In today’s data-centric world, much emphasis is placed on the security of information; but protecting data is only one part of the equation. Once the bits you create become bytes of useful – and potentially confidential – data, how can you ensure the authenticity of it to someone else? Just as if you were presenting a rare piece of sports memorabilia at auction, the buyer wants to be assured that what they are receiving is genuine.
Many of the methods available today require your local systems administrator or security team to implement controls that safeguard data. This tried and true practice does require a collaborative effort from all departments, though, to address multiple aspects such as: naming conventions, directory structures, security roles, effective permissions, etc. It’s important to note that even the strictest data security controls don’t address the authenticity question. By avoiding some of these common pitfalls, you can not only enhance your information’s security, but help ensure that the data your customers, vendors, or contractors receive is genuine.
Common Pitfalls that Put Your Data’s Integrity at Risk
* Using E-mail or Instant Messaging to Share Data
* Believing Cloud Backup Solutions are Designed to Share Data
These common practices put your data at risk of Man-in-the-Middle (MitM) attacks. Often times an attacker will use the information gathered during such an attack to gain further access into your network. However, cyber thieves can all so alter the data across the communication path to deliver a malicious payload or modify the contents of files. In this scenario: the files you are exchanging originate, intact, from your network; but as they travel through the cloud, an unknown attacker intercepts the information, modifies it to include an exploit and then passes it on to your recipient. As you can see, it appears from both sides that the transfer was safe and your recipient now has the information you intended to send. But how can you be sure? Trust is essential to business but digital verification removes all doubt.
Methods for Preserving Data Integrity
* Document Protection – Aside from working with your local IT department to develop a standard procedure for security, you, as the end-user, can further protect your documents by adding restrictions to the file themselves. Many of the big name vendors such as Adobe and Microsoft have the ability to restrict what actions can be taken; from read-only to allowing only certain changes.
* Create an Auditable Chain of Custody – Knowing who has a given set of information and when they possessed it can provide the paper trail necessary to track down leaks or modifications to documents – intended or otherwise.
* Generate Checksums – In short, a checksum is a computed hash value representing the sum of correct digits in a piece of data. It can be generated through a number of tools – using a number of algorithms – for the purpose of verification of both stored and transmitted data. Most sites today offer either an MD5 or a SHA-1 checksum (or both) to users who are downloading files from their system.
While no solution is perfect and human error is inevitable (to a point), you can take the steps that will make your business and its data a much tougher target for cyber criminals. The research can be confusing and the options can be many with seemingly no significant differences between them, but it is essential to develop a strategy where the security of your private information is the first, last, and only priority.
Ryan Smith | President and CEO of Filecipher, LLC
Filecipher, LLC provides a SaaS-based platform that businesses and individuals can use to safely and securely exchange privileged information. By automating many of the steps necessary to properly protect data for transfer over the Internet, the company offers a unique approach to information exchange.
To learn more visit https://www.filecipher.com today and follow us on Facebook, Twitter, Google+ and LinkedIn!
Why don´t you look at the previous article from Filecipher – Securing the Transfer of Sensitive Data
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.