If you are an IT professional like myself or you do server work like a web developer one of the most complicated parts of the job is keeping information about servers/passwords/security codes available to all members of your team as well in a safe place so Black Hats cannot get to it. Most people have a password protected document somewhere on a server that only IT has permission to. Next to that they might have a password application that the users manage and keep up to date. This is great but is not secure, in my opinion these files/application that store this critical sensitive information needs to be disconnected from your network 100% of the time. The reason for this last statement is because if someone managed to get or have access to your network or an internal rogue employee knows where theses files are you would not have the possibility of them being stolen. So what choices do we have after you decide to remove theses files from the network for security?
Keeping in mind we require the following things: encryption, ease of availability, a way to keep them synchronized, ability if lost to recover or wipe.
USB Thumb Drive?
Online Cloud Service?
Lets have a look at these options…
USB Thumb Drive: You can encrypt it and it is only ever plugged in when you need to retrieve a password or other information stored on the drive. Security is perfect but is really inconvenient, all the “what ifs” start kicking in… what if I lose it, what if I forget it, what if it dies, what if I need to update a record no one else gets the modifications on their drive… etc. So this is a great idea but not really a good plan.
Online Cloud Service: I don’t know about you but theses just don’t sit well with me yet. Storing your info in the cloud is convenient but it also means you have to trust another entire company and every single employee that company allows access to this data I.E. a rogue employee that might want to access that data.
BlackBerry Memory: They all have memory on them and we could use them to store the information like a note pad file that is encrypted because the disk is encrypted, but again is very inconvenient as well how you you keep updates synchronized?
Up steps my idea, stop reinventing the wheel and make the existing wheel better. BlackBerry already has a built in application for storing information called the BlackBerry Wallet. This application stores information in an encrypted database which requires its own password to open. When you lose your phone you can have BES policy set so that if it has been x days and has not talked to the BES server then wipe the device dead! The device is always on your person so this is awesome. 1 Problem left is that BlackBerry Wallet does not yet allow it to sync with anything. What if when using BlackBerry Wallet I made a card and then after I could chose to share this card with a BBM user or a BBM group so that they receive the same card for use in their BlackBerry Wallet application. Because I am the owner of the card I can give privileges to that the user or group i am sending it to to set your standard permissions like “Read Only” “Read/Write” or “Owner” as well this card would by default keep in sync with all copies of the card. This would allows us to keep a list of cards synced between x amount of users and also if a user is not allowed to change the card or transfer it to another user they can’t. It would take this application to the next level and make it a supper app.
RIM please feel free to take this idea and run with it.
The idea’s in your hand!
© Caspan 2011