Termius for Teams got Group Sharing
December 17, 2019
At Termius, we believe that professional tools used by teams must deepen collaboration when possible. In the case of operational teams, more often than not, all members are collectively looking after the same infrastructure. In such cases, keeping information about the current configuration of the infrastructure up to date becomes mission-critical. Due to the lack of tools designed for this particular purpose, operational teams have to use wiki, spreadsheets, or Git. None of these solutions exactly fits the purpose, so they come with the following issues:
- no consistent user experience across desktop and mobile
- require multiple copy-paste actions which are prone to human errors
- daunting to keep up to date
- insecure as the data is not encrypted; e.g., keys sent by email or Slack
Those issues decrease team productivity by prolonging the emergency reaction time and complicating the onboarding of new members.
Termius Premium provides an efficient way to keep track of the existing infrastructure and enables access to this information from desktop and mobile. Also, Termius provides a comprehensive way to group hosts with support of shared settings and multiple subgroups. Termius uses end-to-end encryption, which makes it safe to use as a single source of truth about the current state of infrastructure. All the information inside Termius is actionable. What is missing? Yes, all of this was available only for an individual engineer. Secure sharing of this data among team members would have brought a significantly deeper team collaboration.
Group Sharing
I’m proud to announce that we’re adding Group Sharing for Termius for Teams. The first version of Group Sharing has been limited and only shares non-sensitive information like hostname, port, proxy, jump host, and theme. Despite many ideas and feature requests, we purposely minimised the first version.
First of all, we wanted to keep it simple. Sharing a group with all team members is as simple as switching a toggle inside the group settings.
Second, by talking to multiple operation teams, we found out that some of them have a few bad habits from security or productivity perspective. Sharing of keys and passwords among team members is the most frequent security issue. Sometimes it is very reasonable, but more often, it is a trade-off between get-it-done and keep-it-safe due to the lack of proper tools. If we designed new collaboration features with these habits in mind, we would have promoted these practices. Instead, we will iteratively design and build workflows that will offer more secure and easy-to-use alternatives.
Security
All the shared data is encrypted, and nobody, apart from team members, has access to the encryption keys. Our team loves to be practical and stay humble, so don’t implement our own crypto. Instead, we listened to known crypto experts when we designed the crypto schema for Group Sharing. To be more specific, it uses a standard and stable version of the libsodium library for all crypto-related algorithms.
Here is a list of used algorithms:
- X25519 for key exchange
- Poly1305 MAC for authenticating the encrypted data
- XSalsa20 for data encryption
If you would like to learn more about the encryption schema used in Termius for Teams, please check this documentation page.
Termius for Teams is a unique product that enables operational teams to stay on top of things. The information about the current state of the infrastructure is instantly accessible to all team members, which decreases incident response time and eases the onboarding process, which makes operational teams more productive.
The first version is pretty limited; please contact us if you have any feedback or feature requests.