Tuesday, April 28, 2009

A New Vantage Point

Well, I have recently changed my site of employment and that puts me back in the business of protecting data.

The older content of this blog is relevant, its just that I will be focusing on mostly one dimension of the trillium mentioned below -- storage managment.

Stay tuned as I get back in the saddle with a renewed focus on the Data and Storage dimension of this industry.

While I am re-starting up this conversation about Data click over to "Druken Data" and get another perspective.

Don on Data!

Wednesday, January 30, 2008

A Secure Enterprise is Also a Well Managed One!




I’m dying to get into the meat of Security 2.0 but before I go there I think we need to talk about how the foundation of good IT management links to Security 2.0, or what I will call good Infrastructure Hygiene.

The reason that this discussion is relevant to Security 2.0 is that without a good foundation in our IT's infrastructure we cannot completely solve the data leakage problem**.

** Data leakage is the current buzz name for data that leaves the enterprise in an unmanaged manner.




So let’s talk about the infrastructure elements of Security 2.0. By infrastructure I mean the underpinning, or better yet, underbelly of IT's operation. IE: the technology that information uses to move throughout and in and out of the enterprise.

Three dimensions of infrastructure hygiene come to mind:
  • Systems Management
  • Storage Management
  • Security Management
The need for this Trillium seems pretty remedial to some of us because these are the technologies and process that we have been working to put in place all our career.

So why even mention it and what does this have to do with Security 2.0?
Answer: A well managed enterprise is a also a secure one!
Try this logic...

  • For security technology to know what is going on at an end node, a sensor must be placed there.
  • For the sensor to get there a method of deploying and keeping the sensor at the end node must be active.
  • If anything happens to the endnote it must be able to be quickly restored to a known configuration.
  • If the end node is not configured properly it must not be allowed to connect to the data sources.

Security systems that have no sensors [eyes] are blind. Therefore something in the Security 2.0 architecture must provide and manage those eyes [sensors] if the security system is not to be blind to data breaches.

In this context the Trillium of IT technologies must operate in concert with each other if we have any chance to plug Data Leaks.

Thursday, January 10, 2008

Swedish Army data breach ......

On the heals of my post on "pure-play" I couldn't resist highlighting another data breach event. These kind of security problems cannot be solved by traditional security solutions.

The post on modeling the movement of data in our enterprises highlights the danger of data moving on mobile devices, more specifically, USB devices.

Check out this breach highlighted by "Schneier on Security" [this is an interesting blog that covers a broad security discussion].

The mobility and accessibility to our information is one of the benefits of the "cyberframe" era.

There is a dark side however. Its the ease with which sensitive information can be moved and therefore compromised.

Big Risks Come in Small Packages" [from Schneier] makes some excellent points on the subject.

This breach is just another example of why we need new Security 2.0 thinking and technology!

As I come across data breaches I will log them into this site

Don on Data

Sunday, January 6, 2008

The "pure-play" security debate ....

Happy New Year!

I spent some down-time over the holidays reviewing some security blogs and I see that a debate has arisen that is directly relevant to the discussion here about Security 2.0.

It seems that we want to debate the issue of whether the "pure-play" security companies will continue to be the market leaders.

First off I am guessing that by pure play we mean companies that provide anti-products [anti-virus, anti-spam] and other traditional security products?

In this provocative article, Troubled Waters, Symantec is positioned as a pure play security company that has drifted from the straight and narrow. The article suggests that Symantec may have lost its focus on security while on an acquisition expedition that has nothing to do with security.

I can provide a different view - perhaps security has simply evolved!

This "pure-play" discussion completely discounts the concept of Security 2.0! Does it suggest that we should ignore the newer security issues that are being created by the global use and distribution of sensitive information? That we should only be concerned with protecting infrastructure and machines, and not the data itself ?

Security 2.0 is about creating "full-on" security system that has the knowledge and ability to protect information whether it's in-use, moving and at-rest. This requires protecting the underlying infrastructure as well as the information itself and the policies around that information. It is an advancement on pure-play security not a replacement and therefore not a detour.

Ok, humor me and let’s just assume for a minute that Security 2.0 thinking is the right trajectory. With that assumption in tow let’s make a list of important technologies needed to fulfill that vision.

