Posts Tagged ‘encryption’

Security by Encryption

February 18, 2011 2 comments

In The Security Oxymoron, I wrote about the possibility of an individual introducing security measures that seem inheriently reasonably but, when analysed, offer no additional security and at times even an increase in an organisation’s vulnerability.

An example is often more useful than a mere concept. The overall story is fictional, but I promise that the individual parts have been observed over the course of many years. It starts with the Datafile, a file whose existence was essential to the smooth running of the company, and were it to end up in an outsider’s hands the result could be catastrophic.

To ensure that the Datafile was stored as securely as possible, the following security mechanism was put into place:

  1. The Datafile was stored in a folder on the local network, accessible to all individuals in the company.  No ACLs were placed on the file, as the security enhancements that followed were deemed to be sufficient.
  2. The data in the file was securely encrypted (AES) with a passphrase, using a third party tool freely available on the Internet. The only access to the data would then be through this tool.
  3. For security, the chosen passphrase was around 20 characters, consisting of numbers and mixed-case letters. The downside of this was that the passphrase was meaningless and thus unmemorable for any individual in the company.
  4. To work around this, the password had been printed out onto strips of paper (little larger than the passphrase itself, printed at 14pt), and distributed to people’s desks by hand.
  5. An office move meant that the majority of employees lost their strips of paper. Nobody noticed.
  6. Because of the security in place, it was decided that no monitoring was required to ensure that the file was not, for example, copied onto a USB stick and taken to off-site where the same third party tool could be download and the easily-lost passphrase used to decrypt it with.

The suggestion that all encryption be dropped as counter-productive, and the file kept as plaintext secured with ACLs, was deemed ‘too risky’.

Categories: Security Tags: , ,