A data-safe remote desktop system intended as a reasonable compromise
between information security and homeworking useability.
A FreeBSD-based live-CD (or DVD) for the client, with an OpenBSD-based
the groupworking hub, with no non-encrypted traffic. Nothing installed
on the user's machine can affect the company network, and the user has
their own personal data 'insulated' from the company.
The 'data-safe' (a relative term as we all know) aspect is achieved by
means of a relatively uncomplicated approach, so that one can be
considered to be 'taking sufficient reasonable steps' as regards data
provides both assurance and protection to both parties.
If the data is so valuable that taking photos of the
screen is worthwhile, then perhaps additional forms of security would
This project consists of sets of scripts, short programs and patches
which would be applied in the creation of a template for a live-disc
corresponding sets for the server to which the clients will connect.
User creation on the server produces 'client identifier' files which
are copied to the template before burning, to produce an individual
disc per user. The 'client identifier' information in conjunction with
the connection framework (which in turn uses standard packages) ensures
that connections are restricted and users are prevented from using
anyone else's login details.
What started this?
This started back in mid-2005 after reading yet another article about
jobs and departments being lost, and figured there had to be a way for
employers to be able to cut costs without having to fire everybody. An
entire department can work from home using this, without running a
significant risk of all the information being leaked, or lost on
virus-infested home computers, and without the concern that the staff
are not distracted by 'other programs'. The cost-logic behind this is
that people working from home don't need all that expensive cubicle
space and the cost saving is more than enough to cover a maintained PC
and broadband connection. In addition, all staff are direct employees,
which makes them all directly and individually accountable.
At the time, there weren't any projects available that I could find
that would either have lent themselves to conversion or patching for
this purpose, or that were in a state of comprehensibility. Now there
seem to be plenty of reasonably well-advanced live disc projects, but
none that seem to address this particular problem.
Side note - several re-iterations and system changes later, the description still applies.
This is a temporary info-page while things are put into
'publicly-presentable' and better-explained form. The timing was a
little forced given the
imminent release of a product that seems rather similar in function
(but is linux-based).
Hosted by Sourceforge.net