how one to one sharing enforces secure collaboration - xonom
TRANSCRIPT
Connect Security World Conference Sept. 17 2015
Laurent Henocque - KeeeX - Marseille
How One to One Sharing Enforces Secure Collaboration
The situation
‣ Cloud and sharing solutions abound, but do not make our life easier
‣ Collaborating over heterogeneous clouds or systems is impossible in confidentiality
‣ Group and Access right management turns to a nightmare
‣ External collaboration requires even more care
2
How do your contacts share?
The group management nightmare
‣ External collaborators must be invited to use, and maybe pay
‣ It must be decided if a new collaborator can access the group history - or create a new group
‣ External collaborators may have their own conflicting cloud and preferences
‣ Some admins end up managing some 900+ groups
4
So, what happens?
‣ External collaborators (lawyers, accountants, customers, sub-contractors…) often receive unprotected documents.
‣ Internal collaborators deploy a wealth of Shadow IT, and send home documents via their dropbox or the like.
5
approval
previous
reference
initialfinal
Good news: file organization and management can be embedded
tag...
report
So: no tier is required to manage file organization, and files may travel anywhere
Cloud Sync folders, NFS+VPN drives can be used as transfer tunnels
Encryption is local
Cloud/Disk…
Folders act as tunnels
An app can memorize per user sharing mode and encryption settings
…
We don’t need groups
‣ Initial sharing list for a document can be used as a default for all subsequent versions, and comments, and any relevant activity…
‣ A new user can be added to a document without revealing the previous activity
‣ Encryption is the de facto default over insecure media
‣ Heterogeneous sharing is a no brainer 9
Example Version 1
Version 2: same sharing list
Preparing version 3: suggested sharing list - heterogeneous modes
DropboxWeblinks
Conclusion
‣ One to One encryption and sharing settings can be memorized by an app
‣ Encrypted files may transit via any cloud tunnel while carrying all organizational, integrity, authenticity and semantic information
‣ People can use the clouds of their choice
‣ Adding recipients to a sharing list is instantaneous
‣ Security is never compromised
13
14
Thanks for listening
Meet us at World Smart WeeeK
Laurent Henocque, [email protected], +33 683 88 20 01
KeeeX SAS, RCS Marseille 807 570 148Pôle Média Belle de Mai CS 20038 – 37 Rue Guibal – 13356 Marseille cedex 03
Tel: +33 4 91 05 64 47