06 Mar 2014 by Ryan Lackey
Editor's Note: This is a guest post by Ryan Lackey (@octal)
One important security technique is ensuring all actions leave a record, and that that record is reviewed by multiple parties.
While preventing bad actions is always desirable, sometimes that’s difficult while meeting performance, reliability, cost, or other goals. A reliable record of malfeasance supports investigations after the fact, allows additional protections to be added to address specific threats, and is an inexpensive backstop for a variety of systems. Independent review of those records helps ensure the records are accurate and that improper activities are stopped.
This principle has been part of how humans deal with security for a very long time. Double-entry bookkeeping, invented in the late 13th century in Italy, is one of the first examples -- a clerk wouldn't be able to simply pay someone money without leaving a clear record for the owner to see. Audit and financial controls within a company are the modern business manifestation -- the employee who incurs the expense isn't the one to approve and pay the expense report. In retail, stores provide printed receipts to customers, both to prevent fraud by cashiers and for taxation authorities to prevent tax fraud by the stores. All of these systems are built around making it hard to hide the records of one's actions from independent review.
A major trend in computing over the past decade has been the "consumerization of IT". In many ways this has been good -- a shift away from expensive, difficult to deploy, all-or-nothing systems toward smaller systems which can be selected, adopted, and maintained much closer to the end user. A general increase of performance and decrease in cost across all systems, a decreased level of training and increased ease of use, and rapid adoption of new technologies (mobile, tablets) are all contributing to an exciting time in the technology industry.
Unfortunately, one of the problems with the modern Software as a Service (SaaS) or public cloud model for applications is a weakening of this protection. Users have no visibility into back-end details of software running entirely on a provider's remote systems. While that software could be great when the contract is signed, it's possible for a company to weaken systems in a way invisible to the user -- perhaps to save money, or to add a new feature, or to comply with external pressure, or merely by mistake. Even more alarming, a rogue employee at a provider could subvert systems without the knowledge of the provider or the customer. Or, an outside attacker could subvert systems, and without a robust record-keeping infrastructure, make changes which are difficult to detect and which hurt both the customer and the reputation of the provider.
Boxed software, the predominant model in the past, largely addressed this problem by shipping discrete releases on a periodic schedule, to be run on the user's own infrastructure. This software, once it was handed over, could be reviewed by the buyer, sometimes including source code audits or third party security assessments and certifications. Most importantly, the publisher of the software couldn't readily substitute a new software update without leaving a record -- the binary application which would run on the client's own hardware. If a publisher included backdoors, major vulnerabilities, or other malware in their software packages, the user could see what had happened, and could either improve their pre-deployment security assessment process, or switch software vendors.
Running on the client's own infrastructure provided another protection. A smart deployment of packaged software included many interlocking layers of prevention, detection, and correction of improper behavior, both by software and by users. Firewalls could prevent sensitive systems from directly connecting to the outside world. External logging systems could create accurate records of the operation of systems, and independent systems could interoperate so the compromise of any one wouldn't be sufficient to leak data. Backup tools could allow protection from catastrophic failures, as well as a historical record of when system configurations changed. While any one of these controls may have been subverted, the combination could be made robust.
To resolve this conflict between the cost savings and feature advantages of the public cloud, and the security advantages of the old in-house IT model, we can try another model: the private cloud. Software for the private cloud is used in much the same way as public cloud software, but is designed to be deployed to physical infrastructure within the enterprise.
Private cloud file syncing and collaboration has many advantages over public cloud file sharing solutions (particularly around network performance and overall reliability), but from a security perspective, the private cloud is much more compatible with the kind of robust security architecture a smart enterprise would want guarding their critical data assets. By being hosted within the enterprise, on a private cloud, the existing firewall, IDS, logging, and other controls can protect the private cloud deployment. Private cloud auditing services provide a simple way for Security Information and Event Management (SIEM) and log analysis software to observe activities at the file level and protect critical data.
Private cloud deployments still offer the benefits of the consumerization of IT, being cheap and easy to deploy, easy to use, and supporting a variety of platforms, while having good intrinsic security and great compatibility with existing security controls.
Ryan Lackey is a computer security expert, conference speaker, and founder of several startups. He is interested in new models of cloud security, hardware tamper-response and trusted computing, and security for mobile users in hostile environments. He is currently CEO of CryptoSeal, Inc. in San Francisco, CA.
11 Feb 2014 by Yuri Sagalov
The AeroFS Private Cloud is a great solution for businesses which suffer from unauthorized file syncing and collaboration usage due to the consumerization of IT. Today we're launching two new features for the AeroFS Private Cloud: The AeroFS Auditing Service, which allows IT to audit all usage within AeroFS in real-time, and the AeroFS API, which allows developers to build amazing new collaboration tools and products for the private cloud.
The AeroFS Auditing Service provides a well-structured JSON feed that is timestamped with the exact time an event has happened. The Auditing Service integrates with Splunk, or your existing logging infrastructure out of the box.
Getting started with the AeroFS Auditing Service is easy, and you can learn more here
The AeroFS Private Cloud now provides a RESTful Content API for content access and uses OAuth 2.0 for user authorization. The Content API allows developers to perform various operations on content stored in AeroFS:
The get/upload content functionality allows developers to perform streaming uploads and downloads
We're firm believers in dog-fooding our own products, and the Content API is no exception. The AeroFS Content API is already in use by the AeroFS Private Cloud iOS Application.
