Shared storage - HIPAA compliance

phoenix21st · February 11, 2025, 6:51pm

My goal is to create a shared storage system for my company, and it MUST be HIPAA compliant. I want to allow designated employees to have access to specific folders/disks based on their role in the company (e.g., Executives, Directors, Managers, Employees, etc.).

I have a multi-node MicroCeph cluster with four physical machines. Ubuntu Server 24.04 installed, folowed by Ubuntu Desktop 24.04. Three machines have a dedicated nvme of 1TB, and one machine has a 1TB SSD connected to it (See summary below).

MicroCeph deployment summary:

phoenix-srv2a-vm (192.168.0.225)
Services: osd
Disks: 1
phoenix-srv2b-stor1 (192.168.0.226)
Services: mds, mgr, mon, osd
Disks: 1
phoenix-srv2c-stor2 (192.168.0.227)
Services: mds, mgr, mon, osd
Disks: 1
phoenix-srv2d-stor3 (192.168.0.228) [This one is a SSD on USB]
Services: mds, mgr, mon, osd
Disks: 1

Keeping in mind that I am novice in linux, what do I do next?

How do I mount these ceph disks so I can use it with mac, windows 11, ubuntu desktop users. They all need access to the shared storage.
How can I ensure there’s a backup in case something goes wrong?

I would appreciate some guidance.

nuccitheboss · February 12, 2025, 1:20pm

Hi there @phoenix21st

I’d recommend joining the “Ceph General” room in the Ubuntu Community Matrix and sending your question there: https://matrix.to/#/#ceph-general:ubuntu.com.

Most of the microceph developers hang out in that room and should be able to answer your questions about HIPAA compliance

phoenix21st · February 12, 2025, 2:00pm

phoenix21st:

My goal is to create a shared storage system for my company, and it MUST be HIPAA compliant. I want to allow designated employees to have access to specific folders/disks based on their role in the company (e.g., Executives, Directors, Managers, Employees, etc.).

I have a multi-node MicroCeph cluster with four physical machines. Ubuntu Server 24.04 installed, folowed by Ubuntu Desktop 24.04. Three machines have a dedicated nvme of 1TB, and one machine has a 1TB SSD connected to it (See summary below).

MicroCeph deployment summary:

phoenix-srv2a-vm (192.168.0.225)
Services: osd
Disks: 1

phoenix-srv2b-stor1 (192.168.0.226)
Services: mds, mgr, mon, osd
Disks: 1

phoenix-srv2c-stor2 (192.168.0.227)
Services: mds, mgr, mon, osd
Disks: 1

phoenix-srv2d-stor3 (192.168.0.228) [This one is a SSD on USB]
Services: mds, mgr, mon, osd
Disks: 1

Keeping in mind that I am novice in linux, what do I do next?

How do I mount these ceph disks so I can use it with mac, windows 11, ubuntu desktop users. They all need access to the shared storage.

How can I ensure there’s a backup in case something goes wrong?

I would appreciate some guidance.

Thank you @nuccitheboss

chrome0 · February 13, 2025, 10:33am

Hey @phoenix21st

I can’t really speak to HIPAA as I don’t have any regulatory background. I’d advise consulting with compliance experts.

As to your questions:

Ceph can expose storage in 3 basic ways, as a block device, object storage or as a filesystem. For sharing storage you would need to expose a ceph filesystem. Support for this is built into Ubuntu but unfortunately driver support for Windows/Mac is lacking. Your best bet probably would be to use an Ubuntu machine as a gateway, and re-export a cephfs via samba.
You can backup your data by backing up your ceph fs like you would do with any filesystem

system · March 13, 2025, 6:51pm

This topic was automatically closed after 29 days. New replies are no longer allowed.