Page 20 - Cyber Warnings
P. 20
To solve this problem, the information as it is exported needs to be encrypted and permissions
assigned by the user. At a corporate level it would be the corporation who is responsible for the
information.
How do you deploy the solution?
Each file must be automatically encrypted with encryption keys not stored on the local system.
Permissions on a file would need to to map to a user’s encryption key. DoD PKI or Verisign is well
suited to be used for the keys and will require a permission management system for the files.
In Summary: Data Protection is the Answer
You have to design it from the ground up. Start with the Data and who needs access to it. Then
think about the 7 rings. How many layers can you put in place to protect it – from encryption to
proper key management, to employee training, screening and proactive Data Loss Prevention
(DLP) to network access control to standard reactive tools like IDS, IPS, firewalls and anti-DDoS so
the business will survive most types of attacks – whether they come from the inside, where most
successful breaches happen (over 95% according to Liberty Global, one of the largest ISPs in the
world) to from the outside, where downtime can kill a business if it happens to make access to the
DATA (especially an online retailer during holidays) nearly impossible.
Designed from the ground up, staying proactive, not reactive, we can do INFOSEC right and we will
reduce risk of Data theft. Focus on the Data.
About the Author
Paul (Kip) James CISSP, CRISC Kip has worked in the information
technology arena for over 30 years covering DoD, US Government,
Publicly traded and private companies and 20+ years working in
information security. His experience includes cyber defense,
compliance audits, and creating security programs to protect
information as well as meeting regulatory compliance requirements.
He is also the founder of Pro-Krypt which researches innovative
INFOSEC technologies, security and quality assurance test
platforms, discovering security, performance and usability gaps to
provide a better experience by IT personnel with the security
equipment they are purchasing today.
To reach Kip you can contact him at [email protected].
20 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
