 specialists sit in Seoul (+6 times, and one of them, the frontend does not know English).



Required installation resources for up to 10,000 users:

• Total vCPU 33
• Total RAM 75
• Total HDD, Gb 2554

Links

• Here you can try
• About the "heavy" electronic document management
• My mail for questions is SZinkevich@croc.ru