A data-safe remote desktop system intended as a reasonable compromise between information security and homeworking useability. A FreeBSD-based live-CD (or DVD) for the client, with an OpenBSD-based server as the groupworking hub, with no non-encrypted traffic. Nothing installed on the user's machine can affect the company network, and the user has their own personal data 'insulated' from the company.

The 'data-safe' (a relative term as we all know) aspect is achieved by means of a relatively uncomplicated approach, so that one can be considered to be 'taking sufficient reasonable steps' as regards data containment, and provides both assurance and protection to both parties.
If the data is so valuable that taking photos of the screen is worthwhile, then perhaps additional forms of security would be appropriate.

This project consists of sets of scripts, short programs and patches which would be applied in the creation of a template for a live-disc client, with corresponding sets for the server to which the clients will connect. User creation on the server produces 'client identifier' files which are copied to the template before burning, to produce an individual disc per user. The 'client identifier' information in conjunction with the connection framework (which in turn uses standard packages) ensures that connections are restricted and users are prevented from using anyone else's login details.

What started this?

This started back in mid-2005 after reading yet another article about jobs and departments being lost, and figured there had to be a way for employers to be able to cut costs without having to fire everybody. An entire department can work from home using this, without running a significant risk of all the information being leaked, or lost on virus-infested home computers, and without the concern that the staff are not distracted by 'other programs'. The cost-logic behind this is that people working from home don't need all that expensive cubicle space and the cost saving is more than enough to cover a maintained PC and broadband connection. In addition, all staff are direct employees, which makes them all directly and individually accountable.

At the time, there weren't any projects available that I could find that would either have lent themselves to conversion or patching for this purpose, or that were in a state of comprehensibility. Now there seem to be plenty of reasonably well-advanced live disc projects, but none that seem to address this particular problem.

Side note - several re-iterations and system changes later, the description still applies.

This is a temporary info-page while things are put into 'publicly-presentable' and better-explained form. The timing was a little forced given the imminent release of a product that seems rather similar in function (but is linux-based).

Hosted by Logo