SkyDrive Sync

We are just beginning to look into how to provide remote access to our systems from a secure non college owned device. I am not fond of allowing syncing to a skydrive, for numerous reasons. Has anyone heard of a way to install a version on the local servers for access? We might begin building our own.

Regards,

Jesse

Jesse Lunt

Network Services Manager

Saint Joseph College

Asylum Avenue | West Hartford | CT | 06117

(o) 860-231-5283

(m) 413-464-2346

I agree, I am also not good with the syncing of the users network drives and being available from anywhere with no more security whatever userid/password the decided to create the account with. There would be no audit trails and no way to know what user was in at what time. I am less concerned with the way Dropbox works then SkyDrive with access to all the shares. Has anyone looked at ways to not allow the syncing or other means to prevent this. I know it is new but I fell this can be a giant security hole for the colleges. The advantage of VPN is that you can maintain an audit trail of access. Even Microsoft’s Direct Access can maintain security based on AD authentication.

Bottom line, this seems to be to be a big security hole for all of us to deal with.

Bruce Marshall

Valencia College

Dropbox can be blocked via the firewall. The desktop clients can be limited with some antivirus suites and by removing any elevated permissions from users. I would be just as concerned regardless of the software package as it does not separate personal from corporate data, so if someone had any FERPA/HIPPA/HITECH data saved locally and by accident saved it to their Dropbox/SkyDrive folder, now this data is available on any device there account is syncing with. What I keep seeing is a stance of we don’t do that, well guess what it only takes once.

Patrick Goggins

Senior Systems Administrator

University of Wisconsin - Green Bay

A growing concern for us is to keep up with what our students and faculty want but allowing it in a secure manner.  What are your thoughts with an on premise solution like iFolder or VM Octopus? I feel this way at least we would have some control over the security.

Jesse Lunt

Saint Joseph College

One man’s opinion- they generally want what they want, not an alternative. Either accommodate the real deal or not, but the ‘we’ll provide that for you instead of what you really want’ can be a tough sell.

Doesn’t TruCrypt create an encrypted “blob” based on the size of the “partition”?  By that, I mean isn’t it always the same size whether there is data in the truCrypt “drive” or not because of the noise?  I know TruCrypt is the standard, but there must be something that encrypts just the files as they get placed in the cloud rather than writing a multi-GB file for something small.

These questions aren’t rhetorical.  I am aware of TruCrypt, but haven’t used it so I’m trying to understand the pros/cons.

Thanks,

Brian

You can set the blog to be dynamically sized and if you uncheck the “Preserve time stamp” option in the TrueCrypt preferences, Dropbox et. al will only sync the changes, it won’t have to reupload the entire file everytime.

I’m actually looking at ways to integrate this into lab images in a secure fashion.  Our labs run deepfreeze and log in with AD credentials to the Windows live cloud.  I’m looking for ways to dump that authentication into the application so it automatically mounts.  This a piece of cake in windows 8, but not in 7.  It seems like it would be great for students to get away from those flash drives that keep dying/getting lost/forgotten.  It’s the floppy disk dilemma all over again.

The shared files are a security concern, but it does give you the option in the setup to uncheck this feature. We just need to educate as many students as possible how this operates and of its security implications.