Protecting Sensitive Data using Encryption and Key Management

1. © 2008, Linoma Software. All rights reserved . Protecting Sensitive Data using Encryption and Key Management

3. © 2008, Linoma Software. All rights reserved . Data Risks Databases can be accessed through a wide variety of tools by both external hackers and rogue employees. Backup media often passes through many hands to reach its off-site storage location. Unless otherwise protected, all data transfers travel openly over the Internet and can be monitored or read by others.

4. © 2008, Linoma Software. All rights reserved . Statistics  46% of interviewed organizations expect a serious data loss at least once a year. (Source: Symantec Corporation, January 2008)  Data breaches were 69% greater in 2008 than the same period in 2007. (Source: Identity Theft Resource Center)  56% of organizations reported a loss in existing customers from a data breach. (Source: Ponemon Institute, June 2008)  1 out of 3 computer professionals admit to accessing confidential data within their companies. (Source: MSNBC, June 2008)  Employees, not hackers, cause most data losses (Source: ars technica, October 2008) “ A former Countrywide employee was arrested and charged with illegally accessing the firm’s computers for more than two years. As many as 2 million loan applicants may have had their data stolen, the FBI said.” (Source: LA Times Sept 11, 2008)

5. © 2008, Linoma Software. All rights reserved . Costs of Data Breaches  “ Data Loss Study” conducted by Ponemon Institute  32,000 lost customer records per breach  Average cost is £120 for each lost record  £4.0 million cost per breach  Costs: Administrative and IT resource costs Notifications to customers Public relations Regaining trust 44 U.S. states have enacted legislation requiring notification of security breaches involving personal information. ( http://www.ncsl.org/programs/lis/cip/priv/breachlaws.htm )

6. © 2008, Linoma Software. All rights reserved . Data Which Needs a High Level of Protection  Anything that is confidential to the organization, its employees and its customers  Credit card numbers  National Insurance numbers  Birth dates  Payroll information (e.g. wages)  Health-related information  Bank Account numbers  Driver License information  Financial data  Trade Secrets (e.g. product formulas)

7.  To comply with regulations: HIPAA Sarbanes Oxley Gramm-Leach-Bliley  Data Protection Act  To avoid potential penalties and lawsuits  To comply with PCI Security Standards  To avoid bad public relations  To ensure your continued employment (you don’t want to be the one that “takes the fall”) © 2008, Linoma Software. All rights reserved . Why Should You Protect This Data? “ A senior database administrator at a subsidiary of Fidelity National Information Services took data belonging to as many as 8.5 million consumers. The stolen data included names, addresses, birth dates, bank account and credit card information, the company said.” (Source: ComputerWorld, July 2007)

8. © 2008, Linoma Software. All rights reserved . PCI 1.1 Data Security Standard  Data Security Standard developed by Payment Card Industry (PCI)  Latest Standard is 1.1 (released in Sept 2006)  View complete text of PCI Data Security Standard at: https://www.pcisecuritystandards.org/pdfs/pci_dss_v1-1.pdf Excerpt from Standard: 3.4 Render Primary Account Number (PAN), at minimum, unreadable anywhere it is stored (including data on portable digital media, backup media, in logs, and data received from or stored by wireless networks) by using any of the following approaches: • Strong one-way hash functions (hashed indexes) • Truncation • Index tokens and pads (pads must be securely stored) • Strong cryptography with associated key management processes and procedures. The MINIMUM account information that must be rendered unreadable is the PAN.

9. © 2008, Linoma Software. All rights reserved . PCI 1.1 Data Security Standard 3.5 Protect encryption keys used for encryption of cardholder data against both disclosure and misuse . 3.5.1 Restrict access to keys to the fewest number of custodians necessary 3.5.2 Store keys securely in the fewest possible locations and forms. 3.6 Fully document and implement all key management processes and procedures for keys used for encryption of cardholder data, including the following: 3.6.1 Generation of strong keys 3.6.2 Secure key distribution 3.6.3 Secure key storage 3.6.4 Periodic changing of keys • As deemed necessary and recommended by the associated application (for example, re-keying); preferably automatically • At least annually. 3.6.5 Destruction of old keys 3.6.6 Split knowledge and establishment of dual control of keys (so that it require two or three people, each knowing only their part of the key, to reconstruct the whole key) 3.6.7 Prevention of unauthorized substitution of keys 3.6.8 Replacement of known or suspected compromised keys 3.6.9 Revocation of old or invalid keys 3.6.10 Requirement for key custodians to sign a form stating that they understand and accept their key-custodian responsibilities. 10.0 Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are critical. The presence of logs in all environments allows thorough tracking and analysis if something does go wrong. Determining the cause of a compromise is very difficult without system activity logs.

