Portabella Logo Portabella vs. image

Let’s take a look at the difference between the two

1. Background

Originally created in 2011, Trello was one of the first project management platforms to gain widespread popularity. It’s often used as the default project management tool for small to medium sized teams and users love its rich ecosystem of templates, apps and power ups. In 2017 Atlassian acquired Trello for $425 million.

Founded in 2020, Portabella, Inc. is a privacy preserving, end-to-end encrypted platform for issue tracking, file sharing and kanban boards.

2. Privacy

Portabella uses a well known public key infrastructure setup and combination of RSA and AES cryptography to encrypt your core data - meaning we never see your board names, card titles or descriptions, while leaving metadata unencrypted so we can maintain the user experience you’re used to. You can read more about what exactly we encrypt here. This means if an attacker or malicious employee was to gain access to our databases, no sensitive data would be leaked, we don’t have any way of decrypting your data, the private keys are stored in your browser.

Trello has an extensive security policy here, you’re free to read it and draw your own conclusions, but the following things stick out to us:

Encryption at rest

Encryption at rest refers to the fact that your data is encrypted when it’s in storage. This means that when you’re not accessing it your data is stored in some database, cache or file system and is encrypted. At first glance this seems similar to what Portabella offers but let’s dive in a little further. As soon as your data leaves storage, it is no longer encrypted, this means that it could be accidentally logged or viewed during debugging. You can also imagine a situation where an attacker has access to a Trello server and they’re able to dump the memory contents of said server. If you were using Trello at the time the attack happened, it’s possible this memory dump would reveal your data to the attacker.

Trello uses Transport Layer Security (TLS), which is an industry standard, to secure your data from their servers to your browser. As long as you’re using an up to date, modern browser, there are no issues with this.

Amazon managed encryption keys

In the previous section we outlined how Trello stores user data encrypted at rest, any kind of encryption assumes some kind of encryption key, so where do they store that? In Portabella, your keys are controlled by you, all data for a board is encrypted with a key that only you or your team members have access to. Contrast this with Trello, who opt for Amazon managed encryption keys. We’re not going to dive into the security of Amazon, who are extensively audited and have world class security, but you can see how the burden of trust now falls on to two parties, Trello and Amazon. Furthermore once a single encryption key is compromised, an attacker has access to the data of many, potentially all users. In Portabella, even if a users key was compromised, this would have no effect on your data or your organisations data, the encryption keys used are different.

Data portability

One thing we wanted to mention while addressing Trello’s security policy is that they have a section for Data Portability. This is great, and something we love to see in any application. Trello offers a JSON format data download for individuals and JSON + CSV for business or enterprise users. This feature is key in breaking down the walled gardens that currently exist in the software industry, and better allows for customer choice. Theoretically there is no longer any lock in to Trello, as you can easily export your data to another platform that has the features you want.

3. Features

We’ve found an extensive Trello feature list from comparecamp.com

Portabella Feature Trello
Yes End-to-end encryption No
Yes Detailed & Quick Overviews of Front/Back Cards Yes
Yes Easy, Drag-and-Drop Editing Yes
Yes In-Line Editing Yes
Yes Easy Organization with Labeling, Tags, and Comments Yes
No Progress Meter Checklist Yes
No Card Records Archive Yes
No Easy Upload (Local Devices, Dropbox, Google Drive, and Box) Yes
Yes File Attachment Yes
Yes Data Filters Yes
Yes Deadline Alerts and Notifications Yes
Yes Automated Email Notifications Yes
Yes Activity Logs Yes
Yes Individual/Group Task Assignment Yes
Yes Information Backup Yes
Yes Information Retrieval Yes
Yes SSL Data Encryption Yes
Yes Mobile-Friendly Views Yes
No Developer API Yes
Yes Customer Support Yes
No Voting Options Yes
Yes Discussions Yes

4. Pricing

Portabella has a very simple pricing scheme, free for personal and small team (up to three people) use, $9.99/month per user for teams larger than three.

Trello has a similar pricing model here, with the main difference being discounts applied for enterprise use.

Conclusion

In conclusion, you’ll be best off using the right tool for the job. Currently Portabella is aimed at smaller team usage, as we don’t currently have any large clients. If you’re interested in running Portabella with more than one hundred users please reach out to [email protected] and we can set up a call to fine tune things on our end.

We’re also a new player in the industry, so we can’t compete with other platform like Trello in terms of integrations and wider ecosystem tie in. However, in the short time we’ve existed we’ve reached a reasonable base feature parity for an issue tracker, and we’re in heavy development mode to pump out more. Trello is also definitely a big inspiration to Portabella, and we wouldn’t exist without it.