April 21, 2008

Open source applications Keep You Safe

Author: Tina Gasperson

Personal data safety is big business lately. There are a variety of ways to protect your identity or keep your personal information from the prying eyes of dishonest people, but Eric Wolbrom has what he believes is a unique service. Keep You Safe makes it possible for subscribers to store all their personal data securely in a virtual online "safe deposit box," and share the key with someone they trust. When Wolbrom, a self-described "security geek," finally had the chance to launch Keep You Safe, he knew that building it on Linux, Apache, MySQL, and PHP (LAMP) was the best way to keep his customers' data secure.

Keep You Safe was born of Wolbrom's interest in business disaster recovery and his own personal data security. Wolbrom learned his lessons from his grandfather, who escaped from Poland early in World War 2, Wolbrom says. "He drilled it into my head that you always had to be prepared to run." Wolbrom's background is in business continuity and disaster recovery planning. "We do this for businesses, but why don't we do it for our personal data?" he asks. Wolbrom calls it "personal disaster recovery."

"Being a security geek, I had always created these text files that would keep the family numbers together, and then use one of the encryption tools of the day to encrypt it, and put it out on the Net." Wolbrom said he could never resist discussing the topic with his business continuity clients. "Have you ever thought of doing for your personal data what you're doing with your business information?" he would ask them. "I wrote this little how-to article for a client." From there, it was only a matter of time before Keep You Safe was born.

Keep You Safe gives clients the ability to either store records in text format on its servers, or to scan and upload copies of documents. Wolbrom says almost every technology that Keep You Safe is built on is open source, including the numerous custom applications he and his partner built to encrypt and store clients' data. Everything sits on top of a classic LAMP architecture: Red Hat Enterprise Linux, Apache, MySQL, and PHP. That's because open source is more secure than proprietary code, Wolbrom says. "I look at this like this: there's an old adage that security through obscurity is not security at all. If I am building something and I make it completely obscured, someone will find the holes in it and will be able to hack that thing. Windows is completely closed and people are constantly reverse-engineering it. With open source you have thousands upon thousands of people looking at the code. If we have lots of people looking, we're always going to find the bugs before they become an issue."

In keeping with that belief in transparency, the company provides a PDF white paper that explains the security process for passwords and logins, data encryption, data transport, network firewalls, patches, and backups.

Wolbrom appreciates the range of choices in existing applications that open source provides, so that when it comes to custom development his team doesn't always have to start from scratch. "It gives us a lot more flexibility in there for the things we want to add on or create, as opposed to building every single aspect of the application. I've believed in open source since 1996, when I first started looking at it."

Wolbrom highly recommends using open source to launch any kind of online business. "It's going to give you the lowest expense-to-deliverable ratio that you're ever going to find. And that's the key thing about open source -- it's just so much less expensive to build anything. It's one of the biggest benefits."

Categories:

  • Business
  • Open Source
Click Here!