Wednesday, December 12, 2007

Simple modeling of data movement in Security 2.0



To employ Security 2.0 thinking lets conceptualize how data moves in our IT infrastructure. To do this we need to know how data enters the enterprise, how it moves inside the enterprise, how it rests in the enterprise (stored) and how it leaves the enterprise. We will keep our model at a high level for now and add more finesse later as the problem and solution start to diverge.

We will eventually talk about what data is sensitive but for now we are going to assume that all moving data contains some kind of sensitive information.

Now might be a good time to realize that data can exist in two fundamental forms as it is used in or infrastructure: Structured and Unstructured. Here are my definitions of these data forms, we can refine them more later:

Structured data

Structured data is data that is processed and saved using a predefined schema. Databases and data warehouses contain structured data. Assess to structured data is usually by a pre-defined schema. Getting into a database requires a password and access via a query language. Typically structured data is presented to users via an application that is logged on and connected to the database and knows the schema. Structured data is stored in a schema that is defined by the programmer of the application. For example SSN's for an application are stored in a specific column in a database and that is all that is ever stored in that column.

Unstructured data

Unstructured data is the data that is typically stored on our files servers, desktops and laptops. It is considered unstructured since it does not follow a known schema. Sure word files are stored in a specific file structure but that’s not what we mean when we say structured. The structure we are talking about here refers to a defined and fixed relationship between the location of a data and its type. Word files can store any kind of data any where in the file, whereas databases store specific data in specific places. Arguably XCEL files might be viewed as structured data in an unstructured form but we will ignore that nuance for the moment.

Now let’s get back to data movement

Ports of entry:

Even if sensitive data enters the enterprise without our knowledge it is our responsibility to protect it. As data enters the enterprise it would be ideal to identify, classify and mark it in a way that allows it to be tracked throughout its life. Although marking data seems theoretically possible, I’m not at this point convinced that this is practical. Even if we found a way to standardize on how to mark data the “bad guys” would find a way to bring it into the clear. Of course encrypting sensitive data is the best way to secure it when it moves but we create a problem of key management. I think that standardizing ways of packaging sensitive information is in the cards but for now we need to deal with the fact that there is unprotected data entering the enterprise and there are no standard ways of identifying it as it travels.

Here is a list of ways data enters our enterprise:

  • Email
  • Instant messaging
  • Web social activity like blogs & wiki’s
  • Web services applications connected to databases
  • E Commerce in B-B applications
  • Physical media like CD/DVD/Tape
  • Flash and USB storage devices
  • Mobile phone memory cards
  • Laptops

Data in motion:

Structured and unstructured data move in different ways it’s for that reason that different methods of monitoring and protection are needed. More later! Data in motion is data that is being/has been or is being moved or removed from its resting place.

Data moves inside our enterprise in two principal ways:

When data is at rest:

Data stops moving at various points in its life cycle. In general we call this storage. Storage can be local disk, shared disk, file shares, CD’s, tapes, flash memory, USB drives and data bases.

So the locations for data at rest are:

  • Data bases
  • File servers
  • CDs/laptops/flash memory
  • USB drives

Ports of exits:

I have to think through this more but to me the movement of data out of our organization is accomplished in chiefly the same way that data moves into it? Can anyone think of a movement in that is not also a potential movement out?

I won’t repeat the list in the “ports of entry” section which also applies to the ports of exit.

You immediately recognize the unusual risk of removable media. Removable storage can be in use, at rest and in motion using the same physical device/media. The reason that we use these devices, their mobility, is the same reason these devices are risks to personal information. For an example, look at the impact a copy of personal data had on the British government. The most disturbing thing about removable media is that once sensitive data is written on it and it becomes mobile it is impossible to track. Mmmmm, should we employ RFID on our CD’s?

In summary structured and unstructured data comes in and out of our enterprises on:
  • Instant messaging
  • Web social activity like blogs & WIKI
  • Web services applications connected to databases
  • E commerce in B-B applications
  • Physical media like CD/DVD/Tape
  • Flash and USB storage devices
  • Mobile phone memory cards
  • Laptops

It rests on:

  • Data bases
  • File servers
  • CDs/laptops/flash memory
  • USB drives

And it moves through:

  • the internal network
  • Physical movement of computers and removable storage

The graphic at the start of this post illustrates our model!

Now that we have a model of the problem that Security 2.0 must solve we can start talking about the solution in an organized way.

Don on Data!

Thursday, December 6, 2007

We aren't in Kansas anymore!









Dorthy said it best ......





OK, I will just come out and say it;

"to solve this problem will take a rethink of how we store, move and use data".

It will require Security 2.0 thinking.

There isn't a quick fix and there won't be a security patch that magically upgrades our infrastructures after which all our data is safe.

Oh yeah, it will take additions our budget and it will take some time to complete. Then again most things worthwhile are expensive and take time. Add an new line item to your budget called: Security 2.0 investment... your customers will be grateful :)

This problem is a holistic one and will require that we bring to bear the disciplines that we so often keep separated on the IT org chart.

I call these key disciplines the 3S of IT: Security, Storage and Systems Management (clever name 3SIT huh!).

Why do we need to take a multi-discipline approach? Well because data doesn't just sit statically in our infrastructure, it moves, its used and shared and when its not moving it is sitting in the vast Yota bytes of our file systems. When it moves it moves everywhere, inside and outside our infrastructure.

Check out this interesting link Yota.

We need to effectively protect the sensitive data that enters, is used in and exits our enterprise.

