Information Overlode

Subscribe via RSS

This Month

Month Archive

November 2008
October 2008
September 2008

Main Page

« September 10 | September 30 »

Tuesday, September 16

Dropbox in the enterprise? Not just yet.

by Chris Noble on Tue 16 Sep 2008 12:36 BST

It's been in invite-only beta since late last year, and I've been playing with it for the last 3 months. But now Dropbox, the "let's make file-syncing and sharing really simple" company has finally announced that it is open for business. The announcement caused quite a stir on blogs and discussion boards, with generally very positive response. But should you use it for business purposes?

The idea is deceptively simple. Install the software - available for Mac, Windows and now Linux and it creates an ordinary-looking folder/directory in your home directory called, yes that's right: dropbox. Any files or folders you dump in there can be shared and synced with other drop-box users, or shared via a Web URL with non drop-box users. How does it work? Files in the dropbox are pushed over the Internet to the company's system and placed on Amazon S3-based back-end storage.

The system has a variety of uses and what sets it apart is the elegant implementation and attention to detail. At it's most basic the system you to backup some files (2GB storage is free), and to access them when travelling. Alternatively, if you have multiple machines, you can keep the contents of their respective dropboxes in sync, by associating the machines with the same drop-box account. Sharing files is similarly easy and with others comes in a variety of flavours. Any file placed within the Public sub-folder is shareable over the Web by right clicking on the file and selecting 'Copy public link'. For more control, folders can also be shared with selected friends or colleagues by right-clicking and selecting “Share”. This brings up a Web page into which you type the email addresses of who you want to share the folder with. When your colleagues add files to that shared folder, they automatically get downloaded to your machine.

There are other nice little touches, such as a 'Pictures' folder, which displays in specialised gallery-form when viewed via the Web. Simply dragging photos to a local folder, has to be one of the easiest ways of creating a public photo gallery that I know.The cost? 2Gigs of storage are free, and this can be expanded to 50GB for $9.99/month, or $99.99/year.

The software has immediate applicability to small work-groups or small business collaboration. It is copes in a robust-if-not-brilliant manner if two people try to edit the same shared file simultaneously: Only the first version to fully make it to the server is kept, the other machines get copies of the conflicted file with a suffix, indicating the conflict and the users have to manually fix the conflict before removing the extra copies of the conflicted file.

It also implements version control, allowing users to restore previous versions of amended or deleted files.

As a way of sharing information in a small group of skunk-works project, it's a very nice solution. But the software isn't really suitable for wider enterprise deployment, mainly due to security and management issues. That actually represents an opportunity for Dropbox.

Security and management, not quite there yet.

In terms of physical security, there is the obvious concern about letting your valuable data sit around in the cloud. At least, in this case your data isn't held hostage - if Dropbox were to fall under a bus, your data would still exist on your machine. But what about encryption?

As it stands, the company's FAQ explains that "All transport of file data and file metadata occurs over SSL. Files are encrypted with AES-256 before being stored on our backend.". Unfortunately (unlikely, online back-up company Mozy, for example) the company does not let you specify your own encryption key, which means that notionally they (and anyone who convinces them that they shoudl cough up your data) could have access to your data). The company says that it "eventually" plans to offer this, and points out quite reasonably that there is nothing to stop you from placing encrypted disk images in the dropbox for additional password protected security.

In terms of compliance... well, I'll leave it as an exercise for your imagination to visualise the colour of a compliance offer's face when faced with some software that "allows me to right-click and create a public Web link, though the firewall to a folder on my PC". Who would have thought a human could turn that hue and survive?

Some people have also raised issues about the company's terms of service I'm not a lawyer and a cursory glance doesn't reveal much unexpected. But knowing that by putting a file in your drop box you are granting "all other Dropbox users and the public a non-exclusive, non-commercial, worldwide, royalty-free, sublicensable, perpetual and irrevocable right and license to use and exploit Your Files" may cause some people pause for thought.

I'm in two minds as to whether Dropbox has a place in the corporate world. Much of the product's current charm is in it's simplicity and elegance, But the corporate world is going to demand more in the way of management and configurability before unleashing dropbox. Indeed any moderate size company is likely to have at least a fileserver for simple sharing, perhaps even an Exchange, Zimbra or Sharepoint system installed, which will have user roles and policies attached.

The way forward

One obvious path that Dropbox could take would be to follow the Groove Networks path. Before it was acquired by Microsoft, Groove allowed anyone to download and use its peer-to-peer file-sharing and collaboration tool for free, but then sold an management console that allowed enterprise IT to set policies, user roles etc.

Another would be to take a leaf from Google's book and produce an enterprise appliance: A simple box containing a self-contained dropbox installation which could be attached to a nice big private RAID box would remove most security concerns at a stroke, while providing a solid revenue stream.

If the company can retain the stupidly simple ease-of-use while building in the management and perhaps providing an appliance, it could find itself on an winner with medium sized businesses. In the meantime, it is fine to use in small collaborative groups, where compliance isn't an issue and where you are not storing your trade secrets or bank account details.

Update: DropBox For Teams is on the way:

Comments (3) | Permanent Link | Cosmos

Favourite Reads

ReadWriteWeb

Boxes and Arrows

451 CAOS Theory

451 Too Much Information

Diamond Geezer

Dare Obasanjo

Internet innovation blog directory

Skribit: Social Suggestions