How to develop an enterprise encryption strategy

An end-to-end strategy must factor in all the ways the data can be input and output, as well as how it’s stored

Here’s a sobering prediction: One-third of all adults in the United States will have their personal identity information compromised or lost this year by a company that electronically stores the data, according to figures supported by the Privacy Rights Clearinghouse. Whether or not that number is perfectly accurate, the list of publicly known data breaches is staggering nonetheless.

Who is to blame? Hackers and careless employees, to be sure. But increasingly, culpability also falls squarely on companies that fail to encrypt confidential data. Ultimately it is the company that must shoulder the burden of far-reaching consequences. Failing to protect confidential data is not only a threat to customers and damaging to corporate reputation -- in some cases it’s illegal. Sixteen of the 20 existing U.S. state privacy laws require encryption to protect confidential consumer data, according to Warren Smith, vice president of marketing at GuardianEdge Technologies, whose products were recently purchased by the U.S. Department of Veterans Affairs.

Unfortunately, operating system and application vendors haven’t made it easy or seamless to create a comprehensive encryption strategy. Existing laws and guidelines often conflict with one another or fail to provide prescriptive guidance. Nonetheless, all companies in the business of storing sensitive data should implement encryption policies anchored to a comprehensive encryption strategy.

“In order for encryption to be used consistently, it has to be implemented by default and be as transparent as possible,” says Stephen Roll, product manager at Iron Mountain, a data protection company. “For example, when we back up data over the Internet, the encryption is done prior to the transmission. It’s protected while being transmitted and is already encrypted with 128-bit AES before it hits the storage media.”

No room for compromise

Any data that can be used to identify an individual, group, company, or entity should be protected against unauthorized access during creation, transmission, operations, and storage. Confidential information is especially at risk during transmission across untrusted networks, such as the Internet, and when stored on portable computing devices: laptops, data backups, USB flash memory drives, PDAs, and other small form-factor computer equipment.

A comprehensive encryption strategy must consider all the ways the data can be input and output, as well as how it’s stored. Hackers increasingly favor client-side attacks. They’ll get a trusted employee to unknowingly install a Trojan or key logger, which they then use to access the data. Certain malware can also gain access to data as it traverses the network. The data may be compromised while it is stored online or physically archived. An end-to-end strategy even must enforce protections for data sent to business partners and third parties.

Even a minimalist approach requires that the following areas be encrypted: wired and wireless network transmissions, hard drives, floppy disks, CD-ROMs, DVDs, backup media (tape, WORM drives, and so on), e-mail, IM, peer-to-peer technologies, PDAs, databases, USB keys, passwords, and active memory areas.

Building your strategy

Creating an encryption strategy requires significant review and effort. It’s best to approach this as a major project, involving key members of operations, management, and IT. Start by bringing together key data stakeholders and explain the mission. As a group you must identify applicable regulations, laws, guidelines, and external influences that will have an impact on your purchasing and implementation decisions. From there, you can move on to identifying high-risk areas, such as laptops, wireless networks, and data backups.

Encryption is useless if an attacker can access confidential data directly and skip the burden of having to defeat any cryptography. So, a successful strategy defines strong access-control techniques, using adequate combinations of file permissions, passwords, and two-factor authentication. Access controls must be audited on a regular basis to ensure their validity.

Research various encryption solutions, read technical reviews, and contact the customers of vendors that interest you. Nothing beats a try-before-you-buy approach in this arena because what works well for one company doesn’t necessarily work for another. Ultimately, you must select one or more encryption solutions that best fit your organization.

Prior to deployment, develop a written policy endorsed by management and communicate both policy and operational instructions to end-users, including business partners and third parties that handle sensitive data. If they can’t meet your company’s policies and demonstrate as much, they don’t get your data. Encryption responsibility should be fixed and have consequences for noncompliance.

Consider implementing a tool to monitor and detect the leak or theft of confidential information. The policy should always include a statement indicating that any lost or stolen data should immediately be reported to the key stakeholders for evaluation. It should include specific steps to take when a data breach is detected. Exactly who should be contacted, how quickly? When will customers be notified, who decides, and how? Will customers be given free credit reports? All of these questions should be answered ahead of time.

Although only loosely related to encryption, a proactive data destruction policy should be enforced as well. Many of this year’s embarrassing data-theft stories involved data that should have been destroyed long ago. If the data isn’t needed, get rid of it -- and the risk that goes with it. A good policy indicates how long data should be kept, from the instant it is created or obtained, as well as how it should be secured and destroyed.

Superior technologies

Unfortunately, no single encryption product protects all data areas. Some vendors offer nearly holistic solutions, but eventually an IT project manager will have to cobble together multiple solutions.

Detailed technical standards and guidance is available at the National Institute of Standards and Technologies (NIST) Cryptographic Toolkit Web page. NIST publications tend to be drab and overdone with technical jargon, but most government agencies, contractors, and vendors must follow its recommendations. And because its recommendations are thoroughly tested and vetted with expert public review and input, nongovernment agencies would do well to follow its advice.

Encryption products are broken down into five major categories: file- or folder-level, volume or partition, media-level, field-level, and communications. They are further defined by their cryptographic key storage mechanism.

File-level encryption protects data on a logical file-by-file basis. File encryption includes on-disk file and folder solutions, as well as password-protected encrypted archival formats -- Pkzip, for example. File encryption allows specific files to be protected, such that less important files don’t waste the additional resources necessary to encrypt and decrypt.