In the coming posts I will lay out a model that will be the foundation for us to start protecting sensitive data.

Don on data!

Knock, Knock is anyone home?

So who is supposed to be working on this problem of managing the data that we give up?

The government: Government standards of compliance abound in an attempt to control the flow of our sensitive information and there are stiff penalties for non compliance. But is this the solution or the symptom?

The owner of the data: Sure we can try to protect ourselves by not giving up information. Come on, its impractical to expect people to abstain from participating in a society drawn to the social and business benefits of the Cyberframe.

Information technology architecture: Perhaps the real solution lies at the feet of the IT architectures and infrastructures that WEB connected companies employ?


Simply put, we've improved the movement and sharing of data but we haven't correspondingly improved our ability to manage access to it.

When you think at the core of this problem its more about seeing security in a brand new light. This new form of thinking is more about protecting the sensitive information that is hosted in the Cyberframe than it is about protecting the infrastructure itself.
Don't read me wrong, this new security thinking does not ignore the hygiene that is brought to us by the ANTI-technologies [anti-virus, anti-spam etc], it does not ignore the need to backup data and it does not obviate the need to manage the configuration of the end node. This new thinking is a 2.0 type of perspective that matches the needs of the Web 2.0 world, I guess its Security 2.0. thinking!

In the next post we will start to dig into the how our IT infrastructure has to change to meet the needs of managing sensitive information. We will march through this problem in an organized and systematic way.

All that said, this is not a simple problem to solve and technologies are just now becoming available to solve it.


Have a great weekend, its snowing here :)

Don on data!

Protecting Sensitive Data .... problem or hype?


Today we create, share and store information [data] of all types leaving it laying all across the cyberframes landscape.

You see, data has not followed the circular evolution of mainframe computing, the data we share and how we share it is very different than 20 years ago. Today we create more data and it is in the hands of more humans now than when we were connected to either mainframes or isolated personal computers.

Whereas we used to know where our data was [its in the data center][its on my hard drive] now we don't have a clue, therefore we don't know what is being done with it and we don't have any control of it. Its often unknown to us that sensitive data is buried in the context of saved, shared and communicated work. We don't even realize that we are seeding the web with sensitive information.

How's this for ironic; the age of the PERSONAL computing brought us such an intense level of collaboration that our data is no longer PERSONAL.



Lets visit the source of our data protection problem!

  • Everyone in the world has access to the WEB, a network that connects everyone to everyone


  • Everyone stores data on computers that are on the web


  • Everyone is compelled to use the web for commerce and communications.


  • Everyone has to "give up information" at some time to be part of the above.
The data that we give up and how it should be managed is the focus of this discussion. The data that I am talking about is any data that is sensitive enough that its owner cares where it is, who has access to it and what it is being used for.

So instead of just calling it personal I guess we should refer to is as SENSITIVE, we will italicize it for emphasis.

The diatribe that preceded this post was a protracted way to say that we need to start paying attention to protecting data, specifically sensitive data. Our current IT architectures need to change in a profound way if we are to have the level of protection that is necessary for us all to live and play freely in this connected world.

A key question: are our IT infrastructures designed to be able to fully protect sensitive information? If not what needs to change?

That is exactly where this blog is headed......

Don on data!

Wednesday, December 5, 2007

Back to the Future



I just realized how to know when you are entering the AARP of your career. Its when you recognize that all of a sudden the industry you are working in starts to look allot like it did when you started working in it. I remember the good old days. You see I am probably the last of the Mainframe generation. I cut my teeth on computers in a time when bus and tag was the high tech lingo and the IT department provided you everything you needed, and if they didn't have it, you didn't need it. It was a time when everything IT, sat behind a big fat pipe and a single stout computer. We computed on a virtual machine that none ever saw or really cared about for that matter.

Now I sit in front of a browser on IGoggle where much of what I do is hosted on a web servers sitting somewhere in cyberspace. Today the high tech lingo is Web 2.0, Blog, AJAX, social network and syndication.

By the way I am a big believer that in the near future we will all be computing directly from the Web using browsers, services and the PC will just be a 3270 terminal .

I've gone full circle I started by computing on a Mainframe and here I am computing on a [cyber]mainframe.

A Cyberframe is the virtual back end of every browser which is used to do any form of computing. In fact we all still have terminals [personal computers] that connect into the mother of all mainframes called Cyberspace.

I'm not yearning for those good old days however. Back then computing was for the elite and it had nothing to do with improving your business, communications or productivity. The personal computer ruined us forever. We now view the role of computers and computing as utilitarian as a power plug. No one is really that impressed any more when you tell them "I have my own computer" :).

So what does this have to do with DATA protection ? The discussion continues.

Don on data!

Innagural post



This picture reminds me of our Global Information Technology Infrastructure.
At first you see it as a surrealistic portrait of majesty and structure. When you look closer you see how it can be dangerous and unforgiving.
IT is actually a very complex expanse of technology, process and information.
For those who don't manage the IT environment with serious respect for its power and content, the consequences will be devastating.

This blog is dedicated to data, not the Star trek character but rather the kind that needs protection.

I have spent a career protecting peoples data yet more than ever data still needs protection. Like a chameleon, the data protection problem changes its colors as our computing environment evolves. This blog is a place to share and discuss the shifting colors of the data protection problem. When I say data protection I don't mean backup, I mean the full protection of our data. Protection comes in many varieties and we should thoroughly discuss those here.

Don on Data!