Every day we read or watch the news and see headlines like “Equifax Hacked! 180 Million Clients’ Personal Information Compromised!”, or “Yahoo Email Accounts Hacked! Millions of Users’ Information Found on the Dark Web!” This week, executives from both of these companies and others are testifying before Congress as to how this happened. So far, the most notable testimony from these companies is something to the effect that, “It is really hard to secure data, and it is impossible to provide perfect security.”
We would agree that both of these statements are true:
- Providing security to software systems that were not designed with security in mind IS a difficult thing to do after the fact, and
- PERFECT security IS impossible, as nothing on this earth is perfect – however, while securing personal information MAY be difficult and expensive, it is DISASTROUS to compromise it, and providing STRONG AND ADEQUATE security may both be possible and not as difficult and expensive as many seem to believe.
Bruce Schneier, in an IEEE paper on information security, says the following:
“We must stop trying to fix the user to achieve security. We’ll never get there, and research toward those goals just obscures the real problems. Usable security doesn’t mean ‘getting people to do what we want.’ It means creating security that works, given (or despite) what people do. It means security solutions that deliver on users’ security goals without—as the 19th-century Dutch cryptographer Auguste Kerckhoffs aptly put it—stress of mind, or knowledge of a long series of rules.’” – Stop Trying to Fix the User – Bruce Schneier, IEEE Security & Privacy ( Volume: 14, Issue: 5, Sept.-Oct. 2016 )
In other words, we must stop expecting Users to do extra work or perform tasks other than their direct productive work. We must build security into systems that are always present, and operates regardless of the User, and even in spite of the User.
One approach to Information Security and one that has predominated can be classified in general as “Perimeter Security.” We see this in such things as Full Disk Encryption, Network Firewalls, i.e. single points that isolate a system or all information in a system from outsiders. This fails, typically for several reasons, including, but not limited to:
- Not all of the threats to information security are external. Some are INTERNAL threats, such as bribed system administrators, or careless users. For examples, think of Bradley (now Chelsea) Manning, and Ed Snowden.
- Once the single point of protection is breached, ALL information in the system is at risk.
- Performance can suffer – The typical full-disk encryption tool can take a long time to decrypt the disk, adding an additional layer to traverse when entering and exiting a network can confound Users, and this leads to unauthorized back doors, doors left open, etc.
For these reasons, at Active Cypher, we develop our security products with two key points in our system security philosophy:
- Information should be secured at the lowest unit level that makes sense. In practice, this typically means at the file, or document level, and should be secured while at rest, while in transit, and only exposed to the authorized user when actually being used. In some instances, it may even to necessary to secure information at an even more granular level – think of a document containing information that some, with the lowest level of authorization, may not see, but they must see other parts of the document – and we have the ability to provide security at this level as well.
- Users MUST NOT be expected to perform additional tasks, keystrokes, or anything other than access and operate on information they are authorized to use in a network. The task of allocating access to information is an important network task and must reside with a trusted security administrator. Similarly, System Admins must have access to all files for routine tasks such as backup, archiving, maintenance, etc., but should not have the ability to view the contents of any protected files.
With our first product offering – Active Cypher – we provide exactly that to Microsoft Windows Networks.
There are several important elements to providing highly effective file security to networks. These are:
- Encryption – The fundamental way of protecting information from prying eyes is by encoding it such that only those provided with the correct key may open and use it. In and of itself, encryption is a huge topic area, but we believe that what is necessary is a high-speed, low overhead encoding, that uses symmetric, shared secret keys. While AES meets some of these requirements, Active Cypher uses a proprietary method that produces a unique key for each word of a file and uses Block-chain-like methods to chain parts of the key through the file. Our method is both highly secure (not theoretically Perfect, but extremely secure), and operates at least 4 to 10 times faster than the next fastest method.
- Key Management – Shared secret methods require that keys are managed securely, are delivered to authorized Users securely and quickly, and provisions are made for User redaction, rekeying, redistribution, and all required admin functions. Active Cypher has considered and implemented all of these aspects in an elegant system.
- System and Security Administration – We recognize that the tasks of managing security and managing the system are necessarily two distinct areas of responsibility. The ideal information security system would be effectively transparent to the Users and System Admins of a given system, and only the new position of Security Admin should be unique.
- Encrypting files is insufficient – Additional steps of monitoring, auditing, and intrusion alarms must be included for a full view of security.
The best way of thinking about this is how one provides security for their home. Today, there are many types of security devices to choose from, each with its own limitations, including:
- Strong locks with complex keys – These are great, but if you drop your key ring with your address attached to it at the airport while leaving on vacation, don’t be surprised if you come home to find your house emptied.
- Whole house alarm systems – These work great, but if power or connectivity is cut to them, thieves can have the run of your house while you’re away. In the previous case, if you happen to also have the disable code attached to your house keys, then you’re REALLY in trouble!
- Security camera systems – These would be great for you to be able to watch your house getting burgled while on vacation because you lost your keys!
- Leave a key with the neighbour – Great if you really trust your neighbour, and even if they don’t steal anything, are they snooping on things they shouldn’t?
An effective system to secure data uses a combination of all or some of these to provide the best protection that is affordable and at a level of effectiveness needed. Active Cypher, having file encryption, exceptional key management, audits, and alarms, combines many of the needed elements for system information security, and is an ideal component of a corporate or institution security system.