Although Kuo liked using Dropbox, she shared the university's concerns about security. Storage of data on a device was nice, but it was risky, too. "A big consideration is how do you protect the data on the device," she said. "It's very likely that a device will be stolen. Just last week, colleagues were held up at gunpoint for their mobile phones that they'd been collecting data on."
In addition, some central administration over the devices was needed. If a device is stolen, it would be handy to be able to wipe the device's data remotely. The IT department, too, needed some insight into the devices to impose policies to insure security, as well as cut the device's access to the university's systems when its owner left the institution.
What Kuo and Brown discovered was a solution to both the needs of the project manager and the IT department. It's called nCrypted Cloud. The service encrypts data at rest and in transit, preserves the ease-of-use of DropBox and gives project managers and network administrators a measure of control over users and shared files.
"We view Dropbox as a cloud hard drive, and we're sort of a virtual lens on top of it," nCrypted Cloud co-founder Nick Stamos explained. "We intercept all the data to and from Dropbox and encrypt it."
The data is also encrypted at the endpoints in a system, where an nCrypted Cloud client application resides. When a file needs to be used at an endpoint, the client decrypts the data for application use.
The "virtual lens" approach has allowed nCrypted Cloud to expand its solution beyond Dropbox to Google Drive, OneDrive, Box and Egnyte.
To a Dropbox user, there's very little to tip them off they're using nCrypted Cloud, save for a slight addition to a standard Dropbox file icon: a lock to show a user that the file is encrypted.
Policies can be attached to files and folders by their creators and workflow policies controlled by an administrator. Creators can control details about sharing the contents of a folder and collaboration on files. Administrators have full auditing visibility into the system and can set policies such as requiring a PIN to access any Brown University data with a mobile device or barring "rooted" mobile devices from accessing university data. "It's sort of a distributed responsibility," Stamos said.
Management of the system is done through nCrypted Cloud's servers. That's a useful arrangement should a device be misplaced or stolen. "Whenever a thief tries to connect a mobile device to a network, we can erase the data on the device from a central location," Kuo said. "So not only is the data encrypted, but on top of that we know we can log onto the device from our office and wipe it clean."
Sign up for CIO Asia eNewsletters.