External content encryption - but in-app (client)


#1

Hi, It may be a stretch wishing for this, but here goes nothing… :smiley:

Background

Some organisations have a very hard time accepting their data residing in the cloud.

Main concern may not be data-consistency. (I.e. we trust you that far and the ability to back-up is good enough to cover the rest of our consistency concerns)

Main concern is non authorised access-security, either by some sort of human misstankes, bug - or intentional. The latter is actuality the less concerning.

To but it bluntly: Written guarantees and statements alone may not be enough.

Solution/suggestion

One way to solve this, but still not go for the stone-age on premise approach, is to enable externally provided content encryption. I.e yet another layer on-top of the (I’m sure already) existing layers of security.

(I know this can be done using the API, but it would likely require a complete rework of the web-app and to constantly keep up to date with API changes. It’s way to much work I think. What I’m looking for is a client-side content transformation plug-in ability for fields.)

Another way…

I have experimented with other ways of achieving the same goal: Browser encryption plug-ins.
The plugins I tested were:

The first collaborates with Asana somewhat better.

The results are encouraging, it’s definitely a way to do it. Reason mentioning this is to demonstrate the use-case, but more importantly: Why not to do it and to provide motivations why Asana should support something similar natively instead (as there exists considerations).

Drawbacks/considerations with browser plug-ins

  • UX wize, the main trade-off is usability: Key managements and somewhat also how well these plug-in’s work with Asana in various scenarios.
  • Sensitivity to Asana presentation changes. If this happens, data will be in-accessible also to the content owner.
  • Mobile apps obviously can’t work
  • Tool bridges like Unito would not be able to transform between clear-text and encrypted.

Thanks for considering :slight_smile: //Michael