Service offers social media protection for enterprise

Organizations twitchy about letting staff use social networks have a new cloud-based message and file encryption system to consider.

Wave Systems Corp.’s Scrambls service, released in May for consumers, now has an enterprise version which the company says allows employees to securely send files by email, post Tweets or blogs and use cloud services like Dropbox without endangering enterprise security.

“Here’s an opportunity to have private communications but have all the benefits of the broader social media environment,” said Wave CEO Steven Sprague.

Like the free consumer version, Scrambls is a browser plug-in for Firefox, Chrome and Safari that has to be on both the sender and receiver’s PC. Users open it through an email or Facebook identity. It then encrypts and scrambles text in Web applications. Users create lists of those allowed to read a Scrambls message. Anyone not on the list can’t read the message.

Messages and files go straight to the recipient. Wave Systems only controls the encryption keys.

There’s a Scrambls for Windows application for encrypting files and directories either sent through the cloud or on a USB flash drive. Like the cloud service, only those on the permission list can decrypt the data.

There’s also a software development kit allowing Scrambls technology to be embedded in applications by developers or systems integrators as a Web service.

Wave has created Scrambls iPhone and Android apps for Twitter.

To get the attention of enterprises, Wave is now offering a paid service giving IT administrators the ability to mange Scrambls users’ accounts through corporate email directory domains. Rules can be invoked such as an expiration date for a file or a password needed to view a message.

The enterprise service is priced at between US$10 and US$12 a person a year, with volume discounts available.

To ensure people don’t impersonate a corporate official online, Sprague said organizations have to sign up manually for the enterprise version.

One problem is that there is no plug-in for Internet Explorer. Sprague said that’s being worked on.

Another is that Scrambls makes no promise that its encryption is unbreakable. It also says that because the transformations are applied on the client, outside of any secure execution environment (like most commercial security solutions), the keys are vulnerable to a local attack. It adds that SSL is used to ensure client to server communications.
 
“I can see this as a tool enterprises may want to have in their toolkit because its easy for users,” said Heidi Shey, a Forrester Research security analyst. However, she added, it’s not a complete security messaging solution.
 
As a first step, she said, organizations should classify data on their servers so staff know what needs to be encrypted.
 
As for social media, she notes that most organizations who allow staff to use Twitter, Facebook and other services for work-related efforts are sending public information for marketing and are less likely to post private material.
 
Still, last month Forrester released a report urging companies need to ensure they identify, measure, track, and treat the risks in staff using social media. This means developing a formal risk management process to ensure the company does its best to avoid a social media catastrophe that could severely damage the company, the report said.
 
Companies it identified as selling systems with granular controls that, for example, can prevent the posting of profanity include EdgeWave’s iPrism, Erado, Kronovia, Smarsh and Social IQ Networks. Platforms that manage social media for individual staff through a central portal and have workflow and governance processes includ Actiance, Hearsay Social, SocialVolt and Socialware

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now