General Chat Thread, Article: Is DropBox ok to use? in General; Also you might want to look at AeroFS which has end to end encryption and is (optionally) serverless....
16th September 2011, 09:02 AM #16
Also you might want to look at AeroFS which has end to end encryption and is (optionally) serverless.
Last edited by Geoff; 16th September 2011 at 10:53 AM.
16th September 2011, 09:07 AM #17
@dhicks I am with you on this one. I really don't like the thought of all this data flowing backwards and forwards. Do you ever really know who is accessing it and where it is ending up?
For access to data, I'd much rather use something like XenApp that can prevent data being saved and printed over the remote connection. You will never get around the fact that people can steal anything that you need your eyes to read but it does limit opportunities. Plus all your data stays on your systems.
Of course, this does then open up the question of cloud-based backup but I imagine 'free' solutions are too limited for this anyway.
16th September 2011, 10:49 AM #18
There is a presumption that people will never work offline, will never work on multiple devices and that people are happy to spend time uploading files in that response ... or am I wrong? Most people like the use of the file sync / file storage tools because it automates a lot of work for them. Being able to share a folder ( and contents) with specific people has its benefits, and being able to automatically distribute changes is something that has a fair bit of precedent. Yes, there are concerns about *what* people put in the folders as well, but that is a user-education piece of work and exists anyway, without having to consider the security implications of any particular tool / technology. I also think you mentioned an important word in your response ... cludgy. Are we still in the age where we think people will accept cludgy or reduced functionality? Every time we make it difficult and overly complex for a user do do something we put back the cause of IT as a ubiquitous tool that simply works. It is one thing to do it for a specific security reason, but when there could be solutions out there to do what is needed that *aren't* a bit Heath-Robinson then it sometimes comes down to the simple matter of time / cost / training ... except that it is never that simple when you introduce those three.
Originally Posted by dhicks
File sync tools and online file storage are being pushed as an alternative to all those USB memory devices being moved around (usually unencrypted devices too) ... if you make it awkward then people will just go back to using (and losing) them instead.
2 Thanks to GrumbleDook:
Alis_Klar (25th April 2012), CHR1S (16th September 2011)
17th September 2011, 02:29 PM #19
Regarding Patriot Act vs EU Data Protection - look at it from the point of view of a US company. On one hand they have the UK/EU saying 'you've agreed to follow EU data protection rules' and on the other you have the US government saying 'hand over the data else your CEO and board of directors will end up in Guantanamo bay'. I know the example is ridiculous but it highlights my point here - for a US company, the Patriot Act will always trump third party country rules.I have reservations about these services, but have just adopted an already in place google apps installation at my new school. When I get a moment, I will highlight my concerns.However, as an institution it is also a risk management exercise. What is the likelihood that the data held on the US servers will ever be requested under the Patriot Act? I'd estimate 'so low, you're more likely to get hit by lightning 1000 times in a row'...
17th September 2011, 02:35 PM #20
Also, take a look at this vote https://www.dropbox.com/votebox/4986...ur-for-dropbox and see if it will help.
17th September 2011, 02:43 PM #21
Yeah? They said the Banks were 'Too big to fail' but the 0.5% Gross Interest rate on my account says otherwise. I don't like those stats!
17th September 2011, 06:41 PM #22
I know the risk is likely to be low, but it has to at least be registered as a risk ... something that I can see falling through the gaps in a number of institutes.
Also, having spoken with the ICO Helpline and getting advice from the Policy Unit (nothing definitive) it is likely that a company would not release under The Patriot Act, but under Section 35 of the DPA (as part of legal proceedings) ... the same clause that can be invoked when UK authorities required data held overseas.
I am still investigating as having spoken to 2 companies who deal with similar services but for other sections of the public sector, they have said that DPA is only one aspect of protecting data. I might see if I can prod @Drummer_Boy for a chat about it.
17th September 2011, 08:31 PM #23
Indeed. There are many other possible issues with external hosting that aren't specific to foreign data centres as well too - such as collateral damage from law enforcement raids. I know of at least 2 raids on data centres which had hundreds of servers confiscated as part of investigations by the FBI and police in 2 different countries - one of which is in the EU.
Originally Posted by GrumbleDook
Sure, they were targeting a specific user of those servers, but the knock on effect was hundreds of businesses were effected. In the USA, a raid caused multiple businesses to go out of business.
Hence my trepidation at cloud services for file storage. Its also why I use a sync service for my work email, and will be getting everyone else to implement it at some point to ensure data continuity.
Risk management, as you say, isn't about ignoring unlikely issues, its about adding them to your risk assessment and planning accordingly - even if the plan is 'do nothing, as the cost of alternative provision is unaffordable'.
2 Thanks to localzuk:
SimpleSi (18th September 2011), TheScarfedOne (19th September 2011)
19th September 2011, 11:44 AM #24
I've seen this argument thrown back and forth with regards to DropBox, this is a simple answer. SugarSync IMO is just as good, and DOES comply with the Safeharbour Frameworkhttps://www.sugarsync.com/privacy.htmlIt allows you so specify which folders to sync (not just the one "DropBox" folder) and also allows you to sync specific with specific multiple computers. I think you may also get more storage as standard.
19th September 2011, 11:51 AM #25
Kinda expensive... $299 a year for 3 users.
Originally Posted by smithson83
19th September 2011, 11:56 AM #26
I really dont care for these privacy issues. You could debate them until the sky falls in and be no closer to getting a definitive answer.
What I do care about is the technology Now is there any way to map skydrive/dropbox to a drive letter? Or maybe have a shortcut in their current my documents automatically? We already have skydrive icon on student desktops but it tends to take ages to log in and upload something.
Would be awesome to allow students to keep their work on their skydrive accounts, since they all have live@edu already.
Last edited by zag; 19th September 2011 at 12:00 PM.
Thanks to zag from:
SimpleSi (19th September 2011)
19th September 2011, 11:57 AM #27
Really great timing with this as we are re-doing our Web Sense policies and have internal flack from IT tutors regarding Dropbox and the like. Think we will need to dig deeper into the SafeHarbour stuff and see where we really stand.
19th September 2011, 12:03 PM #28
If you work in education then you should care, or you will when you get sued up the yazoo for breaching the DPA where kids are involved
Originally Posted by zag
19th September 2011, 12:06 PM #29
Originally Posted by zag
""Mezeo Amazon S3 FTP WebDav AT&T Synaptic Storage Internap XIPCloud Storage Google Docs Google Storage EMC Atmos Online Box.net KT ucloud storage Open Stack Nirvanix Peer1 CloudOne Rackspace CloudFiles Windows Azure Windows Live SkyDrive CIFS/SMB Caringo CAStor"""
to Drive letters
GLADINET - Cloud Storage Access Platform & Solutions
19th September 2011, 11:10 PM #30
Has that ever happened?
Originally Posted by smithson83
By SimpleSi in forum Educational Software
Last Post: 9th September 2011, 08:49 AM
By Dos_Box in forum General Chat
Last Post: 5th February 2008, 10:31 AM
By Brad in forum Hardware
Last Post: 28th March 2006, 10:16 PM
Last Post: 31st August 2005, 07:38 AM
By mark in forum School ICT Policies
Last Post: 24th June 2005, 11:18 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)