Page 19 - Cyber Warnings
P. 19
Current thought and process is: if the user wants to share the information they can send it via email,
store it on a file share on the network or add the file on a cloud based system i.e. Dropbox. In this
case you are relying on access control that is applied on the services that are used to store
information. The problem with this, is that administrators still have access to the information.
In the email scenario the user sends the information to the person who they would like to share the
information. A users could maliciously send an email to the wrong person, or the email could be
mistakenly sent to the wrong person. Security personnel see more information go to the wrong
person by mistake than the person that sent it to the wrong person intentionally.
File shares and cloud based applications control access by folders but an administrator would still
have access to all of the information. An example is Edward Snowden who was an administrator of
IT systems with the Intelligence Agency which he had access to copy a large amount of data
without being noticed.
This is an expected occurrence being a system administrator. So in this case, the Cyber Kill Chain
would not have been effective.
Loose Lips Sink Ships
What everyone has been waiting for,
how do we fix a leaky ship. The best
method in my experience, is identified
in the US Government classification
guide.
The creator of data is the one who
determines how information is
classified and who it can be shared.
If we start with the creator, we can
control of who has access. There are
two controls needed to protect
information; access and encryption.
Encryption is needed to keep information from prying eyes, while access is to whom information is
to be shared. To make part of the solution simple, encryption needs to be automated.
Ok, some will say, what about information in a database? The security department is doing
everything right by encrypting the database, but when information is extracted by the user it is the
user that needs to protect the information because the information has migrated from a protected to
unprotected state.
19 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
