secure dropbox alternatives

rune3280 · 2011-12-12T04:59:52.000Z

I have a real problem comming up with good enough reasons to not use Dropbox in the company.

All here agree that “it’s not really safe, but it’s just for marketing stuff anyway”, and I agree. For marketing it’s probably ok. On the other hand my experience tells me that once users have their hands on tools that are easy to use they will use it for everything in every scenario (typical iPad scenario).

So I have come to the conclusion that I will have to come up with a good and secure alternative, and mention the ones I have found so far, not all of them are any safer then Dropbox either.

one.com

Domain Names | Web Hosting | Websites | Email | WordPress

Grow your business online with our one-stop solution to build a stunning website. Register your domain today! Includes personal email, SSL, 24/7 support and more.

trend micro
Sharepoint
MS Live mesh, atleast stuff is not necesarly stored in “the cloud” , depends on both computers being turned on at the same time though.
sugarsync

Anyone have any good input on this subject?
Much appreciated

rune3280 · 2011-12-12T05:01:18.000Z

the Dropbox suite itself have some real security issues and may probably open your computer for an attack, that has also been mentioned (and duly ignored).

maxsec · 2011-12-12T05:03:10.000Z

build your own based on on a zend.to Vmware image?

stuartbarrett3782 · 2011-12-12T05:05:00.000Z

I agreee with Martin, Zend.to is a pretty awesome managed file transfer solution.

bytesnake · 2011-12-12T05:08:14.000Z

Zend.to looks good. I have to read more about it …

Maybe http://owncloud.org/ fits too.

leifjohnson · 2011-12-12T05:15:27.000Z

Id never heard of this zend… a couple of questions if I may…

Can you point it at a folder, for example a user logs in and they can then send files to a public area on one of my fileservers? Or is it more of a universal dumping folder sorta thing?

maxsec · 2011-12-12T05:22:56.000Z

RTFM… it’s an inhouse ftp type service, but you have to drop the files to the service and can say who has access and send a securelink.

replaces ftp wit ha http based solution thats much user manageable.

Written by the same guy that wrote MailScanner,

leifjohnson · 2011-12-12T05:31:13.000Z

Cheers Martin

darrylleaning · 2011-12-12T05:37:28.000Z

I have Zento in house. It’s great.

andynotts · 2011-12-12T05:40:23.000Z

Another +1 for Zendto, it’s a YouSendIt clone based on Linux we have our recompiled for 50GB file transfers if anyone has the bandwidth to upload

Also look into SparkleShare you can host your own DropBox style service

russellwurth6200 · 2011-12-12T06:25:34.000Z

When it comes to security of file sharing, what is it you are looking for?

Encrypted file transfers
Encrypted file storage
Integration into Active Directory for policy control
Being able to map to a network drive
Auditing capabilities (who accessed resources and when)

There are many options out there to chose from. I tend to think DropBox is fairly secure in terms of how they operate. It is the terms of service that I and many others had problems with. This is a good summary (I am not affiliated with DropBox):

ReadWrite

ReadWrite - IoT and Technology News

IoT and Technology News

I like the idea of using TrueCrypt to encrypt sensitive files on DropBox:

Lifehacker – 21 Jun 11

How To Add a Second Layer of Encryption to Dropbox [Updated]

If recent security and privacy concerns about Dropbox make you think twice about using the popular file storage and syncing tool, there's an easy

fellowizard0097 · 2011-12-12T06:58:55.000Z

I think Zend.to is a bit too much for the average Dropbox user. It’s a good alternative but be prepared for the immediate backlash from users if this is implemented. Users love the package and simplicity of Dropbox and a lot of alternatives require too many steps to get to the same result “SPF”. Is file encryption the issue or port security a problem?

maxsec · 2011-12-12T07:15:35.000Z

juts

Keenan2853 wrote:

I think Zend.to is a bit too much for the average Dropbox user. It’s a good alternative but be prepared for the immediate backlash from users if this is implemented. Users love the package and simplicity of Dropbox and a lot of alternatives require too many steps to get to the same result “SPF”. Is file encryption the issue or port security a problem?

just a matter of user education…zend.to makes you think a little about who you’re sharing the file with.

fellowizard0097 · 2011-12-12T08:12:04.000Z

Teaching and re-teaching are always a good models to follow, but when it comes to nonclassified files or documens it’s been my experience that users just want it to work, and work quickly. For example, if you’re sharing a M&M cookie recipe already on your workstation with a coworker or client you don’t want to log into another console, upload the file, provide that person with a username and password, then have them squint to use “Captcha” just to pickup the file. You just want to share the file. We have to acknowledge the immediate gratification element with our users in order to move forward and provide the most secure solutions for them. Otherwise you will have this great system/application that hardly anybody will use.

mjlouwrens7217 · 2011-12-12T08:24:15.000Z

thanks. zend.to looks awesome.

maxsec · 2011-12-12T08:37:29.000Z

Keenan2853 wrote:

Teaching and re-teaching are always a good models to follow, but when it comes to nonclassified files or documens it’s been my experience that users just want it to work, and work quickly. For example, if you’re sharing a M&M cookie recipe already on your workstation with a coworker or client you don’t want to log into another console, upload the file, provide that person with a username and password, then have them squint to use “Captcha” just to pickup the file. You just want to share the file. We have to acknowledge the immediate gratification element with our users in order to move forward and provide the most secure solutions for them. Otherwise you will have this great system/application that hardly anybody will use.

but thats not the problem here, Zend.to (and others) are trying to solve the issue of people emailing documents about to other companies, not someone down the hall where you can use shared folders/document-management-solution and you have access to the same internal infrastructure.

I want to travel to the coffee machine I don’t get on a 747 and fly there. If I want to visit Orando I don’t walk. Different solutions for a (similar) but actually different scale of proble,

steveanderson7252 · 2011-12-12T08:39:30.000Z

I use iFolder which was originally a Novell project. It is no longer supported by Novell but there are sync clients for Windows,Mac and Linux as well as iPhone/iPad client apps in development. The server can be difficult to get running initially but one up it works very much like dropbox. It does integrate with AD or OpenLDAP and because it is “inHouse” it can be controlled and monitored.

scottalanmiller · 2011-12-12T08:48:13.000Z

The obvious choice, I think, is Jungle Disk. Secure, major vendor and well known. We’ve been using it and it works great. Just like DropBox without the security problems.

scottalanmiller · 2011-12-12T08:49:42.000Z

Steve7342 wrote:

I use iFolder which was originally a Novell project. It is no longer supported by Novell but there are sync clients for Windows,Mac and Linux as well as iPhone/iPad client apps in development. The server can be difficult to get running initially but one up it works very much like dropbox. It does integrate with AD or OpenLDAP and because it is “inHouse” it can be controlled and monitored.

How do you like that? It is WebDAV under the hood. I followed it for a while but Novell didn’t appear to ever be making it free so I kind of gave up on it. Is development on it really “active”?

fellowizard0097 · 2011-12-12T09:19:13.000Z

@Scott I’m on the same page with you with Jungle Disk everything is streamlined, hopefully @Rune3280 has a budget or else I’m sure Dropbox will remain King.