AppSense Labs announced, releases DataLocker for file-level public cloud storage security - Gabe Knuth - BrianMadden.com
Brian Madden Logo
Your independent source for desktop virtualization, consumerization, and enterprise mobility management.
Gabe Knuth's Blog

Past Articles

AppSense Labs announced, releases DataLocker for file-level public cloud storage security

Written on Feb 22 2012 15,421 views, 6 comments


by Gabe Knuth

Today, AppSense announced that they have created AppSense Labs, which is a platform they will use to release tools and technologies to the community that may or may not fall directly within the traditional AppSense product line. The idea sounds much like Google Labs, where employees were encouraged to experiment and create other products that may or may not have fit into existing Google products (although Google Labs was shut down in October 2011). 

The idea is that the products will have to be approved by a team consisting of Harry Labana (AppSense CTO) and Keith Turnbull (VP of Global Development), so that only the things that have legitimate usefulness will be placed on the site. Since AppSense's name is on this, they still don't want to be putting out junk. The overall goal will be to try to release products that can help preserve personality across cloud, tablet, and mobile platforms, and to see which works best.

AppSense Labs first product: DataLocker

Also announced was DataLocker, which is a free "prosumer" offering from AppSense Labs that aims to solve the file security problem in a "personal cloud," which is just a fancy name for what all of us do every day with Dropbox. Security in Dropbox today amounts to perimeter solutions. The data is secured via password, but on any of the synchronized systems there is no encryption, so if someone gets a hold of a laptop that is synched with DropBox, they can see and manipulate the files.

Brian and I have tried to solve this by putting our DropBox folders on encrypted volumes using a program called Knox, but that is still perimeter security. The files themselves are still unencrypted when that volume is open, and if the dropbox is synced on another device with Knox, they're out in the open again.

DataLocker works by securing individual files, which allows them to move around or exist in unsecured areas. Each file, when placed in Dropbox through DataLocker, is encrypted with AES 256-bit encryption via a passphrase. Each file has it's own passphrase, although you can use the same one over and over. This means that you can put a file in the public folder, assign it a password, and email the link to the file around without having to worry as much about it getting into the wrong hands. Only the person with the password and the DataLocker client will be able to open it.

Since this isn't quite a full-fledged product, it lacks some of the refinements that you might expect. For instance, you actually have to drop the file on to the DataLocker client to put it into Dropbox. At that point, you're asked for a passphrase, then it's encrypted and sent to Dropbox. There isn't a way to set a default passphrase for each file, and there's also nothing preventing you from dropping files into Dropbox the normal way and leaving them unencrypted. There's also no centralized management since this is deemed a "prosumer" product at this point.

Currently, DataLocker supports PC, Mac, and iOS on the client side, and Dropbox on the storage side. As it grows, other platforms could be supported, but the focus for this product was strictly on Dropbox. Part of the reason for this is that they had to write their own Dropbox client that could encrypt, decrypt, and transfer the files on the fly since there's no local storage to use as a buffer/transfer area. 

My reaction to this is optimistic. I think if you wrap some centralized management around this along with some default settings, you have a way to use public cloud storage solutions without having to deploy your own solution in house and convince your users to use it. Obviously it would need support for more clients and more storage backends, but starting with Dropbox is probably the way to go.

The only question I have is about whether or not Dropbox likes this because encrypting each file essentially eliminates their ability to dedupe it system-wide. In reality, I doubt that there is a significant number of files that can be deduped across the board, so encryption probably isn't that big of a deal to them. After all, if I share an encrypted file with you, and you put that file in your dropbox, it's the same exact file, and it can dedupe that.

So what do you think? If this would've come out two years ago, I'd have called it a solution looking for a problem. But today, with IT consumerization, I see this as being the basis for an ideal solution for any enterprise dealing with users putting content in Dropbox, which is to say, everyone.

 

 
 




Our Books


Comments

DaveAlabaster wrote re: AppSense Labs announced, releases DataLocker for file-level public cloud storage security
on Wed, Feb 22 2012 10:42 AM Link To This Comment

"Since AppSense's name is on this, they still don't want to be putting out junk"  haha!

Magnar Johnsen wrote re: AppSense Labs announced, releases DataLocker for file-level public cloud storage security

Nice move from AppSense hope to see more features on this product. Currently products like boxcryptor looks more simple to use. The problem with client side encryption is that you no longer can share a file with a collegue or friend unless you give them the encryption key, and thats one of the important features with Dropbox

Winter84 wrote re: AppSense Labs announced, releases DataLocker for file-level public cloud storage security

Gabe, you are the only source I have seen so far to say that they are using AES encryption. I can't find anything about the encryption method on the AppSense website. Are you sure about this?

Gabe Knuth wrote re: AppSense Labs announced, releases DataLocker for file-level public cloud storage security
on Tue, Apr 10 2012 2:16 PM Link To This Comment

I am sure that I was told by Harry Labana that they are using AES encryption, but I've never seen it in action. I'll ask Twitter :)

Gabe Knuth wrote re: AppSense Labs announced, releases DataLocker for file-level public cloud storage security
on Wed, Apr 11 2012 10:47 AM Link To This Comment

(Note: You must be logged in to post a comment.)

If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.