Secure Web Collaboration Angus McDonald Technical Director Elcom Technology
Dec 23, 2014
Secure Web Collaboration
Angus McDonaldTechnical DirectorElcom Technology
HINDSIGHTTHOSE WERE THE DROIDS YOU WERE
LOOKING FOR
Web 2.0 Apps = Security issues
Web 2.0 Apps = Collaboration
Collaboration examples
• Tender and deal making sites• Customer training• Customer service portals• Partner portals• Custom-built collaborative web apps
Business wants more collaboration
You could just say “Tough.”
But they’ll just use free web apps
And that isn’t safe!
Solutions?
Don’t hire net gen?
But grownups use Web 2.0 too!
Ban Facebook?
Tallest eruption EVER, on Jupiter’s moon Io
500 km
Best Strategy is to Mitigate the Risks
Offer business a secure platform
Maintain control over Web 2.0
Give them power with safety
Maintain accountability
Increase collaboration
What Does a Secure Web 2.0 Platform Need?
Secure authentication and authorisation
Business control
• Branding• Users• Content creation• Content permissions
IT control
• Internal users already known(e.g. Active Directory)
• Easy to run secure• Scalable architecture• Auditable
Appropriate licensing
• Does it suit your needs?– External vs Internal access
• Does cost vary with utility?• What is the expected ROI?
Collaborative tools
A Wordle from the Wikipedia page on Collaboration Platform
Flexibility and extensibility
So, Do YouBuild, Rent or Buy?
Build
• E.g. Java, .NET• Lots of control• Lots of work• Lots of risk• Greater cost
(even if you have developers)
Rent (SaaS)
• E.g. Salesforce.com, NetSuite• Less risk• Much less control• Costs spread out• Hostage to service provider
That sure looks like
Angus McDonald!
Buy
• E.g. Community Manager.NET, SharePoint Portal Server
• Greater control• Less risk• Less cost• Work on core benefits, not infrastructure
What about SharePoint?
SharePoint pros
• Good for internal use• Standard site structures• Microsoft Office 2003/2007 integration
SharePoint cons
• External access (licensing costs)• Branding• Content publishing• Search speed• Advanced features significantly increase
final cost
What aboutCommunity Manager.NET?
Highly brandable
External access does not change cost
It’s built to be secure
Is It Really Secure?
• Wine Selectors required PCI Compliance• Built to be secure (OWASP and PCI DSS)• Actively developed and improved• Simple to configure securely• Business user-proof• Built on .NET 3.5 and SQL Server 2005
Hugely useful features out of the box
Some of the highlights• Document management• Forums• Wikis• Blogs• Online training• RSS Reader and publishers• Developer framework and API
Great built-in search
Community Manager.NET is a secure platform
In summary
If you need Web 2.0 apps
• Be aware of the security risks• Choose a mitigation strategy• Decide to Build, Rent or Buy• Talk to Elcom Technology
Thank you!Angus McDonald
[email protected]://falkayn.blogspot.com
Some photos from flickr.com and sxc.hu, used with permission.
Photo sourceshttp://flickr.com/photos/24973901@N04/2762458387/sizes/o/ http://flickr.com/photos/gee01/871748560/sizes/l/in/set-72157600952832235/http://flickr.com/photos/hryckowian/2376600916/sizes/l/http://www.flickr.com/photos/marcopako/2391747442/http://www.flickr.com/photos/lumaxart/2137737248/http://www.flickr.com/photos/dalbera/2738452057/http://sxc.hu (various)