Implementing an Encryption Strategy | Encryption Key Management

3 min read
January 5, 2016

Hardly a week goes by without a report of a new major security breach. Organizations seem to be playing – and losing – a game of catch up against sophisticated and well-funded attacks, while business realities are driving larger volumes of data and data flow needs.

In the last 10 years, more than 5,000 major security breaches have put nearly 1 billion records at risk, and there’s a growing consensus that perimeter-based security does not provide sufficient protection for data, whether stored locally on servers or in the public or private cloud. And yet, large quantities of data remain unprotected. For example, only 9.4% of cloud providers actually encrypt data once it’s stored in the cloud, and all too often, encryption best practices are not implemented, leaving data vulnerable. As Robert Former from Neohapsis said, “No one ever got fired for having encryption that was too strong.” Here’s what you need to take into consideration when implementing an effective and manageable encryption strategy.

Protect All the Data

There is a general perception that data needs to be classified into levels of sensitivity, protected differently, and in some cases not at all depending on the sensitivity of the category. This sounds great in theory, but in reality can be a nightmare to implement, and results in high exposure of data not classified as “sensitive enough” to warrant protection. Our recommendation is much more straightforward: encrypt all your data to the level necessary for the most sensitive information. Then use policy controls at a granular level to govern access to the encrypted data files and the corresponding keys, effectively managing who gets to see each type of data through two layers of control. In parallel, differences in data usage should be used to drive appropriate changes in key lifecycle management.

Better Key Generation and Management

Encryption is not difficult, but where many organizations often stumble on how best to manage keys. There are a number of best practices to consider. First, you’ll need to ensure you can generate enough high-quality encryption keys. After all, a predictable key will only leave your organization and data vulnerable. Maintaining the lifecycle of encryption key management by continuously cycling and replacing keys as needed is also extremely important. And of course, you need to make sure that your solution supports third-party integration, as well as multiple encryption standards, allowing for seamless implementation across the organization.

Avoid Single Points of Vulnerability

To protect the most sensitive information, carefully divide key knowledge and data access across different parties to avoid a single point of vulnerability. This can mean a separation of duties, avodart cost whereby different people control different procedures. For example, the person who manages the encryption keys should not be the same person who has access to the encrypted data. Other approaches include dual control, giving at least two people control of a single process; split knowledge, where only one person cannot know the full value of an encryption key or password; and multiple wrapped keys managed by different management systems with different levels of access control.

Keep the Keys to the Cloud

There are two fundamental priorities regarding data stored in the cloud. First, make sure data is encrypted to a high enough standard to protect its most sensitive components. Second, make sure you manage your own keys, encrypting data through a gateway before it reaches the cloud. Thankfully, most cloud service providers today offer encryption options for cloud data storage. Unfortunately, that data is often encrypted in the cloud by a third party. The security of the data in this case is entirely dependent on the effectiveness of that third party in securing those keys, and is also vulnerable to a silent subpoena, whereby that third party is obliged to reveal the keys to a government agency, without your knowledge. Managing your own keys and pre-encrypting data before it is stored in the cloud is the only secure approach to protect you from these risks.

 Protecting the Data – Inside and Out

Finally, what can someone do about the insider attack? While it is impossible to prevent all attacks, it is possible to make life very difficult for the attacker, and limit damage while making it easier and faster to detect. The items listed above will combine to do just that, from encrypting everything at a high level with strong policy-driven access segregation; implementing separation of duties, dual control and split knowledge so an individual attacker has very limited data access; or even defining very stringent quorum-type controls for the most important data.

Combined with other security techniques such as firewalls, additional analytics tools and penetration testing, it’s ultimately about securing your organization for when you might not be aware that a breach has even occurred.

Recent high-profile breaches have helped illustrate how simple measures could have been leveraged to prevent billions of dollars in damage, as well as loss of trust. While there are recognized challenges to implementing encryption and managing secure keys across an organization, encryption is now widely recognized as an essential tool to protect data from the inevitable breaches of even the best firewalls, and to avoid the associated costs of such a breach.