CloudSafe - Company Blog

Secure Data Storage. Secure Information Sharing.

0 notes

Important: Password Recovery

We regularly receive support request form users who have forgotten their password to sign into CloudSafe. As a security measure, we do not have any possibility to reset or to recover your password! So we urge all users to set up the “password recovery” function before you lose or forget your password. It only takes a few minutes: You need to specifiy two trusted contacts as your pasword recovery helper. Sign into CloudSafe and use the following Link to access the recovery setup panel:
https://secure.cloudsafe.com/profileSettings/forgotpassword/

Filed under password recovery

0 notes

Using CloudSafe for off-site server backups

Today I decided to upload some of our linux server data to CloudSafe. Since CloudSafe offers free WebDAV access to all user safes I thought it would be nice to have my backup file uploaded regularly to a dedicated safe without having to interfere manually. So I wanted to share some information with you how to mount a CloudSafe safe as a regular network drive within linux.

Creating a safe at CloudSafe.com

(1) Login into CloudSafe

(2) Create a safe

(3) Go to the safe overview and enable WebDAV access

(4) Write down the credentials

Preparing your server


(1) Install davfs2 (a WebDAV file system based on FUSE):

On Ubuntu this will be one line:

apt-get install davfs2

For other linux installation guides please have a look at: http://savannah.nongnu.org/projects/davfs2

(2) Put the WebDAV URL, login name and login password of your Safe in a config file to automate login:

echo "(WebDAV URL)   (login name)   (login password)" >> /etc/davfs2/secrets

as an example: 

echo "https://2078622604.webdav.cloudsafe.com/   support@cloudsafe.com   BJAPQC-L6AEN4-CNRHBQ-HWVUKI" >> /etc/davfs2/secrets

(3) Make sure the file cache is large enough if you plan to upload big files.

echo "cache_size      100000  " >> /etc/davfs2/davfs2.conf

echo "use_expect100   0        " >> /etc/davfs2/davfs2.conf

(4) Create a Mountpoint for your safe

mkdir -p /mnt/safe

Now you are ready to mount your safe to your server’s file system


Mounting the safe to your file system

(1) Mount your safe to /mnt/safe with a single line:

mount.davfs (WebDAV URL) /mnt/safe -o _netdev,noexec,nosuid

Use your safe’s URL, as an example:

mount.davfs https://2078622604.webdav.cloudsafe.com/ /mnt/safe -o _netdev,noexec,nosuid

Now you can copy any data between your server and your CloudSafe safe at /mnt/safe. Just remember that transferring your files to and from CloudSafe will take some time. If you upload a few GB of data this could take a few minutes of time before they show up in CloudSafe.

If you want to dismount the safe from you file system please use this line:

umount.davfs /mnt/safe

We are using this with multiple mountpoints as well to automatically distribute some server data to non-technical staff. So in case they need to access some of the information they do not have to rely on some tech wiz with VPN and ssh access.

Regards,

Roberto


12 notes

Web Startup Tools

After our successful soft launch two weeks ago we survived the first test with real users so far. All systems behaved very well. I realized we are using quite a few external tools to keep CloudSafe up and running and I wanted to take an opportunity to briefly present you a few of these tools. Maybe they can be handy for your own web projects as well.


Text Editing & Translation


WebtranslateIt ( http://webtranslateit.com/ )


In our view, a cost-effective solution for creating and editing all texts which are required in our web application and have to be translated into several languages. This tool has provided us with a web frontend for writers and translators, without interfering with the developers work. A small script would export all text resources from the source code repository and re-import all revised and translated text snippets back. In our case this included more than 300 individual files on the staging server that were easily updated with a single command.


Tolingo ( http://www.tolingo.com )


Even if we did not always agree with the quality of their translations they were very quick with translating some of the descriptive texts. As a startup from Europe that will be offering 5 languages soon this company can be a big time saver. I wish I could send them this blog entry right now since my english is not perfect at all :)


Webtesting


Selenium ( http://seleniumhq.org/ )


With Selenium, you can build very good automated test cases and then use it on every new software release. Selenium is very powerful and requires some training. So you have to make sure you do not try to automate all test cases - sometimes a manual test can still be more efficient.


Online Metrics


Google Analytics ( http://analytics.google.com/ )


The classic choice. We use Google Analytics at CloudSafe for measuring all online metrics of visitors as long as they are not logged in. For privacy reasons we do not track users that signed into CloudSafe. The amount of functionality Google Analytics offers is overwhelming. Make sure you take some time to specify your reports. As a german startup we had a look at two competing companies from Germany as well, named Econda http://www.econda.de/ ) and Webtrekk ( http://www.webtrekk.de ). They offer great sets of functionality. But for the first time Google Analytics should be your choice - it is completely free as  well.


