Confidential data must be securely stored, and customers (and consumers) are increasingly concerned about privacy. Why is this? The events of the past 12-18 months have brought to light a number of data breaches – and the scope of some of them are simply mind boggling.
The Need for Customer Data Security
As an example, the much publicized Equifax data breach resulted in the private information of over 143 million US citizens falling into unknown hands. That’s nearly 45% of the US population. And now that this data has been exposed – there’s no going back. Social Security Numbers, birth dates, addresses – these are not data items that can be changed. These are not passwords that can be reset – that’s a permanent exposure that will have consequences for years to come. In addition, stricter government regulations are coming. For the European Union (EU), the General Data Protection Regulation (GDPR) will soon take effect. It is a tough new standard for data privacy – protection for personal data such as citizen names, email addresses, home addresses, etc. It’s a new regulation that attempts to unify and strengthen personal data protection for all individuals within the EU. With greater scrutiny from both customers, consumers, and regulatory agencies – it’s more important than ever to handle data security properly. There are several considerations to protecting data – but a core concept is encryption.
What is Encryption?
Encryption is the process of encoding a message or information in such a way that only authorized parties can access it. The encoding is done via a cryptographic algorithm. Typically a key is used to encode the data, and that same key is necessary to decrypt the data, to read it. This is known as symmetric encryption – the key works both ways – both to write and to read. There is another type of encryption called asymmetric – and in this version a private key is used to write data, while a public key can be used to read data. Asymmetric encryption has a lot of important uses, but for the purposes of this discussion understanding symmetric encryption is more important – as that is the type that would typically be used for these examples.
The primary benefit of encryption is to ensure that only authorized parties can read the data in a useful format. An encrypted file looks unintelligible. Encryption doesn’t necessarily prevent the data from falling into the hands of an unauthorized party – but if it does, it helps ensure they can’t view or read the information – it will look like gibberish. Secondly encryption can be used as a mechanism to ensure the authenticity of data – to ensure it hasn’t been tampered with or changed inadvertently (either maliciously or by accident or error).
In summary, we need to encrypt the data, and carefully store our secret keys, so that only the right people have access to the information.
Where Data Resides
Ok, you might be thinking – our website uses HTTPS, isn’t that encryption? Are we covered? It’s more complicated topic than that – we also need to think about the way that data flows through our computer systems, over networks, and ultimately to those that need the data. There are three primary states data can be in – data at rest, data in transit, or data in use. Data at rest is data stored in the form of a file on a disk, or in a backup file of that disk. Data in transit is the data as it is moved from the at rest state and over a network to a consumer. And lastly data in use describes the data as it being accessed and updated – as it is very near to being used by the ultimate consumer.
Think for a moment about the customer data your business uses. Can you identify where it is “at rest”, “in transit”, and “in use”? Here’s some examples. Many businesses use relational databases to store customer information. Those are typically implemented via a file on a server. The database file is really not that different from any other file on a computer. And that’s data at rest. In addition, all good database administrators ensure they have backups – in the form of complete database backups, incremental backups, and journal files that describe each individual change to the underlying data. Therefore all of these are considered data at rest as well. Encrypting only the database file, and not the backups of that file leaves a gaping hole in security. How about data in transit? In our simple example, that data exists on a database server – when it’s requested – for example by a user running a database query – the data has to flow from that server over the network and to the application the user is using. That’s data in transit – and it’s just as important to ensure it is encrypted in flight as it is at rest. Why is this? Today’s workforce is hyper-mobile – work from the road, work from home, work from the office, work from the airport. That consuming application can be on a remote network – one in which security can’t be controlled, and we need to make sure that the information is protected as it traverses the network. So in our simple example, the consuming application should use an encrypted connection to the database. Another excellent example of encryption in transit is the use of websites configured with SSL certificates – you are probably familiar with this from the HTTPS that appears in the web browser URL bar. It’s the same concept – the information on the web page is securely transmitted to the user over an encrypted tunnel – between the web server and the user’s web browser. That ensures the data remains private, and can’t be tampered with in between.
Let’s finish the discussion by talking about data in use. That’s the final state of data – it’s been read off a disk , transmitted over the network, and now it’s arrived in the computer memory of the consumer. Data in this state can be protected by encryption as well. The consuming application may utilize a private key to decode and use the data. This option is a bit more challenging, as the options to encrypt and decrypt aren’t nearly as transparent. Typically this requires special programming. But for the most important data this level of protection may be necessary.
We’re using the cloud – are we covered?
What about cloud computing? Cloud computing makes all these needs even more important. At the end of the day cloud computing means you are running on someone else’s server, over the Internet. And for the best protection you need to keep the data secure and private as much as possible. Do you know how your cloud provider handles backups? There’s a good reason to encrypt your data. And to reach the cloud, that information has to traverse a public network – the Internet – so it certainly needs to be encrypted in transit.
Let’s focus the discussion back on practical advice. Make sure your data is encrypted at rest wherever it may exist – that includes your servers and storage devices, your backups, and the computers used by your employees. Data in transit should be encrypted – so use encrypted database connections, HTTPS for websites, and other secure connections as necessary. Have your remote employees connect over a VPN (Virtual Private Network), which also implements a secure tunnel for network traffic. And lastly, consider where the most important data (credit card numbers, social security numbers, and any other private info) may be stored, and if it requires the ultimate in protection – leaving it encrypted until it’s ready to be used by the application.
And don’t forget your employees workstations and laptops. These most certainly will contain “data at rest” – in the form of emails, attachments, downloads and extracts, and more. It is easy to apply “Full Disk Encryption” such that a lost or stolen laptop doesn’t become a data breach.