File-level encryption routines are among the most mature ciphers, often sharing well-tested underlying standard protocols with names such as 3DES (Data Encryption Standard), AES (Advanced Encryption Standard), Diffie-Hellman, Blowfish, and RSA (Rivest-Shamir-Adelman). File encryption is often available at the OS level. Microsoft has EFS (Encrypting File System), and the Mac OS uses FileVault. OS-level encryption often has a problem extending to new portable media types or across foreign volume partitions, so application-level file encryption solutions abound. The most popular is produced by PGP. It comes in both open source and commercial versions.

Folder-level encryption products encrypt the contents of entire folders, such as the Windows My Documents directory or the Linux or Mac user’s home directory. Be aware that many seemingly folder-level encryption products don’t encrypt the entire folder as a single object. Instead, they individually encrypt each file within the folder, using a file-specific or a folder master encryption key -- or a combination of both. For instance, Microsoft’s EFS encrypts each file with its own unique symmetric key (even when the entire folder is selected for encryption), which all participating users share. Each user’s individual copy of the unique, but shared, symmetric file key is then encrypted with the user’s unique asymmetric encryption key.

Although file-level encryption products are among the most popular and mature solutions, there is a major weakness that is increasingly making them less desirable. It is difficult to prevent unprotected data leaks with file-level encryption. For instance, suppose you enable file-level encryption on all files within your personal document folder. Although file-level encryption might protect the specific files indicated, it most likely will not protect any temporary files that an application or the operating system creates when the documents are opened, copied, or transmitted. Unless the encryption user accurately knows and protects all the potential areas where the data could be temporarily stored, it is possible for a disk analysis program to find unprotected file remnants.

Several encryption solutions get around the major problem of file-level encryption by encrypting the entire volume or partition on which the file is stored. This can be done at the OS level or using an application. Some volume encryption products work by creating one large logical file that represents the entire encrypted volume. When data is copied to the volume, it is added to the larger encrypted file as a contained element. Other volume encryption products work by adding a custom device driver that interacts with the operating system adding an encryption/decryption routine to the normal file reads and writes. One of the more popular open source volume encryption solutions is TrueCrypt.

The major drawbacks of volume or partition encryption are that a single disk or volume corruption event can make the whole encrypted volume unavailable, or that a single compromise can immediately reveal all protected files. It is also possible for intruders to insert malicious code that intercepts the data between the volume encryption routine and the disk, essentially revealing all data in plain text.

Full-drive encryption

Among the strongest encryption solutions are media-level encryption products; as such, they deserve careful consideration. They can encrypt entire drives -- known as full-drive encryption -- or all data as it is streamed onto a media source (sequential tape backup, for instance). Media-level encryption can be implemented using application software, the operating system, or hardware. Even hard-drive vendors such as Seagate Technologies are getting into the action (see “Scouting for Encryption Solutions,” page 34).

An informal list of full-disc encryption products can be found here.

A database that needs protection typically requires field-level encryption. It can be encrypted on a per-column or per-row basis, but it’s usually preferable to encrypt data per element. Essentially all the data stored in a database table is encrypted before being stored in the database and is then decrypted on the fly. This presents additional challenges for indexing and queries, and for that reason, those mechanisms have to be privy to the field-level encryption routines used to store the data.

There aren’t many field-level encryption products that can be used across disparate databases or programs. Most solutions are database- or application-specific, or they require customized programming. Microsoft, IBM, Oracle, Sybase, and other popular database vendors all offer field-level encryption solutions.

Protecting data in motion

It’s essential to protect data as it traverses nonsecure networks. The Web has fixated on the SSL/TLS standard. Network transmissions and VPNs are often protected using SSL, SSH, or IPSec. E-mail can be protected using asymmetric cryptography with PGP or S/MIME. Increasingly, other forms of network communications, such as peer-to-peer and IM traffic, must be authenticated and encrypted.

Holistic solutions come into play when data must be protected across multiple platforms and devices. And although no solution comes close to solving every confidential data need, many cover multiple areas. Several solutions cover hard drives, laptops, removable storage, USB keys, CD-ROMs, and DVDs, with centralized management and key recovery. A single product usually results in easier management and lower cost.

PGP NetShare solution provides for shared encrypted files across multiple applications -- file, e-mail, IM, laptops, and PDAs, according to Andrew Krcik, vice president of marketing. “Files can be encrypted on the server, across the network, and on a local computer with a single user key.”

Keys to the kingdom

Further delineating the major encryption classes is where the cryptographic operations take place and where the cryptographic keys are stored. With most software-based solutions, the encryption/decryption takes place in a computer’s general memory area. Hardware-based solutions, such as smart cards and cryptographic tokens, handle the cryptography in specialized memory areas that are accessible by the hardware device only. It’s a much more secure method, and faster.

Many products store the cryptographic keys on the computer device being protected. These types of keys should be encrypted themselves and protected by a long passphrase or another hardware device. Increasingly, cryptographic keys are being stored on hardware devices. Smart cards are becoming increasingly common for two-factor authentication, but more general devices contributing to even stronger encryption are on the way. If you don’t have one already, most PC motherboards will soon have a TPM (Trusted Platform Module) chip, which can be used to securely store cryptographic keys for all sorts of operating systems and applications. Microsoft’s forthcoming BitLocker technology, as part of the Vista OS, can store volume encryption keys on the TPM chip. TPM solutions are resistant to current software-based attacks.

A word of caution: Many products have been discovered to store the encryption/decryption keys in plain text on publicly accessible areas. Lastly, and this is of paramount importance, if you cannot guarantee reliable key archival and management, don’t implement encryption. Unfortunately, good cryptography is a dual-edged sword. When decryption keys are lost or corrupted, without a suitable recovery method data can be lost forever.

Copyright © 2006 IDG Communications, Inc.