I am super curious about these kind of private-clouds-in-a-box but as a small business owner I would be terrified to move our company documents from Google Workspace to something on premise. Responsibility for zero day patches? Physical security for the server? DR/BC planning? Yikes.
Are there ways for vendors or service providers to take on some of this risk without compromising the data sovereignty that this approach is supposed to deliver?
It does not need to be on-premise if you don't want it to - feel free to run an instance in some hosting centre somewhere, either as the main instance of as a hot standby or some load-balancing scheme.
What I do wonder about is how they secure the installation against leaks of any kind. I've done quite a bit of Owncloud/Nextcloud development but I still do not have the feeling I can totally trust the beast, there are just too many strings attached everywhere to be able to get an overview of what would happen if e.g. a less-than-stellar "Nextcloud app" (like some of my earlier experiments...) were to be installed. Such apps could open up the system to intruders if they are not configured correctly.
These are all valid questions. I worked in both scenarios: working inside an org using NC and offering services to an external one. My take on this: unless you don't value your data, you need to have someone that has formal responsibility for this. It is not that much work, actually. And for someone who takes care of many NC servers, most of the work can be automated. Regular upgrades are necessary, and these require a full backup. Given the nature of the software, I don't believe this can be done without access to the data itself, so it has to be a company or employees you trust. And of course you must not install any additional apps.
I admire their intent but question the claim of "digital sovereignty" while their public-facing website requires Google Analytics as well as cookies for Facebook, Twitter and LinkedIn and doesn't even offer an opt out.
This reads like some kind of junior PM did something without considering long term effects.
Also:
> The repo team for instance took advantage of Nextcloud’s storage capabilities right away by uploading all their documents since 1993 – 100 GB of data – in one night. This was entirely unplanned, but the IT team was pleased to see that Nextcloud held up perfectly fine.
100GB for 30 years? I generate more data on one day of tests.
