An Engineered Point of View: Security Enhancements

By Eric Wikman • February 7th, 2013
Audiences: Administrators, End Users

We often ask our engineering team to contribute to our blog and give some insights to the internal and customer projects they work on here at UpCurve Cloud. In this week’s mini-series, Software Engineer, Jeremiah Goyette discusses the secure file sender and message receiver he built for UpCurve Cloud’s internal SugarCRM system.

Here is what Jeremiah had to say about the project:

Sending private information can be a headache. It’s complex, and it involves time and effort. Nevertheless, and understandably so, many people tend to avoid the issue and just rely on email to send private information, just as they would with any other information. Besides, one can often get through life just fine without having to consider all the possible ramifications of sending plain text passwords and other sensitive data via email. So why change the routine?

After all, aren’t emails encrypted? Doesn’t encryption make email secure? And file attachments, aren’t they safe as well?

The engineers here at UpCurve Cloud have deeply explored these questions and have come to the conclusion that email is not safe enough, for us at least. With SSL it’s not bad, but when you have to send and receive passwords on a regular basis, as we do at UpCurve Cloud, it’s not comforting to have to rely on third parties for security. Moreover, it’s just unwise to let private information reside in that treasure trove of security risks also known as the inbox.

A couple recent SugarCRM customizations produced at UpCurve Cloud provide solutions to these problems, together forming a basic private communication platform that aims towards keeping sensitive information out of email. They are both currently implemented on our internal SugarCRM instance and are being used by engineers and sales people.

The first is the password emailer created by Jim Rybarski, which he described in more detail in a previous post. Recently, I added functionality that lets employees request passwords from their clients. Now, when the Email Password popup appears, you can select whether you want to send or request a password from a contact.

When the “Request Password” option is selected, the chosen contact receives an email containing a link to a page where they can enter the private message, which is good for only one submission.

Once the contact has submitted the form, the text is encrypted client side and sent over SSL, and then decrypted and re-encrypted with a fresh key. An email is then sent to the employee who created the password request, which contains a link that points to a page with the decrypted message, as it is done with the “Send Password” option.

This customization handles small messages that can be entered into a textarea field. However, if more data needs to be sent securely, such as a sensitive file, then another customization, the “Secure File Transfer” module, is called upon. This second customization allows employees to create a secure file record in the CRM system. However, unlike the usual Sugar file-type module, this module stores files on the server as encrypted files. To make this happen, we had to abandon the native Sugar upload functions and use a custom file upload manager (we chose to use a javascript uploader called blueimp.

To make a file transfer, one starts by creating a new record, providing a name, an expiration date and a file to upload. Once the record is saved, the relevant contacts can be selected in the detail view subpanel. An email with instructions for download is sent by clicking the “Send Email” button at the top of the detail view of the record.

Clicking the email button sends an email including a password and a link to the creator and the related contacts. Once the password provided in the email is entered into the form found at the link, the download begins.

Though at this point the “Secure File Transfer” module can only send files, and not request them, there are some features that make the module a particularly good selection for secure data transfer. As mentioned before, it helps keep sensitive data out of email. Furthermore, the file is stored only temporarily on the server, until a cron job detects that it is expired and wipes it out. In the meantime, the file remains secure yet ready for deployment.

These two customizations have helped us at UpCurve Cloud avoid a few of the common pitfalls of handling sensitive data with clients. Nevertheless, the quest for security remains an on-going challenge.

For more information on our Secure File Transfer and Message Receiver, contact us today.