The AeroFS developer documentation lives at https://www.aerofs.com/developers, and we encourage you to go through examples posted there.
You can sign up and start using the AeroFS Content API for internal development and experimentation today. However, before publication your application we ask that you contact us at firstname.lastname@example.org.
We've also setup a mock Content API server at docs.apiary.io so you can begin experimenting immediately.
Finally, we encourage you to subscribe to our api-announce mailing list.
All the best,
Yuri & The AeroFS Team
22 Jan 2014 by Yuri Sagalov
As mobile continues to penetrate the Enterprise, BYOD is no longer simply a question mark, it is a reality. Not only do employees want access to their work data at home, they are now bringing in mobile devices like the iPhone and the iPad into the office.
Lacking a proper solution, these employees use (often in secret) public cloud file syncing and collaboration products which are undermining the ability of IT administrators to control the security and privacy of their corporate data. Worse, they are often violating compliance and regulatory requirements.
Last November we released the AeroFS Private Cloud. The AeroFS Private Cloud is an easy-to-configure file sync and share solution that lets corporations enable modern collaboration, while still keeping their data completely behind the corporate firewall.
Today we are releasing an important next step in the AeroFS Private Cloud ecosystem: The AeroFS Private Cloud iOS App.
The iOS App allows employees to access their corporate data, but unlike traditional cloud-based file syncing apps, the iOS app does not require data to be stored in the public cloud.
The iOS app is designed to address the growing BYOD movement within the Enterprise. It allows IT administrators to enable file syncing and collaboration on one of the most popular mobile platforms in the world without compromising their own data security and privacy policies.
Like the desktop AeroFS apps, the iOS app is designed to be easy to setup and use. Since the AeroFS iOS App is distributed through Apple's App store, it needs to easily be configured to talk to your organization's AeroFS Private Cloud.
However, instead of manually entering error-prone information such as hostnames, ports, and security certificates, we opted for the simple QR-code based approach shown below:
This approach simplifies IT admin overheads by keeping the on-boarding flow for employees simple. Employees, in turn, get to experience the same "one-click" install process they've come to expect from the AeroFS Desktop apps, completely on their mobile platform.
Usage of the AeroFS iOS app is native and intuitive. The app displays the same folder hierarchy that you have on your own machine, allowing you to view and download whichever files you would like:
Questions? Comments? Shoot us an email at email@example.com
All the best,
Yuri & The AeroFS Team
07 Jan 2014 by Linda Yang
This coming Monday (January 13th, 2014) our co-founder and CEO, Yuri Sagalov, will have the pleasure of speaking with Alexis Ohanian, co-founder of Reddit.com, at the University of Toronto.
Alexis will be speaking about his experience in building a business and his passion for entreppreneurship which has come into fruition in his book "Without Their Permission: How the 21st Century Will be Made, Not Managed."
Following his talk, Alexis and Yuri will host a fireside chat about startups, entrepreneurship, and AeroFS. The talk is hosted by the University of Toronto's Hatchery.
Alexis and Yuri will be hosting a meet up afterwards at 7pm (location TBD at the event) and would love to meet any of you there.
Additional information, as well as instructions to RSVP can be found here.
Bahen Centre (40 St George St, Toronto) Room 1160
Start Time: 4:00pm
End Time: 6:30pm
Meet-Up Time: 7pm (Location TBD)
13 Dec 2013 by Yuri Sagalov
Happy Friday the 13th!
Today we'd like to announce a few things, in order of importance:
As some of you may have noticed, we've officially removed the limit on external collaborators on the free AeroFS account (paid accounts always had unlimited external collaborators). This means that if you're in an organization of 1-3 people, you can now share with an unlimited number of people external to your organization.
Here at AeroFS we have been continuing our regular releases of AeroFS, and today I would like to point out a few of the features and improvements that Hybrid and Private cloud customers should notice in their AeroFS Clients.
Cross-platform compatibility is incredibly difficult. For example, although the OSX platform supports pretty well all file names under the sun, Windows has significant restrictions.
Fortunately, most of these incompatibilities are relatively easy to resolve by simply renaming the file on the computer where you notice the error.
Last week we've released a number of improvements to the user experience around unsyncable files, and I'd like to point out some of these improvements now.
First, on the computer experiencing the problem you should see a notification in the tray menu:
Clicking on this notification will bring you to the following dialog:
In this dialog you can go through each item, find out what the problem is in the Detail column, and address it by renaming the file.
Detailed information on unsyncable files can be found here.
A file conflict is created when the same file is modified on two or more computers before their changes are synced. AeroFS has supported conflict resolution through a Help > Why Aren't My Files Synced? dialog quite some time, but while overhauling the unsyncable files handling, we decided it was also a good time to revisit conflict resolution.
Resolving conflicts is as easy as resolving unsyncable files:
First, you will see a notification in the tray menu:
When you click on the notification, the following dialog will open:
From this view you can see the various versions, open them, and save a copy/resolve conflicts as necessary.
Detailed information on conflict resolution and what each option provides can be found here.
That's it for now!
Yuri & The AeroFS Team