Armored cars, gingerbread vaults

When you enter your credit card information into a Web form, you can take comfort in the reassuring padlock icon on your browser. Peek behind the vendor’s network perimeter, though, and you might lose some sleep.

Although companies assure us that transactions are protected in transit by the “military grade” encryption offered by Secure Sockets Layer, once the data pass behind the companies’ perimeter it is often protected by much weaker security, if at all. Last week in Florida, a spammer was indicted on 139 counts for reportedly stealing 8.2G bytes of personal data from a company that stores information on “virtually every adult in the U.S.” The digital heist was reportedly perpetrated using a legitimate username and password acquired while working for a company contracted by the victim.

Information protection in the data center is critical to the overall security of a company’s data. Computer-crime statistics show that the majority of computer security breaches (80%, according to a CSI/FBI 2003 Survey – see link below) are committed by insiders, yet data centers are filled with unprotected sensitive data.

One of the greatest risks comes from information sitting in databases, where it can be stolen en masse and at leisure. Unlike data in transit, which is fleeting and requires sophisticated “eavesdropping,” data in databases is often accessible by a wide range of systems and users: Web servers, back-up systems, database administrators and data-entry personnel. Although all databases provide access control, it is often difficult to apply and maintain these security measures consistently. Guardium and Ingrian are two vendors that are addressing this problem from two different angles.

Guardium’s SQL Guard security appliance can be placed on a network segment next to a database server to monitor all database queries. Although similar products have existed for performance monitoring, SQL Guard focuses on securing database access. As a monitor it can examine each database query to identify the who, when, what and where of each access request. After monitoring “normal” access for a while, administrators of the appliance can define a baseline policy and be alerted to “exceptions” that may indicate foul play. Furthermore, if the appliance is placed in-line (in front of the database) it can also perform access control and actively block queries that deviate from the policy.

Ingrian’s appliances offer real-time cryptographic protection of the data, whether it is in transit between servers or sitting in the database. The data is encrypted by the Ingrian appliance before it is stored in the database, while the keys remain securely in escrow inside the appliance. If someone were to retrieve the entire credit-card number column, for example, they would find it filled with encrypted data. By separating the keys from the encrypted data, organizations can enforce “separation of duties” between the database administrator and the security administrator; only through collusion can the data be breached. Furthermore, the data can be kept encrypted as it works its way through application servers and Web servers, only to be decrypted at the last moment, ensuring that it is not visible by the intermediate servers.

Combining in-situ and in-transit encryption of data with robust monitoring and auditing capabilities, enterprises can better meet their regulatory and fiduciary obligations as well as combat their customers’ insomnia.