Monday, August 4, 2014

Loose Lips Sink Ships... and Navies... and Nations


I am returning from a business trip in Mainz, Germany, home of Johannes Gutenberg, who invented the modern printing press in the mid-15th century. While at an exhibit, I began considering all the benefits ushered in by Gutenberg's press. I also started thinking about the drawbacks it had compared to modern technology. It was then that I began to see many correlations to how data is still being treated by most organizations today.

The premise was simple. The printing press consisted of formatted metal blocks that could be inserted and moved into columns and rows in the press. You would then setup your printing press with all the information you wanted in that page and then you would have someone run off as many copies as you needed. Repeat for every page of data. Depending on how many pages and copies, that process would take days, weeks, or months. (It is widely held that it took Gutenberg several years to print the copies of his famous version of the Bible.) Then, after a copy was completely done, it would make its way (probably via a merchant) to someone's home to be used and then kept as part of their library (it was a sign of distinction and status to display your books, in those times).

Does this sound familiar?
  • You require someone (or several) to produce a copy of that data every time a request is made.
  • You require someone to ship that data to its final destination, or perhaps to someone else who will then get it to its final destination
  • Once your copy has made it to its destination, it indefinitely stays there...or not...you don't really know, it's completely in the hands of the requestor.
If you are still using a bucket brigade to copy and move your data, see my last post about your Pony Express.


It's the last point that is the concern in this blog

The printing press was awesome. It solved the need of getting data out to the masses. It also was called upon to duplicate and disseminate intelligence and other sensitive communications. In those cases they relied on physical and human controls to limit the risk exposure. And most organizations are still employing this 15th century security approach to data today, and they are doing so at great peril to their self and their organization, company, or country. Sure data is encrypted from endpoint to endpoint (I hope), but we live in a time where we need to take these additional steps.


Provide the right data to the right people 

In some cases, like Analytics and Break Fix, you do need to exact copies of data. But, for non-prod use cases (where most of your data resides) you want full realstic data. You want developers to test against representative names and personal information, but not the actual names of your soldiers, or credit card numbers of your consumers. Central Command knows where the munitions are, but your contractors developing your application certainly don't need to know.

Reduce attack vectors by providing the right data to the right place at the right time, and only the right time

Allow everyone the access to the data sets they need, but keep the data centrally stored, managed, archived, and controlled. When someone has a justified need for data, provide it to them virtually for the requested duration and then take it away. You have to quit making n-copies of your data across n-number of systems in your enterprise. The more times you pass sensitive information and the longer you leave it out there, your risk of compromise grows exponentially.

Recently, I had this conversation with a US Navy Rear Admiral, "If your information is actually sensitive, your approach to data sure doesn't reflect it." He looked at me with a curious smirk, then I continued. "You're creating copies of your data all over your enterprise: Dev, Staging, Test, Break-Fix, Analytics. Most with little to no sanitization. You are relying on people to do the right thing, a la Snowden." He got it. 

While you may insist you don't have a printing press in your Data Estate (Apps, BI, DR, Tactical Deployment), your approach to data security disagrees with you. Copies of unmasked data are worse than loose lips.

For more information on how you can get rid of your printing press and to easily add these capabilities to you data security strategy, please follow these links: