This article is more than 1 year old
Snowden's NSA leaks have galvanised the storage world
Vendors raise their game after gov securo-busting revealed
Take care of the keys
Choosing the right kind of encryption is worthwhile, but often encryption fails because of the way the keys are managed. Snowden, for example, was simply granted too much access to valuable NSA information. That he was a contractor and not a true insider is even more worrisome for the US government.
Security: Digital keys are just as important as physical keys
How to manage keys correctly is therefore the most pertinent question when it comes to storage security. There are some obvious but oft-forgotten answers.
As Babineau says, if an organisation continues to retain employees who don’t know how to administer systems properly or have been known to try and infiltrate systems, no amount of technology will prevent access.
Limiting the number of people who can access keys to a few trusted parties is wise. “Many times there is a one-to-one relationship with users and keys – John can only access the data that John has stored in the cloud with only a few IT team members having broader access to keys,”says Babineau.
“In such a scenario, someone would need authentication credentials and the data keys to penetrate the system.”
Much of the key management and rotation can be done by machines with little human interaction. Companies should use as much automation as possible, according to Longbottom.
“A sysadmin should never have actual access to the raw keys – only to the mechanism for creating them and securely disseminating the public part of the key,” he says.
“The private keys should not be accessible to any carbon-based lifeform, only to the silicon. Even the public part of the keys should not be easily disclosed.”
Keys also need to go through a hash algorithm and there should be multi-stage stores in place, he adds.
“One store on its own will only be a collection of 1s and 0s – multiple databases will be required to be pulled together in a contextual manner to rebuild the keys,” he says.
In some cases, however, humans will be required somewhere along the trust chain. What if hackers are already inside the network and have taken over the machines holding the keys?
Lock advises that creating trusted groups rather than relying on an individual could be the answer.
“This is a classic case of 'who guards the guards?' It is possible to build key management processes around the idea of a quorum so that more than one administrator is needed to administer keys, or just particularly sensitive subgroups,” he says.
Christian Toon, head of information risk in Europe for Iron Mountain, believes companies should also seek to layer monitoring solutions over any key management processes, accompanied by a defined backup and recovery strategy.
“Capture the generation, distribution, accounting, storage, use and destruction of cryptographic keying material and issue a high-level key management policy to guide the business users,” he says.
Looking back over the past year, Snowden’s leaks have not had a huge impact on how businesses store their data. But they have served to focus the minds of security professionals and IT teams the world over.
If the anecdotes The Register has heard are true, many have been inspired to do more thorough risk assessments, going as granular as possible on the data to determine what is and is not sensitive before wrapping levels of protection around them.
Unfortunately, adding these extra layers of security and allocating more time to the whole process brings extra cost. But common sense and good bartering skills come in handy here.
“Just factor in the cost of the security into the overall cost saving. In other-words don't believe the cloud salesman's headline cost savings and don't sell that headline figure to your board,” advises Simmonds. ®