Creating a tight security plan has in the past few years become a concerning aspect of IT for any business, whether established on the scene or just starting up. Traditional security models bring up images of fortresses and safes—walled constructs protecting an inner commodity. In the imagination, precious gems and beautiful artifacts drive the need for such extremes of exclusion, but in cybersecurity it is sensitive data that deserves such detailed attention. Modern models focus less on the perimeter model, and more on the data-first model: protecting data where it lives, rather than erecting barriers that represent yet another hurdle for bad actors to surmount. Four primary aspects of data-first cybersecurity govern success with sensitive data and the incumbent responsibility to one’s customers:
Access Security: Strong Authentication
The FIDO Alliance formed to generate a simpler, passwordless method of access. Using Public Key Infrastructure (PKI), users combine a word (name or password) with a device bearing a unique cryptographic key to login. PKI takes that private key and combines it with a a public cryptographic key to create a unique key pair that then us used to create a unique session for the logged-in user. Registration of multiple keys is recommended, as one could potentially lose the physical key. If a third party knows your password, they must have the key; if they have the key, they must know the password. Biometrics takes FIDO authentication a step further, using fingerprints or other difficult-to-duplicate traits and removing passwords entirely. This is the future of access, necessitated by increasing breaches and ever-more-clever methods of hacking.
Storage Security: Encryption
Secret codes have been in existence for thousands of years. The ability to pass information with the knowledge that a third party interceptor would be unable to read it without the cipher has been invaluable to countless people and organizations throughout history. Today we use the same premises in varying degrees of complication to guarantee the secrecy of information on an unprecedented scale. Encryption of data in storage can be an effective means of defeating hackers bent on stealing or copying the information contained therein; even if stolen, the data is unreadable without the correct cryptographic keys. The most secure data delivery method is called end-to-end encryption, meaning the information starts out encrypted, is transferred or transported in the encrypted state (and none of the transporting or observing entities have the decryption key), and arrives still encrypted at the receiver, who then, having the correct keys, decrypts it to obtain the message. Such information can still be rerouted, mimicked, or otherwise tampered with along the way; digital signatures can mitigate those concerns.
Transfer Security: Digital Signatures
Transferring files is risky business. Between the Internet of Things (IoT) and the number of radio signals used in IT, eavesdropping and other man-in-the-middle attacks have become easier than ever to accomplish. This is not new. To combat this, a method of verifying the confidentiality, authenticity, and integrity of the message must be used. Digital signatures perform this function admirably, allowing the creator of the message to attach a signature generated using encryption keys, which can later be verified by the receiver, who has their own keys that will unlock and verify the signed message, not unlike signing for a delivery when a package arrives on one’s doorstep. The delivery service typically shows the shipper’s address, and you must confirm your identity and sign before receiving the package. Assuming the shipper is from whom you’ve ordered it and the packaging has not been disturbed, there should be no problems.
Control Security: Key Management
When you get a new house, you generally hope the keys are the only copies. You have no guarantee, though, so many people follow the practice of having new locks installed, with, of course, new keys. This is akin to the notion of cryptographic key rotation. Cryptographic keys can in theory be reverse-engineered given enough information surrounding them from creation to use—or worse, stolen or given away. This is mitigated by dividing keys into a group where a certain subset of all keys must be present before the core cryptography can be altered. If you have, for example, five key custodians with master keys, and three locks must be turned before the door will open, this is called a K of N (in this case 3 of 5) or M of N key management scheme. K of N key management schemes help prevent collusion among key custodians. In the odd case where a key custodian cannot use their key (lost, stolen, destroyed, eaten by the dog, etc.), tamper-evident envelopes with duplicate keys are kept in fireproof, gated storage for redundancy.
Tying It All Together
No one of these solutions is foolproof, but together and used with solid policies by trustworthy people, they make a formidable defense against cyber threats. If implemented correctly, all of these methods combine to prevent access breaches and make the encrypted data understandable only with the right keys and signatures; key management provides a method to periodically change the locks, just as one once changed passwords. If done correctly, even a hacker who has penetrated the perimeter cannot make use of what may be stolen—unless they have done a lot of groundwork ahead of time to obtain the cryptographic key that unlocks the sensitive data.