[Klug-general] secure file sharing

David Halliday david.halliday at gmail.com
Tue Dec 29 13:07:37 UTC 2009

You could put unencrypted files on CDs and post them around (This
works well for the UK government).

Depending on volume of files and changes you could use rsync over SSH
(with some configuration). This way you have local copies of all the
files on each machine (faster for access) and can securely copy/move
updates around.

Alternatively you can set up a secure FTP (over SSH again) server for
file transfers. This can be easily configured in numerous front ends
allowing for a central repository.

In reality any web facing server you have containing sensitive
files/data is a security concern. dropbox has the advantage that they
must take security very seriously and that you are a fish amongst many
where as the location: importantfiles.mycompany.co.uk could be easier
for a targeted attack.

Some key things to think about if you are thinking of implementing
your own solution are:
- Can you ensure that your servers are completely secure (From
firewall to patches and nobody else shares/uses it other than those
who should have access to sensitive data).
- If the people on laptops are going to use them from remote locations
you have no control over then you need to set-up access using VPN/SSH
type connections to prevent "sniffing".
- If this data is so important that they don't want to be on dropbox
then I assume that the laptops have encryption on the hard disks,
strong passwords and the usual strict control on them that would
prevent data getting out if they were stolen/left on a train. Lets
face it if you are working with sensitive data remotely the laptop is
possibly the weakest point.

For data backup you can also think about having an automated SVN
system on the server allowing you to roll back files to previous

More information about the Kent mailing list