  • To properly monitor the data on an endpoint, scanners must be present so the configuration of that endpoint must be secured. Systems management expertise would be useful would it not?
  • To properly monitor the data at rest, scanners should be installed close to the storage should they not? Storage and storage management technologies that are installed in most of the globe's file servers, databases, messaging servers and desktops could have a role here, right?
  • Email security and archiving systems have a role in filtering and archiving message traffic that moves through networks. Email gateways would provide good expertise in this schema.
  • It 's also necessary to traffic the flow of this information in a policy driven way so it would be useful to have a centralized policy function.
  • And finally let’s throw in some of the traditional pure-play technologies with the addition of a network access control mechanism that insures the end node is correctly configured and vulnerabilities are remediated before they connect.

If we look back at the list above it is easy to see that the pure-players will have to acquire - and hopefully integrate some new technologies if they are to make Security 2.0 a reality for their customers!

I suggest it’s the security companies that stay "pure-play" that are in danger of ignoring the emerging security needs of their customers.

It's companies like Symantec and some other large companies that comprehend the future and realize that the anti-stuff alone cannot meet the demanding needs of protecting the infrastructure AND the information.

Symantec isn't simply trying to be a "one shop stop for all IT needs"; they have simply recognized that the emerging security problem is bigger than just keeping the bad stuff out. Protecting data and the infrastructure it resides on is a more complex security problem that will require the integration and cooperation of security, storage and systems management.

In the end the question of "Troubled Waters" is not "to diversify or not", its to "converge or not". IT technologies need to converge around the real security needs of their customers ..... Security 2.0.

Another article on this subject can be viewed at New threats call for a fresh approach....



Next post I will get back on track and discuss Data hygiene as a preface to digging deep into Security 2.0.

Don on Data


Wednesday, December 12, 2007

Simple modeling of data movement in Security 2.0



To employ Security 2.0 thinking lets conceptualize how data moves in our IT infrastructure. To do this we need to know how data enters the enterprise, how it moves inside the enterprise, how it rests in the enterprise (stored) and how it leaves the enterprise. We will keep our model at a high level for now and add more finesse later as the problem and solution start to diverge.

We will eventually talk about what data is sensitive but for now we are going to assume that all moving data contains some kind of sensitive information.

Now might be a good time to realize that data can exist in two fundamental forms as it is used in or infrastructure: Structured and Unstructured. Here are my definitions of these data forms, we can refine them more later:

Structured data

Structured data is data that is processed and saved using a predefined schema. Databases and data warehouses contain structured data. Assess to structured data is usually by a pre-defined schema. Getting into a database requires a password and access via a query language. Typically structured data is presented to users via an application that is logged on and connected to the database and knows the schema. Structured data is stored in a schema that is defined by the programmer of the application. For example SSN's for an application are stored in a specific column in a database and that is all that is ever stored in that column.

Unstructured data

Unstructured data is the data that is typically stored on our files servers, desktops and laptops. It is considered unstructured since it does not follow a known schema. Sure word files are stored in a specific file structure but that’s not what we mean when we say structured. The structure we are talking about here refers to a defined and fixed relationship between the location of a data and its type. Word files can store any kind of data any where in the file, whereas databases store specific data in specific places. Arguably XCEL files might be viewed as structured data in an unstructured form but we will ignore that nuance for the moment.

Now let’s get back to data movement

Ports of entry:

Even if sensitive data enters the enterprise without our knowledge it is our responsibility to protect it. As data enters the enterprise it would be ideal to identify, classify and mark it in a way that allows it to be tracked throughout its life. Although marking data seems theoretically possible, I’m not at this point convinced that this is practical. Even if we found a way to standardize on how to mark data the “bad guys” would find a way to bring it into the clear. Of course encrypting sensitive data is the best way to secure it when it moves but we create a problem of key management. I think that standardizing ways of packaging sensitive information is in the cards but for now we need to deal with the fact that there is unprotected data entering the enterprise and there are no standard ways of identifying it as it travels.

Here is a list of ways data enters our enterprise:

  • Email
  • Instant messaging
  • Web social activity like blogs & wiki’s
  • Web services applications connected to databases
  • E Commerce in B-B applications
  • Physical media like CD/DVD/Tape
  • Flash and USB storage devices
  • Mobile phone memory cards
  • Laptops

Data in motion:

Structured and unstructured data move in different ways it’s for that reason that different methods of monitoring and protection are needed. More later! Data in motion is data that is being/has been or is being moved or removed from its resting place.

