Organizations twitchy about letting staff use social networks have a new cloud-based message and file encryption system to consider.
Wave Systems Corp.’s Scrambls service, released in May for consumers, now has an enterprise version which the company says allows employees to securely send files by email, post Tweets or blogs and use cloud services like Dropbox without endangering enterprise security.
“Here’s an opportunity to have private communications but have all the benefits of the broader social media environment,” said Wave CEO Steven Sprague.
Like the free consumer version, Scrambls is a browser plug-in for Firefox, Chrome and Safari that has to be on both the sender and receiver’s PC. Users open it through an email or Facebook identity. It then encrypts and scrambles text in Web applications. Users create lists of those allowed to read a Scrambls message. Anyone not on the list can’t read the message.
Messages and files go straight to the recipient. Wave Systems only controls the encryption keys.
There’s a Scrambls for Windows application for encrypting files and directories either sent through the cloud or on a USB flash drive. Like the cloud service, only those on the permission list can decrypt the data.
There’s also a software development kit allowing Scrambls technology to be embedded in applications by developers or systems integrators as a Web service.
Wave has created Scrambls iPhone and Android apps for Twitter.
To get the attention of enterprises, Wave is now offering a paid service giving IT administrators the ability to mange Scrambls users’ accounts through corporate email directory domains. Rules can be invoked such as an expiration date for a file or a password needed to view a message.
The enterprise service is priced at between US$10 and US$12 a person a year, with volume discounts available.
To ensure people don’t impersonate a corporate official online, Sprague said organizations have to sign up manually for the enterprise version.
One problem is that there is no plug-in for Internet Explorer. Sprague said that’s being worked on.
Seven steps to software security
After a decade of news detailing countless successful cyber-attacks, it's hard to imagine a corporation not understanding they need a software security solution. Unlike implementing software quality assurance, the processes that go into making applications more secure are still relatively immature. As well, ownership for the security of software in an organization is not always consistent or clear.