The Omni Group
These forums are now read-only. Please visit our new forums to participate in discussion. A new account will be required to post in the new forums. For more info on the switch, see this post. Thank you!

Go Back   The Omni Group Forums > OmniFocus > OmniFocus Syncing
FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
OmniSync security? Thread Tools Search this Thread Display Modes
Is Omnisync a secure service? I really like to use it, but is the security high enough? (definition of enough still to be decided :) ) Is it encrypted/what kind of encryption?
 
Communication with the server defaults to secure (encrypted) HTTP just like your online banking sites use; the files are not encrypted on the server, though. (We wanted to preserve our ability to help folks with sync issues when/if they occur.)

The sync server has all the security/protection that our online store does, but we can't responsibly issue flat guarantees. Syncing with any server run by someone else is inherently less secure/private than doing so with a server you control yourself.

There's a tradeoff between security and convenience in cases like this that's up to each individual to make.
 
Thanks Brian, excellent answer. Security is a tough issue, if you aim for 100 % you will lose all functionality so there is a middle way you need to adopt to. With your software it's well worth finding that middle way that make it work for you.
 
Quote:
Originally Posted by Brian View Post
Communication with the server defaults to secure (encrypted) HTTP just like your online banking sites use; the files are not encrypted on the server, though. (We wanted to preserve our ability to help folks with sync issues when/if they occur.)
Speaking of encryption, has there been any discussion within Omni of making use of the "iOS Data Protection APIs" for the on-device storage of OmniFocus data?

Speaking as someone who works in an Enterprise environment where the potential for loss of (control of) data is a major roadblock to implementing iOS devices, I can say that being able to point to OmniFocus using this security enhancement (combined with the use of a company-run WebDAV server for the sync) would go a LONG way toward soothing the paranoiacs in IT Security here! ;-)
 
I'm not really sure how desiring encryption for your data is being paranoid - if you're not asking this type of question when your data leaves a trusted environment, then you're doing a poor job of securing your data.

With that said, I would urge Omni to allow the encrytion of the data on the server. Let this be a user decision\option rather than remoiving the option altogether.

While Omni may do what they can to secure the data, they've stated up front that they can't guarantee security - what more do you need to hear to know you need encryption on the server?
 
I'm not talking about the server, since you can run your OWN server if you need to. I was specifically referring to the iOS device that was running OmniFocus.

The "iOS Data Protection APIs" are important for making sure that the full force of on-device encryption is applied to the data stored by a particular program. Aside from Mail, very little of what's on an iPhone/iPad/iPod touch is protected with that full level of encryption.
 
Quote:
Originally Posted by Joslyn View Post
Hi guys I am Joslyn. I am here to share my views about Omnisync. It is a vast and unique platform.It provides a lot of protection and security. Through security we can prevent us from cyber threats and any other disasters.
I'm sure you are. And I'm sure that soon you'll be advertising web sites in your follow up posts since this one went through. Looking forward to that!
 
Quote:
Originally Posted by CatOne View Post
I'm sure you are. And I'm sure that soon you'll be advertising web sites in your follow up posts since this one went through. Looking forward to that!
Of course, they aren't going to be reading your follow up post, and by posting instead of clicking on the report button, you make it so that there's still some trace even after Brian nukes the spammer...
 
Quote:
Originally Posted by whpalmer4 View Post
Of course, they aren't going to be reading your follow up post, and by posting instead of clicking on the report button, you make it so that there's still some trace even after Brian nukes the spammer...
I report 99 of 100 and you bust my chops for the one I have a little fun with ;-)

Oh, and when the spammers come with a drive by and hit a bunch of forums... not awesome that you have to wait like 60 seconds between each report. So I don't report them all...
 
Quote:
Originally Posted by CatOne View Post
I report 99 of 100 and you bust my chops for the one I have a little fun with ;-)

Oh, and when the spammers come with a drive by and hit a bunch of forums... not awesome that you have to wait like 60 seconds between each report. So I don't report them all...
Yeah, I know, my irritation at having to wait means I don't report a bunch of them, too. I'm undecided whether the recent move to up the number of posts needed before links are available is a good thing or not. Wouldn't it be sweet if after you reported a post, the forum software didn't show you any threads where the only new posts were from that poster? At least Euro 2012, UFC 148, and Wimbledon are over now so we can get back to WoW gold sales :-)
 
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Similar Threads
Thread Thread Starter Forum Replies Last Post
Omnisync Server API sgoldstein Syncing via Omni Sync Server 3 2013-04-05 08:19 AM
Omnisync Workflow mattsbrand OmniPlan for iPad 0 2012-12-17 07:13 AM
Email to Omnisync roontoon Syncing via Omni Sync Server 6 2012-05-25 01:00 PM
OmniSync repeatedly asking for pwd stardiv5 OmniFocus for iPhone 2 2012-02-03 01:13 PM
OmniSync not working azarias OmniFocus Syncing 5 2011-01-19 03:48 PM


All times are GMT -8. The time now is 02:49 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.