Sharing and collaborating online while locking the stable doors
Sharing & Collaborating online while locking the stable doors
Why and what do we share?If you think about the sensitive data currently being shared by businesses via insecure email systems and other files sharing tools it starts to get scary.
- Company and business accounts
- Tax returns
- Job offers and HR documents
- Financial discussions around contracts and transactions
- Property contract negotiations
- Legal communications either criminal or civil.
Scary stuff indeed!
All this takes place on cloud systems that are only as secure as the company that provides the service. A breach of your email service could expose the data from hundreds (or thousands of customers). Think about all the information currently in your "sent" folder in your email app!
Yes there are add-on's for email apps that can send secure attachments but our customers needed to collaborate on the content as a team and existing solutions didn't provide these features.
What would be the ramifications, especially under the new GDPR regulations, for your business if any of this sensitive data went public?
What breach! I've never had a breach.Data breaches are everywhere. Up over 40% in 2017 alone. It's not if a breach will occur, but when. So how can a breach occur?
- A leak by a careless employee
- A weak password
- A leak by your cloud provider or developers
- Hack/Data theft including the database
- Failure to secure an online app/repository thereby exposing the data
- The list goes on..
Let's face it - you are one weak/insecure password away from exposing your data.
So ask yourself - How secure is your data? How secure are your sensitive business documents and discussions when the inevitable breach occurs. Can you do anything to protect the data when a breach occurs?
DropVaultWe set about trying to fix this with our DropVault app. We looked at how our customers were sharing and collaborating with their team and more importantly, with their customers. We built a collaboration app around this need with all the tools and features that make collaboration work.
Instead of sharing a document with one recipient, Apptimi DropVault lets a team share the message and documents. Post, reply, add documents, comments, reminders, mention someone, watch conversations and lots more as a team. All the features a business is looking for in a collaboration and sharing app.
It's like Google Groups but with much fancier clothes.
Making it secure in the event of a breachAs one of our customers asked
Give me a way to share with anyone, at any time but secured from anyone except the people I choose... and that I can still sleep at night
Fact: most systems, including email servers can be browsed by IT staff. While some fields might be encrypted, the content of the messages and any attached documents are not normally encrypted. Your email server might be secure, but what about the recipients? This is a potential exposure point for your data.
So how do we make it better?
Securing your data from everyone (except you)
The challenge in building secure collaboration tools is the user experience. How can you provide the security while allowing easy sharing and collaboration of your data. Hardware keys are great and highly secure, but are big UX (user experience) killers. The task is to meet somewhere in the middle , maintaining ease of use while still securing the content.
We decided to implement a custom encryption key for each secure Inbox. Now each customer can choose their unique key or phrase and we encrypt and hash this key to secure it. Each team member or customer invited to the Inbox receives their own unique password or pin on top of their login to Apptimi. This additional layer provides the necessary security and protection needed to collaborate securely. A compromise of the pin on one Inbox won't expose the data on any other.
Our secure Inbox can now support any user content, with all the features of our regular Brainstorming channel but in a highly secure environment. We don't store the key (in a format we can access or decipher) so even Apptimi support staff do not have access to the data. Add in the other basic encryption we have in the app, plus encrypting the database at rest , security monitoring and intrusion detection, and you have a highly secure collaboration and sharing app.
Where to next?
We'll probably add in hardware key support such as Google Titan (https://cloud.google.com/security-key) , Yubico (https://www.yubico.com/) or other Fido keys so provide additional options for customers that need the extra protection.
Sharing data anywhere at any time is potentially opening the doors to a breach of your data. With increased emphasis on protecting the privacy of your customers data, the onus is on you to take the steps necessary to protect this data to the best of your abilities. Encryption is not the only solution, it's just one step on the path to building a safer online presence.
Great Post,really it was very helpful for us.ReplyDelete
Thanks a lot for sharing!
I found this blog to be very useful!!
JAVA training in Bangalore
I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.Delete
Cyber Security Projects for Final Year
Project Centers in Chennai
Such a wonderful blog!!! I feel good to read your essential posts and I learn a lot of techniques from your post. Well done.
Embedded System Course Chennai
Embedded Training in Chennai
Excel Training in Chennai
Corporate Training in Chennai
Oracle Training in Chennai
Unix Training in Chennai
Power BI Training in Chennai
Embedded System Course Chennai
Embedded Training in Chennai
All are saying the same thing, But it's a truth only. The post you have written is full of nice info. Keep on sharing!!ReplyDelete
Angularjs Training in Chennai
Angularjs course in Chennai
SEO Training in Chennai
Software Testing Training in Chennai
Java Training in Chennai
Web Designing Course in chennai
PHP Training in Chennai
AngularJS Training in Tambaram
Great Article Artificial Intelligence ProjectsReplyDelete
Project Center in Chennai
I admire this article for well-researched content and excellent wording. Thank you for providing such a unique information here. Oracle fusion scm trainingReplyDelete
Whichever means you unlock free play credits for slots, the way way|the means in which} you use them is all the time the identical. Brands are competitive in all their markets, and so they sometimes provide specific bonuses for sure states. If you're outdoors of PA, have the ability to|you possibly can} head over to our Michigan on-line casino bonuses page, or New Jersey on-line casino bonuses page to learn more concerning the provide in these states. For occasion, if you’re trying to play by way of $100 1xbet of free bonus cash you may be restricted from making low-edge bets like red and black.ReplyDelete