Author: Jonathon Rosenburg
January 24, 2017
We’re really excited about the new Cisco Spark Board and the collaboration experiences it will bring to teams. Of course, a key part of that experience is the interactive digital white-boarding capability that allows both Cisco Spark Board and Cisco Spark application users to view and cooperatively draw together.
When we started working on this capability over a year ago, we looked at what makes a regular analog whiteboard so effective. One of the things we identified is that anyone can use it. You can walk into any conference room, walk up to a whiteboard, and use it. It doesn’t matter whether it is yours, or someone else’s. It doesn’t matter whether it’s in a conference room or a personal office. It doesn’t even matter whether it’s in your company or one you’re visiting for the day. The whiteboard is there, it’s easy to use, and easy to make your own. Recent digital whiteboard attempts in the market have failed to meet the same standard for ease of use. We knew we had to do better.
We also realized that a great white-boarding experience requires the content to be accessible after the meeting is over. In fact, if you look at common practice today, users will draw on a traditional whiteboard with a marker, and then take a snapshot of the whiteboard with their mobile phone to access it later. The problem with taking a picture of the whiteboard is that it represents a point in time. If you want to continue the drawing later, you can’t really do that – the whiteboard is now a static image. For interactive white-boarding to really go mainstream, we needed a solution that allows you to save the whiteboard, then pick up where you left off at any time.
Lastly, we had to think differently about how to save the whiteboard. The easy solution would be to take a JPEG snapshot and email it or post it into a Cisco Spark Space, much like a user would do with a smartphone camera. There are two problems with saving the whiteboard in this way:
- First, it means there is now a copy of the whiteboard stored somewhere else. If you then start editing it again, you’re back to the versioning challenge we’ve all experienced with Word and PowerPoint files.
- Second, and most importantly, we realized we had a really, really big security problem on our hands. Whiteboard content often contains some of the most sensitive and important information a company creates. Consequently, we needed to develop an extremely secure way of both saving and controlling access to whiteboard content.
To solve all of this, we developed an innovative solution for white boarding that is always yours, always live, and always encrypted.
Cisco Spark Board…always yours
You can walk up to any Cisco Spark Board in the world – whether it is in your company or not — and associate it with one of your Cisco Spark Spaces. Yup, any Cisco Spark Board in the world: the one in your office, in the conference room down the hall, in the other building. Even one in another company. Just by standing in front of it and using it with your Cisco Spark app, you can make it your own and fill it with the content you need to get your work done. You can display your files, you can create new content and save it to your Cisco Spark room, or you can join a meeting.
The content on the board – the files it shows, the whiteboards it renders – is stored in the cloud, never on the device itself. Every time the Cisco Spark Board shows a whiteboard, or the Cisco Spark apps show a whiteboard, they are not just rendering a file stored on the hard drive. No. What they are doing is connecting to the cloud, and subscribing to the whiteboard service. It is completely unprecedented in the industry. Because the Cisco Spark Board is connected to the Cisco Spark cloud, we are creating a global, worldwide network of workspaces that you can access anywhere using Cisco Spark.
Cisco Spark Board… always live
So, let’s get into how it works. Let’s say Alice is standing in front of a Cisco Spark Board, having a whiteboard session with Bob who is utilizing his Cisco Spark for Windows application.
- Whenever Alice draws a stroke on the Cisco Spark Board, the board creates a vector object that represents the stroke, and then encrypts it. It sends this encrypted stroke to the cloud. The cloud stores this encrypted stroke and sends it to all other participants — in this case, Bob. Bob’s client receives the encrypted stroke, retrieves the encryption key, decrypts it, and renders it.
- Now consider Carol joins their whiteboard session. Her client will query the cloud and download all of the encrypted strokes used in Alice’s whiteboard since the beginning of time. The cloud delivers these to Carol’s client, in addition to any new strokes as they’re added. Carol’s client retrieves the key used to encrypt this whiteboard content, decrypts all the strokes, and then renders them all.
- Finally, let’s say Bob uses the eraser tool and wipes away something he drew previously. His client will create a deletion stroke indicating the part of the board that he has cleared, encrypt it, and send it to the cloud too as just another stroke to render.
Consequently, the Cisco Spark cloud doesn’t actually store the current whiteboard! Instead, the board is stored as a time series of encrypted strokes. In order to enable previews of the board content in the app, the clients themselves periodically compute a JPG for the board, encrypt it, and then upload it to the cloud. These are used just for thumbnail previews, not for the editable board. This means that when a client views the whiteboard, it views the one and only copy of it, and can continue to edit it by adding another encrypted stroke to the database. Anyone else viewing that whiteboard will see the changes in real-time, much like users utilizing a Google Doc.
Cisco Spark Board…always secure
Because each stroke and the preview is individually encrypted using our end-to-end encryption technology our cloud never “sees” your whiteboard content.
- Should an attacker compromise our database that contains the strokes – he gets nothing.
- Should a rogue employee run away with the hard drive – she gets nothing.
- Should a developer accidentally log the contents of every web transaction it receives – the logs contain nothing useful.
This provides an unprecedented level of security. It goes well beyond just encryption at rest and in-transit, which are nowhere near enough to protect this important content.
To ensure secure access to this content, each whiteboard is associated with a Cisco Spark Space, and that space has a set of participants who constitute the access control list (ACL) of users allowed to retrieve the keys used to decrypt the whiteboard content. Utilizing a Cisco Spark Space to hold the board instance also means that Cisco Spark Space security features – such as room locking, moderation, kicking users, and message deletion – provide additional layers of protection for your content.
We’re really excited about the Cisco Spark Board, and equally proud of the amazing technology that powers it. It’s white boarding that is always yours, always live, and always secure.
Used with permission from Cisco