Document security: Safe words
- Article 8 of 33
- SC Magazine, March 2007
Choosing the right content management system is crucial to keeping your digital files secure. But it's only the first step. Rob Buckley reports.
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | All 5 Pages
The company began work on the system in 1999 and last overhauled it in April 2006. ”As things grow, little holes appear, encryption turns out not to be so good. You really have to be thorough. You can have a fantastic system, but if there's one flaw ...“ warns Einhorn.
Securing the building was ”hugely expensive“, says Einhorn. A combination of consultancy and development work necessary for the document management system cost the firm nearly a quarter of a million pounds. Still, Einhorn is clear that he doesn't believe his security is impenetrable. ”Nothing is totally secure. All it takes is someone with a cameraphone.“
THE END OF SOFTWARE AS WE KNOW IT?
When Google unveiled its Writely online word processor, now part of its Docs & Spreadsheets offering, many commentators saw it as the beginning of the end for Microsoft's Office suite. It wasn't the first program to run over the web, but with Google's might behind it, it was argued, all software would soon be delivered as services, overcoming the problems of installation, software upgrades, licence costs and a whole host of other typical enterprise deployment issues.
Writely, they predicted, would start a Web 2.0 revolution among office applications, since it includes collaboration features that allow multiple users to work on a document simultaneously, share it with others via blogs and chat applications, and versioning capabilities that let you roll back others users' changes.
So far, however, software as a service (SaaS) has yet to recruit the entire software industry to its side. But there have been some high-profile converts: Salesforce.com has made inroads with its hosted CRM service; SAS uses on-demand business intelligence; and Microsoft offers various Windows Live services, including Office Live.
Online document collaboration tools, such as Writely, are rarer, although there are various products from vendors such as WebEx and HyperOffice, as well as gOffice, ThinkFree, the various Zoho applications and dabble db.
But just how secure is this kind of service? If all the company's documents are stored online and edited over the network, are they vulnerable?
The answer is that it's very much up to the company providing the service.
Google's Writely, for example, doesn't encrypt traffic using HTTPS - all text goes in the clear. Theoretically, therefore, anyone could intercept data and read it to find out what's going into the document. To use Writely, all that's needed is a suitable web browser and a Google account. Anyone can invite someone else to collaborate on a document and they in turn can invite others. There are no corporate lock-downs, no options to restrict who can do what.
Then there are Google's own terms and conditions and privacy policies: ”Google reserves the right, but shall have no obligation, to pre-screen, flag, filter, refuse, modify or move any content available via Google services“; ”Google reserves the right to syndicate content submitted, posted or displayed by you“; and ”You agree that Google has no responsibility or liability for the deletion or failure to store any content and other communications maintained or transmitted by Google services.“
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | All 5 Pages