[OPLINTECH] Office 2013, SkyDrive, & local policies

Jessica D. Dooley dooleyje at oplin.org
Fri Jul 19 16:04:58 EDT 2013 

Chad raises a terrific point about any and all cloud storage. Performing
full, pre-Internet encryption on any data stored the cloud is the only way
to protect against surveillance, attack, or other third-party misuse. I
haven't had a chance to try each of them yet, but for what it's worth, here
are some solutions that I'm considering:

1.)    For backups between machines that you administrate, use a combo of
the not-secure Free File Sync (for custom file and folder syncing, one way
mirroring, etc) within secure networks, and BitTorrent Sync (real-time
encrypted file and folder syncing) across public networks. I'm using this
now, to back up our in-house library-created data, distributing copies
across machines we own. In fact, using Bit Torrent Sync alone, on each of
your primary-use machines, may be a great alternative to commercial or free
cloud-storage products.

2.)    For on-the-fly file encryption, to be used in combination with free
services like Dropbox, Google Drive, or SkyDrive, I'm looking at
CloudFogger, a free software that performs on-the-fly 256-bit AES encryption
on files, as you add them to the cloud. Haven't tried it yet - looks neat!

3.)    For whole-disk encryption on a per-machine basis, open-source project
TrueCrypt has a great reputation. 

 

Jessica D. Dooley

IT Specialist

Adams County Public Library

157 High Street

Peebles, OH 45660

937-587-2085

dooleyje at oplin.org

 

From: oplintech-bounces at lists.oplin.org
[mailto:oplintech-bounces at lists.oplin.org] On Behalf Of Chad Neeper
Sent: Friday, July 19, 2013 3:11 PM
To: OPLINTECH
Subject: Re: [OPLINTECH] Office 2013, SkyDrive, & local policies

 

Not to mention the whole privacy issue. Any data stored in the cloud is
potentially accessible via hosting company mistakes (I see reports of that
periodically), attacks, and (as recently come to light) it's apparently
freely/readily/automatically given to the government! Storing library
operational data is one thing, but you might think twice about storing any
patron-identifiable data.

 

For my own use, I map my data folder to Google Cloud, so my stuff is
automatically backed up to Google every time a file is changed. I find it
hugely convenient and reassuring that I have an up-to-the-second copy of my
data. However, I'm trying to find a good way to automatically
encrypt/decrypt the individual files on the fly. Security is my biggest
concern with the setup.

 

WRT your specific question, does perhaps SkyDrive have a method to force
individual users to store data in a shared (library-owned) repository, thus
eliminating the issues you're concerned about?




______________________________
Chad Neeper
Senior Systems Engineer

Level 9 Networks
740-548-8070 (voice)
866-214-6607 (fax)

Full LAN/WAN consulting services -- Specialized in libraries and schools

 

On Fri, Jul 19, 2013 at 2:27 PM, Phil Shirley
<pshirley at cuyahogafallslibrary.org> wrote:

What's your policy or practice regarding what staff can do with library
documents and data? What are your thoughts on this?

We're going to start using Office 2013, and I noticed that it encourages you
to use SkyDrive, Microsoft's cloud-based storage for documents, etc.

I like the idea of storing things on our server rather that in a Microsoft
account that only the individual has access to. The documents that staff
create belong to the library, not to the person, and if the person leaves or
is fired or is unable to return to work for whatever reason, I think the
library should have access to the documents the person created. There's also
the issue of handling sensitive data.

I'm considering disabling SkyDrive. I've heard that some organizations do
this in order to enforce their policies about data storage.

Phil
-- 

Phil Shirley
Technology Services Coordinator
Cuyahoga Falls Library
Cuyahoga Falls, Ohio
330-928-2117, ext. 109 <tel:330-928-2117%2C%20ext.%20109> 
pshirley at CuyahogaFallsLibrary dot org

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
OPLINTECH mailing list
OPLINTECH at lists.oplin.org
http://lists.oplin.org/mailman/listinfo/oplintech

 

 

 

 

 

 

 

 

 

 

 

 


Search: http://oplin.org/techsearch

 

 

 

 

 

 

 

 

 

 

 

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20130719/6f1a6f1b/attachment-0001.html>

More information about the OPLINTECH mailing list