The Omni Group Forums

The Omni Group Forums (
-   OmniFocus 1 for Mac (
-   -   Security? (

Bean Street 2010-01-07 01:33 PM

End of a long evaluation, Focus is emerging as #1 potential choice for me! I do have one question first though, and that is about security. I searched here, didn't find much. Are the syncs sent in the clear or are they encrypted? Is the software independently lockable so that if my iPhone or MacBook are stolen, our proprietary & confidential info won't be compromised as well? Specifially, I need to evaluate the security of these three configs:

1) laptop with wireless or RJ45, no syncs
2) laptop & iPhone, yes syncs
3) laptop and several other macs, plus iPhone, yes syncs

Do you handle it, or am I needing to run Omni out of a secure/encrypted file system? Does any information at all end up inside "/Applications/Omni/" ??

Thanks A LOT!!

Brian 2010-01-08 02:57 PM

Sync communication between devices and/or your server is encrypted, but the data is not encrypted on the devices themselves.

If you'd like to see options beyond the existing security tools (FileVault, for example, or remote-wipe of an iPhone), let the [EMAIL=""]support ninjas[/EMAIL] know.

The number of requests for a given change is one of the metrics we use to plan our work; thus far, there's been more demand for other stuff. I know we do have some items in the development database along these lines, so they can vote it up on your behalf...

Brian 2010-01-08 03:00 PM

[QUOTE=Bean Street;71440]Does any information at all end up inside "/Applications/Omni/" ??

Whoops! Realized I failed to answer this question - we don't store information there; if you encrypt your home folder, that'll cover you. Specifically, I believe we store data in OmniFocus' folders in the App Support, Preferences, and Caches sub-folders of the Library folder.

(Plus, I suppose, the location where iTunes stores the periodic backups of your iPhone. Looks like that's in MobileSync/Backups, also in the Application Support folder.)

whpalmer4 2010-01-08 03:30 PM

I started a response to this thread yesterday, but judging from the absence of it here, I must not have pushed the "Submit Reply" button. Oops.

One thing that I'll add to Brian's remarks is that if you do the WebDAV sync (either with Apple's MobileMe service, or someone else's WebDAV server, whether a 3rd party or your company), your security is only as good as the security on that server, because the data is stored there in unencrypted form (though the transfers are encrypted by default, as Brian said).

Frankly, I wouldn't count on an iPhone resisting someone's efforts to get at your data for long. I'd give serious thought to whether truly sensitive data should be on something easily lost or stolen.

All times are GMT -8. The time now is 10:27 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.