Woopra ( http://www.woopra.com )


My favored tool: Realtime Analytics with a great visual user interface! After trying out ChartBeat for a few days we changed quickly to Woopra. It  provides significantly better functionality  than ChartBeat. Woopra offers a web frontend, an iPhone app and a Java-based application that runs well on Windows, Mac and Linux. The service even offers a free version. All data can be segmented and exported. You get a dashboard where you see any visitor in realtime. Biggest fun is watching the world map where every visitor shows up as a little dot. We use it as a screen saver here in the office. Another gimmick is a realtime chat that can be initiated with every visitor on the site.


External Monitoring


Pingdom ( http://pingdom.com )


While we are constantly monitoring all our servers within our network, we wanted to make sure we know at any time if all services are accessible from the outside as well. So we use several services to test if our application is up and running. Pingdom is one of them - unfortunately with the highest price tag of all. But we are still convinced to use them because of their high reliability. There are quite a few free providers, but in some cases they noticed us a few hours late about downtime. For any high availability web service this is quite useless.


Server Density ( http://www.serverdensity.com/ )


We do not use this product for CloudSafe servers anymore due to security concerns of our system administrators. However, I can still recommend Server Density as a great tool for monitoring servers. You have to install a small script on your servers and you get basic data about utilization of the machines. We still use it for some less important servers and it is great to get a quick glance at server performance. An alternative appears to be CloudKick ( www.cloudkick.com ), which we have not tested so far since the security risk seems to be even higher.


ChangeDetection ( http://www.changedetection.com/ )


I personally registered for a free ChangeDetection account as well. You will be notified by email if any text on your site changes. It generally takes a few hours - but it is a great tool if you have more than one party involved in text creation for your web page. You will stay up to date easily.


Customer Support


Zendesk ( https://www.zendesk.com )


Although ZenDesk seems one of the most popular products for customer support our first impression was negative: In order to offer support in several languages you need to sign for a rather expensive package. The smaller packages only offer one language. From an US point of view that sounds reasonable, but for European startups this looks like a bad joke. Then Zendesk increased prices recently - without prior notice.  Otherwise Zendesk offers a very powerful solution for all aspects of customer support. Take some time to adapt the basic configuration to your own business. Virtually every part of the application can be automated. Anyway, if you are looking for a free alternative take a look at OTRS ( http://otrs.org/).


GrassHopper http://grasshopper.com/


For the US market we use GrassHopper as a phone line provider. Is particularly interesting for distributed teams, since each phone number can be routed individually to different devices. Whether this is an external phone, a router with VoIP functionality or simple VoIP software - anyone can individually manage his extension via  web interface. We also recommend Twilio ( http://www.twilio.com/ ). And for the European market you should definitely have a look at spigate.de ( http://www.sipgate.de) - they are reliable and pricing is reasonable.


Mailings


Mailchimp ( http://www.mailchimp.com/ )

With Mailchimp you can quickly create and manage mailing lists. And you can easily use one of their templates to create good looking mailings. After launching we used Mailchimp to invite a big number of people we know to visit our site. So we were able to determine who responded to our invitation and we had statistics about visits and registrations based on the mailings. Unfortunately we noticed that quite a high number of our invitations ended up in the spam folder of our recipients. Mailchimp uses its own mail servers to send out mail instead of routing them via your own servers - so a lot of receiving servers will flag the message as spam. Not extensively tested, but a valid alternative seems to be Sendgrid ( http://sendgrid.com/).



I hope this list can help some of you with your own websites. Feel free to ask us more detailed questions about the products listed above. Or add some more useful products by commenting on this blog entry. Thanks.


Roberto

0 notes

Finally live!

It took a few weeks longer than expected but now CloudSafe is finally out of closed beta. We are still working on the site content but the web application itself is fully functional and tested. Certification with TRUSTe just passed and we will implement their logo soon. We even had some white hat hackers taking a look at our security measures and so far everything looks perfect.

Now we want to start with a small company blog. CloudSafe is a virtual company. It is the joint effort of about 15 people and a few companies. A big thank you to all of you. Especially Stephie, Katrin & Katrin, Nicole, Tom, Klas, Mario, Peter, Marcus, Christoph, Snufi, Merian, Nils, Geoff, Andreas, Ralph, Dirk, David, Maximilian, Hendrik, Moritz and Lars. Also Claudia, Jörg and Stefan.

What’s next?

In September we will start to post a few entries about our startup experiences so far.

Peter will give you some more information about encryption and our cryptographic architecture: Why we consider CloudSafe to be one of the safest online storages so far. We believe in sharing these information so you can rest assured your data is safe with us.

Nils will give you some insight about entropy on our servers. We had to add some nifty extra hardware to get enough random numbers for our encryption processes.

And I will write a few lines about our initial concept and how me managed to shape a product out of all the ideas.

All the best for now,

Roberto