I made a post about a backup appliance product I have been working on in 2016.  I have to say things are looking encouraging as my storage platform finally had gained the final piece of the puzzle i need.  Also i am no longer going to build the storage servers as multiple cloud storage vendors have made online storage so cheap it would be idiotic for me to build the back end myself when I can profitably store things on their cloud and still have a good profit margin.  I would not sell the appliances but make them part of a monthly subscription…that way the client pays the appliance off and after no more than 6 months it is 100% profit.  Now i just have to figure out the cost of the appliance builds and go from there.  The biggest challenge is low cost appliances with ECC ram as that is a requirement.  I have been stalled for a while.  If you read the previous post you will see the requirements I had at the beginning of this project.  Now they have changed a bit:
  1.  Local device at clients location acting as either a file server/NAS/Backup target has compressed/de-duplicated/encrypted local storage available at all times.
  2. Data drives will be encrypted so if the system gets restarted/powered down the data is safely encrypted for outsiders to not have access.
  3. if required the boot drives AND the data drives will be encrypted so that if the machine is powered down the system will be unbootable without the master password to first boot the system then a second password for the data drives.
  4. This machine will have it’s own encrypted keys which means the data will not be readable by anyone else at any time without access to the control panel or webgui while the machine is on.
  5. This appliance will then send it’s previously secured data over a separately encrypted connection to an offsite backup for DR purposes. This data will arrive on said offsite infrastructure already encrypted without me ever knowing the key.  Only the originating server will have the key to read their data.  No server will use the same key.
The RC! of my storage platform highly simplifies my secure storage abilities while meeting all but the most stringent of secure data security needs.  Each server will have up to 3 separate, randomly generated 128 bit AES keys for encryption of the boot disks, the data array, and anything sent to the cloud.  All three keys(if required by the client) will be required to access all levels of their data.  As usual, if the client wants me to set this up and then they want to self-manage they can..but then they will have to purchase the appliance themselves and then i will set things up and then turn it over.  If they go for the subscription I provide the appliance, the backup infrastructure, and maintenance on the entire system for them.  Either way I win and the clients win…:)