Quite everybody uses today email as their first non-oral communication tool.
Most of you even know that standard email is not really secure but you continue to deal with it.
Some of you because you don’t really have the choice, some others because you trust anough the system for what you need to do.
A set of technical people, with a set of technical tools, can of course make "email based communication" more secure…
The side effect of this security enhancement is that the persons who will use this more secured email based system will have less and less people to communicate with… Everybody must indeed be at the same security level which is not really simple to guaranty especially when your skills are more business, project, marketing driven … that technical.
So rather than to have a complex system to deal with, which must be valid cross-company, which requires a set of IT’s to discuss and work, let’s start with what counts the most : the person/trust/trust/person or trust/person/person/trust paradigm. What or who is first?
In a person to person relationship, trust is critical and key. You can not really communicate with persons you don’t trust. If you do it, you might be superficial or it might take a long time to achieve a common objective together. In the real world, giving trust is sometimes complex but you are assisted by a set of physical sensors and even feelings.
In a digital world you need to rely on a communication system which provides you a set of means to be able to trust another person.
Hence you tend to start first with "trust" from a technical point of view and you tend to forget the persons :
– you need to ensure that the other person is the person she is telling she is.
– you need to ensure that only the person you communicate with will be able to open it, unless she is already informed (pre-informed) that another person she trusts will be informed simultaneously.
– you need to ensure that no-one else you aready know will appear to you with the same name but with another digital identity.
Groove communication system is "person centric". Persons "are" Alway First (PAF). This means that each person is the center of her relationship with the other persons she trusts… Each person has a "digital identity card" which is unique and highly crypted. Contrary to e-mail, security is "always on" with Groove :
– you only work with persons you know
– your exchanges are crypted on the wire
– your data is crypted locally
– your data is crypted everywhere you share it with other known and trusted persons.
So, it’s not about "access rights given by someone else", it’s about "the rights I give myself, as a person, to another person".
So, it’s not about a "password" which provides me access to a network or an application, it’s about the security mecanisms associated to my, personnal, digital identity card which allow me to communicate with onother person.
So, it’s not about "access rights given to data", it’s about "rules" I provide to someone else to access that data and manipulate it.
It’s all about trust I grant to a specific person and that the other person grants equally to me.
Of course, the other person can work with another person, with other persons …
In other words, the data you provide to that person is not intended to go somewhere without your conscent because … you trust that person.
Of course, in some organisations, you need to provide additionnal "global rules" but the core idea is "you share your trust with another person that shares it equally to you on the subject you mutually decided".
SharePoint Workspace and Groove 