Related Tips & Info

iFolder Local Security Utility

MigrationDeletedUser
0 Likes

This utility was created to meet our company security guidelines for protecting confidential data on mobile computers. Following are some of the problems/findings which prompted the creation of this utility:

Problem:
iFolder only encrypts the data when transferring over the wire between client and server. Due to company security guidelines, local data encryption on mobile computers is required.

Solution:
You can encrypt the users iFolder directory, however, because the iFolder service controls the synchronization, the data is downloaded to the users local directory and remains unencrypted. (The data in the directory must be created by the user that encrypted it, or it is created unencrypted).

Run this utility at startup as a front end to Microsoft's CIPHER, creates and encrypts the local iFolder directory each time the user logs in.

Assumptions:
There have been a few assumptions made in the logic of this utility, these are:

  1. When a user logs into iFolder on a workstation for the first time, a registry key is created in "HKLM\SOFTWARE\Novell iFolder\<username>", this is used to validate whether the user has logged into iFolder on this workstation before. If they have and the defined directory exists, the assumption is made that it was this user account that encrypted the local data. If the registry key does not exist then directory is either created or recreated and encrypted with CIPHER to ensure that the current user can view the local data after iFolder synchronization to the local workstation has completed.
  2. The users will be using the local iFolder client and not the web client (Any data uploaded via the web interface will be synchronized to the workstation and will remain unencrypted until the user logs on again and iFLclSec.exe is executed). We have also provided a ZEN desktop icon for this utility so the users can encrypted the data manually if they notice the data is not marked as encrypted.
  3. The local encryption keys are NOT backed up as part of this utility, there should not be any case where the users is required to decrypt any local data, because the data will always reside on the iFolder server.
  4. The process diagram located in the help form is based on using ZEN application packages to drive this utility.

Update to v1.1
*Support was requested for Windows 2000.
iFLclSec.exe now supports Windows 2000. CIPHER.EXE on Windows 2000 supports the same switches as Windows XP.

Labels:

How To-Best Practice
Collateral
Comment List
Anonymous
Related Discussions
Recommended

Resources

Support
Documentation
Training
CyberRes Academy
Partner Portal
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
How To Buy
Careers
Investor Relations
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.