10. © 2008, Linoma Software. All rights reserved . Encryption Basics  Encryption is the process transforming understandable text (plaintext) into an unintelligible piece of data (ciphertext).  Encryption hides the meaning of the message, but not its existence  Converts ordinary information into unreadable gibberish. Example Before: The quick brown fox jumped over the lazy dog After: „OE Kä°BBY ý ê·Ñ‚C‹Ÿ^{F+rÀJ[1]Ï(¾Y½i›”®t  Cipher is a pair of algorithms that perform encryption and decryption. Example ciphers are AES and TDES  Key controls the detailed operations of the Cipher algorithms. The output (cipher text) is therefore manipulated by the Key. A Key is represented by bits (i.e. 101001…). AES256 uses a 256 bit Key.  Symmetric Key Cryptology is a form of cryptology in which the sender and receiver share the same key. The key must be kept secret or the security is compromised. Also known as Secret key cryptology.  Asymmetric Key Cryptology is a form of cryptology that implements Key Pairs, in which the Public key portion of the Key Pair is used to encrypt information and the Private key portion is used to decrypt information. Otherwise known as Public Key Cryptology.

11. © 2008, Linoma Software. All rights reserved . AES Encryption  AES is the abbreviation for Advanced Encryption Standard  Ideal for protecting database fields and backups  Uses Symmetric Keys  No known attacks  Fast form of Encryption – 6 times faster than Triple DES  Can use a 128, 192 or 256 bit key length Quote from US National Security Agency (NSA) – June 2003 "The design and strength of all key lengths of the AES Algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level.

12. © 2008, Linoma Software. All rights reserved . Open PGP Encryption  Widely used for protecting data sent over the internet.  Uses combination of Asymmetric-key and Symmetric-key cryptology to provide high level of protection and speed  Encrypt with Public Key -- Decrypt with Private Key (Secret Key)  Encrypted files can be sent over standard FTP connections or Email  Provides compression to reduce file sizes TERMS OpenPGP standard is a non-proprietary and industry-accepted protocol which defines the standard format for encrypted messages, signatures and keys. This standard is managed by the IETF (Internet Engineering Task Force). Key Pair is a combination of a Private key and its corresponding Public key. Key Pairs are used within Asymmetric Cryptology systems, such as OpenPGP, SSH and SSL. Private Key is the portion of a Key Pair which is used by the owner to decrypt information and to encode digital signatures. The Private key, typically protected by a password, should be kept secret by the owner and NOT shared with trading partners. Also known as a Secret Key. Public Key is the portion of the Key Pair which is used to encrypt information bound for its owner and to verify signatures made by its owner. The owner’s Public key should be shared with its trading partners.

13. © 2008, Linoma Software. All rights reserved . Secure FTP  FTPS and SFTP will protect the entire FTP connection  Provides strong encryption with support for popular algorithms such as AES  FTPS (FTP over SSL) - Authenticate using certificates - Support for self-signed certificates and CA certificates - Complies with SSL and TLS standard - Implicit and Explicit connections  SFTP (FTP over SSH) - Authenticate using a password or an asymmetric key - Complies with SSH 2.0 standard - Popular in UNIX and LINUX systems TERMS Authentication is a mechanism to positively identify the server, and optionally the client, by requesting credentials such as a password or a digital signature. Certificate is a digital identification document that allow both servers and clients to authenticate each other. A certificate contains information about a company and the organization that signed the certificate (such as Verisign). SSL is an abbreviation for Secure Sockets Layer. SSL is a security protocol for encrypting communications between two hosts over a network. SSL utilizes certificates to establish trust between the two hosts. The latest version of SSL is also called TLS (Transport Layer Security). SSH is an abbreviation for Secure Shell. SSH is both a computer program and an associated network protocol designed for encrypting communications between two untrusted hosts over a network. It utilizes Public keys to provide asymmetric cryptology.

14. © 2008, Linoma Software. All rights reserved . Data Encryption Solutions Crypto Complete™ automates the encryption of System i database fields and backups with native key management and audit trails. Protegrity™ automates the encryption of Oracle, Informix, SQL Server, Sybase, DB/2 and Teradata database fields with centralized key management and audit trails. GoAnywhere™ automates data movement, encryption, translation and compression from one centralized solution. Runs on System i , Windows , Linux , Unix , Solaris and HP-UX. COMPLETE OpenPGP - Secure FTP - Key Management - Audit Trails - Backup Encryption - AES - Key Management - Audit Trails

15. © 2008, Linoma Software. All rights reserved . Encryption Customers Customers Over 3,000 Installations Worldwide BeautiControl Cosmetics Carolina Biological Supply Centersoft Certegy City of Ketchikan City of Redding Consolidated Telephone Companies CU*Answers Discovery Toys EOG Resources Fairmount Minerals Fidelity Express The Geo Group Inc. Hermann Sons Ingram Industries KOA Kampgrounds of America Korta Payments Landau Uniforms Love’s Travel Stops & Country Stores Mid-Continent Group Muscatine Foods Corporation Northwest Natural Gas Oneida Tribe of Indians of WI Permanent General Agency Rural Community Insurance Services Service Insurance Group SG Private Banking Silverleaf Resorts Slomin’s Sturm, Ruger & Company United Music USA Mobility Wireless ViaTech Publishing Solutions