Reducing risk and dependence on non-European cloud services (3 of 3)

The previous parts dealt with control and dependencies/continuity. In the last story, we encounter an organisation where the problem was not in the system, but in how people tried to make the work function. Most information leaks do not begin with an intrusion; they begin with friction in everyday life. When it is difficult to collaborate easily, people find their own ways around the systems. 

Common examples: 

• private cloud accounts, such as Google Drive, for quickly sharing large files 
• specialised tools that fill a need that the business lacks, such as Trello or other project spaces 
• temporary file transfer services, such as WeTransfer, when the recipient lacks access 
• copies of documents distributed in email threads so that "everyone has the latest version

This often leads to: 

• unknown storage location and jurisdiction 
• unclear access when projects are completed 
• parallel versions of documents 
• difficulty in meeting deletion and registration requirements 
• impossibility of tracking who has seen what 
• dependence on individual employees' private accounts

The organisation introduces Nextcloud as the common platform for external sharing and collaboration. Instead of trying to ban different tools, it creates a clear first choice that actually meets the needs of the business. All projects with external parties — customers, suppliers and consultants — get their own workspace where files are shared and dialogue takes place in one place.

In practice, this means

• external participants can be invited without internal accounts 
• large files can be shared without special solutions 
• comments and decisions remain with the document 
• rights can be removed immediately when the project ends 
• the same place is used every time, no one needs to choose tools

Our role rarely begins with installing a system. It begins with understanding the business. We assist customers through a preliminary study where we jointly map out needs, information flows, and technical requirements. Based on this, Nextcloud can be introduced gradually or broadly, depending on what the organisation actually needs. 

Redpill Linpro delivers Nextcloud as a ready-made SaaS service, operated within the GDPR framework and in an ISO 27001-certified organisation. For businesses that want to own the entire supply chain, we also implement Nextcloud on-premise in the customer's own infrastructure.