Cloud Industry News Analysis & Insights on Ulitzer

Tim Negris

Subscribe to Tim Negris: eMailAlertsEmail Alerts
Get Tim Negris: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: Cloud Computing Newswire, Cloud Computing for SMBs, Cloud Development Tools, Document Management, Storage Journal

Article

Tiny Company Solves Giant Problems in Cloud-Based Document Management

Middleware, not applications, is the key to easy, legal collaboration and sharing

Multi-party file sharing and document management is a useful and increasingly popular business application in the public cloud domain.  Such solutions include vertical enterprise solutions like M&A "deal rooms" from Intralinks and Brainloop, general purpose "office" applications suites from Zoho and Google, collaboration/communications platforms from Central Desktop and Akiva, web-based document management systems from KnowledgeTree and Confidela, and file utilities from Box.net and SugarSync.

Never Use an Application to Do Middleware's Job

Regardless of their purpose or features, virtually all such cloud-based document sharing solutions suffer from the same general drawbacks and consequences.

  • Don't leverage existing storage infrastructure, e.g. EMC, SharePoint, FTP, WebDAV, etc.
    • No preservation of skills, processes, and investment
  • Facilitate sharing by forcing master files to be stored centrally in the cloud
    • Introduces security risks and compliance/control issues
  • Force the use of proprietary UI, designated apps, or complex integration APIs
    • Difficult or impossible to integrate with other sites and apps

Broadly speaking, existing public cloud services for multi-party document sharing all make the same mistake:  They address a middleware problem with an application solution.

That is, the problem to be solved is to simply enable the owners of documents and other kinds of files to make them available for review, comment, and modification by others.  It is not to reformat, relocate, copy, or hand them over to a third party, nor is it to force their owners to abandon existing applications and infrastructure for managing them, nor make readers and reviewers learn and use new interfaces.

Sharing files across and between organizations is a middleware problem; doing it through a service with its own intrinsic, required storage, management tools, and user interface is an application solution.

It Could Be Illegal

In addition to the cost and complexity of using such solutions for file sharing, a more compelling detriment to doing so is that it could be illegal!  In the US, Europe and elsewhere there are numerous regulations governing information access, storage, and transmission that present unique and sometimes intractable compliance challenges for cloud-based storage.

For example, in the US, the Gramm-Leach-Bliley Act governs the practices of many different kinds of financially-oriented businesses, including mortgage brokers, insurance agents, tax preparers, financial advisors, and credit counselors, all likely users of cloud-based document sharing.

The Act's "Safeguards Rule" requires those businesses to "Take reasonable steps to select and retain service providers that are capable of maintaining appropriate safeguards for the customer information at issue,"  and to "Require the service providers by contract to implement and maintain such safeguards."  Those safeguards include the assured periodic monitoring and testing of the security of information in their care.  Many document sharing cloud service providers are startups that simply can't or won't comply with such stipulations, but it is up to their customers to find that out or suffer the consequences of not doing so.

An even more ponderous example of the potential legal ramification of cloud-base storage is provided by the EU Data Protection Directive which governs the handling of personal data within the European Union.  The Directive forbids the transfer of such data to non-EU countries that don't meet the EU's standard for data protection.  The US is one such country, which creates potential liabilities on both sides of the pond with regard to cloud-based document storage and sharing.

If a European business stores its documents in an American cloud, the US service provider must self-certify that it provides adequate privacy protection by complying with the seven rigorous "Safe Harbor" rules governing document transfer, access, protection, storage and use.  If the US service does not demonstrate compliance, its European customers will be in violation of the directive and open to prosecution.

The Directive can also have a bearing on US companies, as well.  If a US-based company uses an EU-based cloud for storing and sharing documents, that service provider is almost certainly going to be itself compliant with the rules of the Directive.  However, if the European cloud service enables the US customer to make a local copy of a document on a US-based computer, the customer must also comply with the Safe Harbor rules in relation to that document copy.  Failure to do so leaves the customer open to prosecution by the US Federal Trade Commission with penalties up to $12,000 per day for each violation.

Those are just a few examples of the potential legal pitfalls of using conventional cloud-based document sharing services.  For more, see the excellent summary provided by Robert McHale, Esq. here.

CloudPointe to the Rescue

CloudPointe is a notable newcomer to the document cloud scene that stands apart from the rest by addressing the above problems and more through a unique middleware-oriented approach, providing functions for document and file sharing, access, and versioning, independently of where the documents are stored and which programs are used to view or manipulate them.

Company founder and CEO, Andrew Schwabe declares that the company's unique approach was motivated by a very practical consideration.  "We set out to deliver a great general-purpose business document management service in the cloud.  But, as a new company, if our service required customers to rip and replace their investment in EMC, SharePoint or other storage infrastructure, or if it competed with new things like [Amazon] S3 or Google Apps, we knew one of two things would happen.  Best case, we would only get used in niche and green field applications, not across the core business, or, worst case, we would be ignored altogether."  Schwabe's modest, practical goals notwithstanding, CloudPointe is a new, new thing.

Most other solutions force all document owners to place their master files in shared centralized cloud storage and enable collaborators at the edges to work on local synchronized copies of them on their individual distributed systems.  In CloudPointe, files stay on their owners' systems and CloudPointe connects to them in situ to enable shared access.  This approach eliminates the proliferation of duplicate or different versions of files on other systems and leaves document owners in full control of their documents. It also eliminates the need for integration work to connect business documents to web sites and apps.

CloudPointe currently connects with both premises-based and cloud-based file storage infrastructure, including FTP, SFTP, Amazon S3, Google Docs, SharePoint, and other folders/files-based storage solutions, and with their proprietary clients and browser interfaces.  The company also provides "tools to embed document sharing and collaboration inside any website or web application, including developer integration using the underlying API."

The company grew out of a traditional document management solutions company that had gained a number of notable customers in the government, academic, and enterprise segments, and it continues to offer a version of that product, which is a very high-end document and workflow automation system for customers who have no interest in the cloud or web-based document integration.  Schwabe hints that the company is on a path to migrate many of the heavy duty functions in the enterprise system to the cloud service over time.

The success of the legacy product, coupled with insider investment and the technical elegance of their product approach, has enabled the company to get to market without outside investment.  But, VCs take note, although they are presently not seeking outside investment, Schwabe doesn't rule it out some time in the future, either.

 

 

 

 

 

 

 

 

More Stories By Tim Negris

Tim Negris is SVP, Marketing & Sales at Yottamine Analytics, a pioneering Big Data machine learning software company. He occasionally authors software industry news analysis and insights on Ulitzer.com, is a 25-year technology industry veteran with expertise in software development, database, networking, social media, cloud computing, mobile apps, analytics, and other enabling technologies.

He is recognized for ability to rapidly translate complex technical information and concepts into compelling, actionable knowledge. He is also widely credited with coining the term and co-developing the concept of the “Thin Client” computing model while working for Larry Ellison in the early days of Oracle.

Tim has also held a variety of executive and consulting roles in a numerous start-ups, and several established companies, including Sybase, Oracle, HP, Dell, and IBM. He is a frequent contributor to a number of publications and sites, focusing on technologies and their applications, and has written a number of advanced software applications for social media, video streaming, and music education.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.