Page 2 of 5

Posted: Fri Jun 08, 2012 9:46 am
by aclawson
The stake purchased a business plan for carbonite.

Posted: Fri Jun 08, 2012 11:49 am
by mlh78
We use Dropbox heavily to keep the stake presidency organized and to keep information readily available. It has worked wonders. We don't use it for MLS backup though. As an added layer of security, all documents that we put on Dropbox are password protected. We use it to keep all of our agendas, calling/ordination/interview trackers, stake conference agendas, minutes, stake history, training, custom reports, etc. With all of this information organized on Dropbox, we are essentially a paperless presidency. And in my opinion, a much more effective one.

Posted: Sat Jul 14, 2012 5:47 pm
by sj3vans
Hello all from a new 1 month old STS.
aclawson wrote:The stake purchased a business plan for carbonite.

I like the idea of using the kind of backup technology provided by Carbonite, Mozey, and others like that. I use Carbonite at home and at work. It makes it really easy for a user to recover their own data but also for me in the event a hard drive tanks. However, to make this secure enough, you really need to use a solution that allows you to manage your encryption keys yourself. The default for Carbonite is for them to do it although they have the option for you to manage your own keys. Having them do it is certainly more convenient since you don't have to worry about losing it or re-entering it to restore a PC's data. But with that convenience comes the possibility of a data breach since someone at the backup service could access the data. However, I would like to see something from the church approving such software before I would use it. Or better, as stated by someone, the Church could beef up its backup service.

As for someone comment about the lacking physical security of the PC, I've noticed that as well. It seems that the clerk account is an admin account and most anyone can get that password. But I'm not so worried a member is going to go in and take member data as I am about a hacker breaking into a high profile target like Carbonite.

Posted: Sun Jul 15, 2012 10:24 am
by aclawson
1. Create a truecrypt volume.
2. Sync said truecrypt volume with dropbox.

Data is safely encrypted and nobody without the password can access the files locally.

Posted: Mon Jul 16, 2012 6:58 am
by sj3vans
aclawson wrote:1. Create a truecrypt volume.
2. Sync said truecrypt volume with dropbox.

Data is safely encrypted and nobody without the password can access the files locally.

I like that. I've used TrueCrypt for years on the USB flash drive I used to get, ehm, member data from the Church PC to mine where I ran a conversion utility to put it in Yanceyware. I started using TrueCrypt to make sure that I didn't expose member data if I lost the USB flash drive (that never happens, right?). But I haven't used it in a while since member data is now readily accessible via LDS tools and

However, I had not thought of just creating a TrueCrypt volume on the clerk PC. In addition to ensuring backed up data is secure, that would also solve another issue with members having the clerk password (which is an admin account). It would give the Bishopric or Clerks a way to maintain more sensitive data. Although, I've wondered why there is a need for any such data to be stored on the PC anyway. But the fact is, people will save things they probably shouldn't (e.g. a church court notification letter) and it would be good to protect that. Not having looked yet at the EULA I wonder if we can use it?

Posted: Mon Jul 16, 2012 7:59 am
by aclawson
TrueCrypt is free and open source. The licensing terms are as follows:

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
This notice may not be removed or altered from any source distribution.

Posted: Mon Jul 16, 2012 8:06 am
by aclawson
And as for confidential data, I have shown all clerks and bishops how to encrypt pdf files created by pdf creator (my favorite pdf driver by far). They can lock up specific sensitive files.

Posted: Thu Aug 02, 2012 11:04 pm
by shingo198199
If you are working with documents and sharing among a lot of people, dropbox is not a good choice. It is more towards personal use due to its ability to sync files. This means that there is a huge possibility of accidental overwriting of files. Besides, dropbox files can be easily extracted as long as someone is able to get hold of a computer that installs dropbox and is currently signed in to that account.

Truecrypt is a good encryption choice, but it defeats the purpose of allowing ease of sharing without security since you need to reveal the password to those who need to view those files.

Google Docs is a good choice for sharing of documents. It allows multiple users to read and edit files on the file, while users need to sign in to the Google account. Once you are done, simply sign out and nobody else can touch your sensitive data. You can also set various levels of secrecy and hide the documents from view or allow specific access to certain people.

Note that the authentication is based on each individuals Google account and it even allows you to track who has been accessing and reading those files. And you can trust Google when it comes to security

Posted: Fri Aug 03, 2012 5:49 am
by johnshaw
shingo198199 wrote:This means that there is a huge possibility of accidental overwriting of files. Besides, dropbox files can be easily extracted as long as someone is able to get hold of a computer that installs dropbox and is currently signed in to that account.
Google Docs/Drive can also be installed in this manner and is susceptible to the same conditions as you state are issues for Dropbox. In addition the online Sharing for Google Docs/Drive can be a bit confusing unless you specifically create folders and use the 'Starring' Function - can be extremely confusing, sharing a folder with Dropbox is much easier than the out-of-the-box Google Method.

The reason I like Google So much is the apps that go along with it, though they are minimal apps, it has been the true collaborative platform for an organization like the Church that is using opensource office productivity apps, their purchase of QuickOffice will go a long way to the multi-platform ability. I do believe that Office365/SkyDrive/Live is going to make a large play here for our organization as well, when Office 2013 is ported to IOS and Android Q1 of 2013 I think we'll see a large demand for using actual Office and sharing using skydrive will drive large demand.

I keep hoping that the church would provide each unit their own personal docs area or a LDS-dropbox solution, the technologies exist now to support it, Leadership in wards and stakes would benefit greatly from an 'official' perspective, rather than be bogged down and feel a need to go around the policies in the church.
shingo198199 wrote:And you can trust Google when it comes to security
This over-simplifies I think, the recent security breaches show that the real issue is when we as consumers use the SAME username and password on all websites. Google is as susceptible as Dropbox to a LinkedIn breach - which it turns out was exactly what happened. Additionally many distrust Google because they gather and store everything about those users.

Posted: Tue Aug 07, 2012 3:16 pm
by ldsrussp
I guess you guys already realize it but dropbox, google docs, etc.. are all not really in compliance with the handbook as last I read it. The reason is due to the storage of data on third party servers not controlled by the church. However, I understand the appeal. I'm looking into creating our own self-hosted cloud using "owncloud" on a linux laptop sitting in the stake offices. This should be in compliance and you will notice it provides most or all of the benefits you are looking to get from google docs or otherwise.