I would imagine your IT / SecOps folks would not be excited about that data being sent off the device.
This is a concern, but not as much as you would think, because we are going to limit what we are going to send back to the server. Also, we have a dedicated team that will do a audit of the security/privacy implications because any company application goes live.
I am not a developer, but infact part of IT security team. And this is the reason, why I had not gone ahead with any development, despite having this idea for more than a year, because I don't have a proper solution.
* blacksmith_tb 10 minutes ago | parent | context | on: Local-First Web Development
Hmm, I would think browser sandboxing is going to make that hard. If you have local admin rights, you might be able to make a shell script to grep through the logfiles and generate an html page as its output, which you could open in the browser? I would imagine your IT / SecOps folks would not be excited about that data being sent off the device.*
There are two problems to it, which I see. I want my usecase to be solved for managed as well as BYOD devices. And these BYOD devices are managed by the IT teams of different partners we work with. And they have their own security softwares and restrictions. Firstly, we cannot convince them to install a desktop application in their company managed machine. Secondly, a desktop application has a high probability of getting blocked compared to a web-app.
Also, a web-app is in general a better user experience when compared to a desktop app, in this scenario. Because it is easier for the user to launch and use.
I know I am asking for too much. But I have not lost hope that somewhere out there, there might be a solution.
It will be great if someone here guides me on how I can solve this below problem.
I am part of a Enterprise company which installs a bunch of managed security softwares in employees' laptops. A couple of these security softwares can/must be used in BYODs as well, to connect to the company network.
I would like to build a application such that, whenever a employee finds that something is not working right on their laptop, they should be able to fire it up on their browser and it will access logs from these security software and does troubleshooting/debugging locally on the machine and provides the results and remediation steps to the person. This will tremendously save time instead of contacting IT team and waiting for their help.
For this usecase, I have some limitations.
1) I want to be able to solve for both managed laptops and BYODs (both Mac and Windows). So I cannot push this as a desktop application using MDM solution.
I want this to be a web-app as I can control the version of the application that they are running. So a local-first web app seems perfect in that sense.
2) I want to be able to access local file system where the logs of these security software are located. I am not a developer, but rather a infra guy, but based on what I know, a web-app cannot access the file system without user actually doing a file picker. But in this case, it is too much friction for non-technical users, especially since I want to build this solution for multiple security software which is dependent on multiple file location.
3) Moreover, I don't want to unnnecessarily reveal too much information of location of the log files for the security softwares. But if it is a local-first "web-app" and the user has to be pick the file using a dialog box, I cannot do it without revealing the location.
4) For "some" use cases, I want to be able to "securely" send meta data to a centralized server for more complex troubleshooting scenarios or to log a ticket, for example.
Sorry for the long question. May I know if anyone have any solutions for this scenario?
This is a concern, but not as much as you would think, because we are going to limit what we are going to send back to the server. Also, we have a dedicated team that will do a audit of the security/privacy implications because any company application goes live.
I am not a developer, but infact part of IT security team. And this is the reason, why I had not gone ahead with any development, despite having this idea for more than a year, because I don't have a proper solution.
* blacksmith_tb 10 minutes ago | parent | context | on: Local-First Web Development
Hmm, I would think browser sandboxing is going to make that hard. If you have local admin rights, you might be able to make a shell script to grep through the logfiles and generate an html page as its output, which you could open in the browser? I would imagine your IT / SecOps folks would not be excited about that data being sent off the device.*
There are two problems to it, which I see. I want my usecase to be solved for managed as well as BYOD devices. And these BYOD devices are managed by the IT teams of different partners we work with. And they have their own security softwares and restrictions. Firstly, we cannot convince them to install a desktop application in their company managed machine. Secondly, a desktop application has a high probability of getting blocked compared to a web-app.
Also, a web-app is in general a better user experience when compared to a desktop app, in this scenario. Because it is easier for the user to launch and use.
I know I am asking for too much. But I have not lost hope that somewhere out there, there might be a solution.
I am open to ideas.