Jay HeiserSeveral weeks work in a low-bandwidth location has given me a renewed recognition of the convenience and availability ramifications of data protection.
Until a few years ago, it had been my my working assumption that the encryption of data at rest had resulted in more lost data, through encryption failures and missing keys, then had been protected from theft. 15 years of the routine encryption of data at rest has finally left us in a fairly robust position, with the reliable ability to perform a useful level of encryption of stored data in the overwhelming majority of circumstances. Both practice and processing has meant that this protection is mostly invisible (as long as you follow the correct sequence when password changes are forced).
Excess CPU capacity masks the overhead of laptop encryption, but a wireless Internet connection is a tenuous link to a graphical world. Having switched providers to one with a more reliable coverage, my iPhone and my credit-card sized MiFi work reasonably well (although both tend to get hotter when the signal is weaker). What doesn’t always work is the corporate VPN.
I’m reliably able to login to my personal starting page, I can read the news on my iPhone, and my corporate Outlook client connects to Exchange. I can even update this blog using the online WordPress mechanism, although frankly, it would be more efficient to write this locally with Raven and then do a batch upload, which is what I do for my personal blog, which contains photos. What doesn’t always work wirelessly is the corporate VPN, resulting in inaccessibility to several crucial services. Although satellite would be the best option for higher bandwidth wireless access, I’m told that latency issues make it incompatible with VPNing into a legacy system based on Lotus Notes (even if I cached the data locally, I have no reason to expect that synch would work without the VPN). At least one satellite-connected analyst has been provided a wireless modem so that he can supplement a medium-bandwidth high-latency connection with a low-bandwidth low-latency one.
Security always comes at a cost.
Category: security Tags: connectivity, encryption, reliability, VPN, wireless
1 response so far ↓
1 Ludovic Leforestier July 27, 2011 at 3:06 am
Jay,
It’s not only the VPN overheads (actually, I believe they’re rather small in terms of bandwidth), it’s more the fact Outlook/Exchange is incredibly chatty, especially compared to Notes (bad GUI but good backend).
For instance, when you send something, it first, well, sends it, and then replicates the sent folder.
I was stung quite badly with data roaming charges lately, and this made me reconsider the assumption that there’s good connectivity everywhere.
Something to bear in mind for SaaS deployment and TCO: most models don’t factor in bandwidth costs (too complicated to calculate) and assume a good connection (bandwidth and latency) everywhere at all times.