In a flash, much of our cyberlife—both private and professional—has moved to the cloud. Mega-tech companies hold the data crucial to millions: Our virtual offices chat via Slack, our kids’ pics clog Google Photos, and hundreds of millions share files large and small in Dropbox.
While the big guys will make the case that they’re secure, some privacy-minded organizations are not so sure.
This was highlighted recently in Germany when government officials said they are moving away from third-party platforms for its 300,000 workers who collaborate over multiple devices. Instead, the federal IT agency will be using Nextcloud, an open-source, internally hosted tool produced by a German company of the same name.
It’s part of a growing trend to replace cent1rally hosted services with those that can be run on servers under an individual or organization’s control in their own legal jurisdictions—and customed to their speciic needs.
“As a company, we don’t have any servers—we don’t do any hosting,” says Nextcloud founder and managing director Frank Karlitschek, speaking with Fast Company through his product’s video chat feature. “They put it on whatever hardware or hosting infrastructure they trust.”
For a family or couple looking to share files or photos or keep their calendars in sync, that can be something as simple as a the low-cost Raspberry Pi. In more ambitious scenarios, where the software is supporting hundreds of thousands of users chatting and collaborating on shared documents, it can be run in a modern data center on more sophisticated infrastructure, likely with a support contract from Nextcloud.
“If you have a bigger setup, you really want to have proper monitoring and proper backup and proper intrusion detection and so on,” Karlitschek says.
Karlitschek previously created ownCloud, a similar tool that’s still in active use and development. And Beijing-based Seafile says it has signed more than 20 major educational institutions around the world as paying customers for its own open-source, self-hosted file-sharing tool. It supports security features like end-to-end encryption, where files are encrypted before being uploaded to the server, something CTO and cofounder Jonathan Xu says is lacking in many competing products.
“Many home users use our community edition to host their own files, for replacing Dropbox etc.,” writes Xu in an email to Fast Company. “They appreciate the speed and reliability of Seafile.”
The move to the self-hosted cloud isn’t limited to file-sharing tools. Mattermost, a workplace chat tool with features similar to Slack, is designed to be hosted on a company’s private servers, storing chat logs in the company’s databases.
“The people that use Mattermost are going to be the ones that care the most about security,” says CEO Ian Tien. “We like to say, if you’re under regulation or under attack.”
Since it’s open source, it can also be customized to meet its users’ needs, and users have built and shared code to make it compatible with a variety of deployment tools and hosting infrastructure.
“You can make it work with basically anything because you have the source code,” says Tien.
The Palo Alto, California, company got its start making online video games and used a centrally hosted chat tool to help its employees collaborate, he says. But after the tool changed ownership in a corporate acquisition, its reliability started to go downhill. When the game company tried to export its data from the system, the export functionality didn’t work, and the company couldn’t continue to access its archived data without continuing to pay for a subscription, Tien says.
“We’re trying to get things done, and we’re really trapped in this system,” he says. “We had no control.”
That led the company to adapt messaging software it had already developed for its players to use to communicate, eventually making chat its primary focus.
Since then, the software has notably been adopted by customers like Uber, which detailed in a blog post the adaptations it made to Mattermost to build its own, custom internal chat tool. Many of Uber’s modifications and upgrades have been made open source themselves, the company said.
Once companies choose to adopt decentralized cloud tools, there’s still the question of where to host them. While many large organizations naturally install them in their own data centers, others choose to host them on cloud-based servers. The Amazon Web Services Marketplace even contains multiple ready-to-go server images preloaded with everything that’s needed to run Nextcloud.
Running high-level private cloud services on top of centralized cloud servers may not be the contradiction it seems. Many companies have come to trust cloud providers like AWS, Google Cloud Platform and Microsoft Azure to build stable and secure infrastructure, and without the right economies of scale, it can be difficult for self-managed servers to compete on price.
“It has to be very efficient in terms of manpower,” says Jean Atelsek, an analyst at 451 Research, to get prices below public cloud services when engineering and other costs are included. “At a typical utilization percentage, upwards of 600 virtual machines per engineer have to be managed in a private cloud.”
Some companies even choose to outsource managing decentralized cloud tools entirely. Karlitschek says they can still shop and potentially port data between multiple providers based on costs, service guarantees, and other factors.
“The main difference is there’s not only one service provider, but we have 100,” says Karlitschek. “You can pick and choose.”