Data moves inside our enterprise in two principal ways:

When data is at rest:

Data stops moving at various points in its life cycle. In general we call this storage. Storage can be local disk, shared disk, file shares, CD’s, tapes, flash memory, USB drives and data bases.

So the locations for data at rest are:

  • Data bases
  • File servers
  • CDs/laptops/flash memory
  • USB drives

Ports of exits:

I have to think through this more but to me the movement of data out of our organization is accomplished in chiefly the same way that data moves into it? Can anyone think of a movement in that is not also a potential movement out?

I won’t repeat the list in the “ports of entry” section which also applies to the ports of exit.

You immediately recognize the unusual risk of removable media. Removable storage can be in use, at rest and in motion using the same physical device/media. The reason that we use these devices, their mobility, is the same reason these devices are risks to personal information. For an example, look at the impact a copy of personal data had on the British government. The most disturbing thing about removable media is that once sensitive data is written on it and it becomes mobile it is impossible to track. Mmmmm, should we employ RFID on our CD’s?

In summary structured and unstructured data comes in and out of our enterprises on:
  • Instant messaging
  • Web social activity like blogs & WIKI
  • Web services applications connected to databases
  • E commerce in B-B applications
  • Physical media like CD/DVD/Tape
  • Flash and USB storage devices
  • Mobile phone memory cards
  • Laptops

It rests on:

  • Data bases
  • File servers
  • CDs/laptops/flash memory
  • USB drives

And it moves through:

  • the internal network
  • Physical movement of computers and removable storage

The graphic at the start of this post illustrates our model!

Now that we have a model of the problem that Security 2.0 must solve we can start talking about the solution in an organized way.

Don on Data!

Thursday, December 6, 2007

We aren't in Kansas anymore!









Dorthy said it best ......





OK, I will just come out and say it;

"to solve this problem will take a rethink of how we store, move and use data".

It will require Security 2.0 thinking.

There isn't a quick fix and there won't be a security patch that magically upgrades our infrastructures after which all our data is safe.

Oh yeah, it will take additions our budget and it will take some time to complete. Then again most things worthwhile are expensive and take time. Add an new line item to your budget called: Security 2.0 investment... your customers will be grateful :)

This problem is a holistic one and will require that we bring to bear the disciplines that we so often keep separated on the IT org chart.

I call these key disciplines the 3S of IT: Security, Storage and Systems Management (clever name 3SIT huh!).

Why do we need to take a multi-discipline approach? Well because data doesn't just sit statically in our infrastructure, it moves, its used and shared and when its not moving it is sitting in the vast Yota bytes of our file systems. When it moves it moves everywhere, inside and outside our infrastructure.

Check out this interesting link Yota.

We need to effectively protect the sensitive data that enters, is used in and exits our enterprise.

In the coming posts I will lay out a model that will be the foundation for us to start protecting sensitive data.

Don on data!

Knock, Knock is anyone home?

So who is supposed to be working on this problem of managing the data that we give up?

The government: Government standards of compliance abound in an attempt to control the flow of our sensitive information and there are stiff penalties for non compliance. But is this the solution or the symptom?

The owner of the data: Sure we can try to protect ourselves by not giving up information. Come on, its impractical to expect people to abstain from participating in a society drawn to the social and business benefits of the Cyberframe.

Information technology architecture: Perhaps the real solution lies at the feet of the IT architectures and infrastructures that WEB connected companies employ?


Simply put, we've improved the movement and sharing of data but we haven't correspondingly improved our ability to manage access to it.

When you think at the core of this problem its more about seeing security in a brand new light. This new form of thinking is more about protecting the sensitive information that is hosted in the Cyberframe than it is about protecting the infrastructure itself.
Don't read me wrong, this new security thinking does not ignore the hygiene that is brought to us by the ANTI-technologies [anti-virus, anti-spam etc], it does not ignore the need to backup data and it does not obviate the need to manage the configuration of the end node. This new thinking is a 2.0 type of perspective that matches the needs of the Web 2.0 world, I guess its Security 2.0. thinking!

In the next post we will start to dig into the how our IT infrastructure has to change to meet the needs of managing sensitive information. We will march through this problem in an organized and systematic way.

All that said, this is not a simple problem to solve and technologies are just now becoming available to solve it.


Have a great weekend, its snowing here :)

Don on data!