The term data has gained a much broader connotation in the modern world as organizations strive to achieve full digital transformation and transactions going digital and online. Data is no longer just about statistics, surveys, or information contained in reports and presentations. There are more types of data used nowadays, and many may not be acquainted with them.
As the nature of data changes, so does data security. Securing data in the modern context goes beyond preventing unauthorized access. It is also crucial to ensure that data is not corrupted, encrypted for ransom (in the case of ransomware attacks), or intercepted to be used in other forms of cyber attacks.
Data security is a necessity in the digital economy and in modern life in general. Everyone who uses digital devices and participates in digital transactions deals with some form of data and the need to observe data security practices.
Secrets management: Not as simple as encrypting and decrypting
One example of how complex data security has become is the increasing importance of secret management. Ordinarily, the phrase “secret management” would mean the keeping or handling of personal information that is not supposed to be made public. In the context of cybersecurity, secrets management is a jargon that refers to something similar but more technical.
What is secrets management? Simply put, it is the systematic practice of securely storing and regulating access to sensitive information including passwords, tokens, API keys, certificates, and encryption/decryption keys. It sounds simple and straightforward, but it can actually be quite challenging.
Securing secrets is unlike securing sensitive enterprise files or documents. There is encryption involved, but the access controls are not as simple. Also, the encryption technology used is different from what is often used when storing large amounts of confidential files. It is particularly more complex when it comes to cloud and hybrid setups.
Organizations use diverse kinds of secrets, and managing them is not going to be as easy as using a form or password manager application. In the absence of a sensible secret management solution, some resort to the manual sharing of secrets, which usually leads to the use of weak passwords (so they are easier to memorize or write) and the recycling of passwords across different projects. Some embed the secrets in their code or configuration.
Secrets are also used in app-to-app and app-to-database communications and data access. In many cases, the secrets used here are hard-coded or embedded in devices, which is inadvisable as hackers can easily crack these embedded secrets through scanners, dictionary attacks, or even plain guesswork. It is important to put in place a more secure system of storing and accessing secrets, and this is certainly not going to be as simple as securing a company’s confidential documents.
Moreover, secrets and other sensitive data are employed in the operation of privileged apps and tools, microservices, containers, virtualization and administration consoles, as well as third-party and remote access accounts. Managing and securing sensitive data in these scenarios require sophisticated tools or systems that may not be familiar to many organizations.
Complexity: data security’s enemy
Cloud computing and security expert David Linthicum of InfoWorld shares a sound reminder: complexity is the enemy of cloud security. This actually applies to data security in general. Managing data can be confusing, especially with the kind of IT infrastructure many organizations have and the diversity of IT assets they oversee (or overlook). It’s easy to miss some steps or overlook security best practices, resulting in vulnerabilities and data compromises.
“Complexity is not new; it’s been creeping up on us for years. More recently, multi-cloud and other complicated, heterogeneous platform deployments have accelerated overly complex deployments….As complexity rises, the risk of breach accelerates at approximately the same rate,” explains Linthicum.
Complexity often aggravates human errors. Security problems emerge because of misconfiguration and other mistakes committed by those who run an organization’s security system. Given how complex IT infrastructure and the extensive variety of the components being managed in an IT ecosystem are at present, it is understandable why there are missteps. However, this should not be an excuse. Complexity is a reality everyone has to deal with, and achieving proper data security means addressing this complexity issue head-on.
To address the complexity issue, it is essential to acknowledge it and include it as one of the factors to consider when formulating data security strategies and looking for data security solutions. Reducing the complexity and implementing an intuitive system for data protection are vital first steps toward dependable data security.
Using the right data security solutions
Generally, real data security cannot be achieved by using a single cybersecurity solution. Again, the data organizations are dealing with now are much broader and more complex. There is no one-size-fits-all solution for it. Different solutions are required to effectively handle different kinds of cyberattacks that target data.
Phishing and social engineering – Addressing data theft attempts through phishing and other social engineering tactics requires more than spam filters and link and email scanners. Effective social engineering defense at present only partly relies on software tools. The core of social engineering defense is the effort to educate people, who are often regarded as the weakest link in the cybersecurity chain, for them to learn how to detect instances of social engineering attacks and respond accordingly
Ransomware, spyware, and other malware – In the case of malicious software that may siphon, corrupt, delete, or encrypt data, the solution involves multiple tools including automated data backup, antivirus, web application firewall, email, and link scanners, and malware detection and prevention systems, among others.
Communication interception tactics – Man-in-the-middle (MIM) attacks or those designed to intercept data exchanged between communicating parties are complex problems that require sophisticated solutions. Two of the best-known solutions are authentication and tamper detection. In authentication, public key infrastructure like Transport Layer Security (TLS) may be employed, wherein clients and servers exchange certificates that indicate secure communications. In tamper detection, there are tools used to examine the latency of responses or discrepancies in response times. MIM attacks are suspected if responses take longer than usual or are not in line with response times patterns established for legitimate connections.
This is not a comprehensive list and discussion of data attacks and their corresponding solutions. However, these should highlight the point that data security is bigger than how most organizations perceive it. As such, multiple tools are needed to attain reassuring data protection.
In conclusion
The data security solution an organization uses should evolve with the threat landscape. It would be inevitable to use multiple tools in the process or transition from one to another. The use of multifunction platforms that integrate various data security solutions is also likely to become commonplace. However, the tools are only a part of the concerns organizations should pay attention to. Foremost, it is essential to properly identify the sensitive data used in an organization and understand the increasing complexity of modern IT infrastructure.
The post The Growing Complexity of Data Security: Secrets Management and More appeared first on Datafloq.