AppSense DataLocker gives Dropbox more security hints at the beginning of the end for VDI?

AppSense Labs have released a free suite, DataLocker. Not only is Datalocker AppSense’s first departure to support environments beyond Microsoft Windows, but it is intended to ease adding an extra layer of security to sensitive files before syncing them to cloud-based services.

What does AppSense Lab’s first product release have in its locker? What is the comparison to other cloud storage solutions? AppSense Labs is a new direction for AppSense, a company typically associated with managing windows desktop environments and enabling VDI. If AppSense is investing in new services beyond “traditional”   mobile/cross-device solutions such as VDI, what does this mean for those traditional solutions long term?

Businesses need PCs. Businesses need laptops. Businesses need tablet devices: no, really, they do. It is rare that device use is mutually exclusive. A challenge is how to provide services that can allow users to switch between these devices and still work effectively.

At the same time, there is the ever present business challenge of sharing information and collaborating on projects. To exchange document revisions, validate copy, present figures, review findings. Sure, you can email it: but managing versions of information can become unwieldy as teams operate beyond being in the same office, working for the same organisation. Sensitivity of data is key: finance information, marketing strategies, personnel information all have a  value all are important to keep safe and even accidental data leakage is data leakage. Location of data storage is important for businesses to know about for regulatory compliance.

Cloud storage providers, such as Dropbox, made it easy to share and store files, folders, images and sync between platforms. So much so that it has quickly risen to be the type of service business users want to use. However, a lack of encryption of data and understanding of control over where data is stored can be considered a limiting factor for such cloud services.

AppSense DataLocker

AppSense Lab’s premise for DataLocker is straightforward:  provide a quick and easy method to secure sensitive files you plan to sync to the cloud but still enjoy easy access from any of your devices. Recognising the convenience that comes with using cloud services to keep data in sync between all of our devices AppSense Labs looked to find a solution that removed the need to make security and privacy trade-offs.

DataLocker is a simple-to-use set of applications that easily adds an extra layer of security to sensitive files before syncing them to cloud-based services. The DataLocker suite, which is available for free, includes native applications for Windows, Mac, iPhone, and iPad. The Windows and Mac clients both have simple drag-and-drop interfaces that let you encrypt and store secure files in any local file system or cloud storage location. Since iOS doesn’t have a file system, AppSense chose to start by integrating with the most popular cloud storage service: Dropbox with plans to add additional storage options to the DataLocker iOS application in the future.

It is a obvious question to ask – can I use this for my business?

Kicking the Tyres

I use Dropbox for my business – for backups, for file access across devices, for collaboration. DataLocker could be a very useful tool. An immediate issue for me was – lack of Android support. My company laptop, covered. Mac Book, covered. HTC smartphone? Samsung Galaxy Tablet? AppSense says not yet 🙁

Still, set-up on a Windows platform was straightforward once .Net v4 was installed. You’re presented with a very simple interface (seen on the right).Essentially, you drag files from an a file view location into the Encrypt (or Decrypt) target and then provide a passphrase. You can use the same passphrase, or have a different one every time: you manage the passphrases, DataLocker doesn’t store them.Once given a pasphrase, DataLocker encrypts the file and renames the extension as .ALK extension (as shown below). If you were sharing files, your colleague(s) would also need this tool and you’d need to inform them of the passphrase.dl2Capture

Now, you only get 1 chance to enter the passphrase: there is no verification and in the Windows version: there is no ‘show’ option either. There is no option to recover the password. While you can encrypt a folder, each file is encrypted individually rather than the folder as a whole. It is important to note that the tool doesn’t alter the original file. So for services such as Dropbox you need to select a file from your PC, open DataLocker, select the final destination (e.g. your local dropbox folder), then encrypt the file – by entering the passphrase, without verification.

There is of course the question “when the file gets decrypted, how can I ensure that the destination is secure?” But that’s quite a hard question and one that is likely on in the ‘to-do-later’ list of activities.

You may say “I could have the same features with the the pro version of Winzip, and then I’d have explorer integration as well“. I’d look at you with my “well-that’s quite-right” face. But, this is a free tool, on an initial release. AppSense Labs are actively asking for feedback and suggestions to build into iterative development. The only way is up.


Collaboration Services threat to VDI?

DataLocker can be used to encrypt your data – but its future is likely as part of cloud storage client rather than as a separate application in itself. In its current form DataLocker is not yet ready to be an Enterprise tool: especially if your desktop environment doesn’t yet support .Net v4.

That isn’t to say that secure cloud services aren’t in demand by Enterprises. It’s for this reason that Citrix invested in Sharefile, that RES Software developed HyperDrive. I’ve recently had a chance to look at offerings from Oxygen Cloud,  TeamDrive and Huddle, with work/home data separation on mobile devices being enabled by the likes of Excitor and Mycroft. Each offer smart, scalable, secure and cloud-enabled collaboration services for data and document sharing and worthy of a future article in themselves.

These solutions all typically support  the Microsoft desktop family (Windows XP/Vista/7); as well as Mac OS X and Linux clients for the traditional personal compute environment with mobile device support covering Android, iOS, with Windows Phone and Blackberry as well as Browser support. Secure collaboration on whichever device the user needs, when they need it.

A threat to VDI?  A benefit of VDI for the mobile user is that ‘data need not leave your organisation’ – that you can provide a secure access method with no content leaving your environment. However as these services gain momentum the specific use case for VDI to deliver secure data access comes under greater scrutiny – especially as the costs for providing such services are typically far lower in terms both of CAPEX and OPEX spend in comparison to a VDI solution. True, some applications and data types may not translate well into this environment – but VD I is increasingly not the only option when considering giving remote users access to data in a secure manner.

Blurring lines between personal and business computing

As AppSense’s Doug Lane mentioned on DataLocker’s release – “sometimes we make security and privacy trade-offs that we probably shouldn’t when it comes to sending personal and corporate information up to the cloud“.

A goal for the DataLocker team was to ask “What if you didn’t have to trade off security for convenience?“: DataLocker, as free tool, can indeed offer you the ability to add a layer of security to your data as it sits in the cloud storage platform. It is an useful personal tool as it stands, but enterprises will want a more holistic approach to enabling cloud file sharing services.

It is an interesting development for AppSense. AppSense’s Harry Labana, Appsense’s CTO, believes that as pure consumerization rapidly continues to bring new services to market, enterprises will have no choice but to evolve by adopting the right technologies for their business or become irrelevant over time by being difficult to innovate in, and complicated to collaborate with.

It is with this in mind that when considering mobility, collaboration and flexibility only having one solution one option may well be a disabler rather than an enabler to getting a return for the technology investment. Just because its enterprise IT doesn’t mean it can’t be cool, interesting and useful.