Encryption: It's time

Things are starting to change for the underappreciated art of encryption

On the surface, encryption has always seemed a no-brainer. Why expose confidential information to prying eyes when you could protect it by scrambling it? But even though encryption technologies have been widely available for more than 10 years, they have been slow to catch on.

Things are starting to change, however. A succession of high-profile, high-pain mishaps -- including stolen laptops, lost tapes and litigation associated with data breaches -- has seized the attention of management, and not just IT management. Meanwhile, hardware and software vendors have whittled away at the traditional objections to encryption, including performance penalties and the difficulty of managing keys.

Now, companies that have a great deal of sensitive data are beginning to move beyond the tactical point products they might have used years ago to high-level encryption "platforms" that provide services to applications, databases and networks companywide.

"We are deploying an architecture that will give us the ability to manage encryption seamlessly across multiple operating systems and multiple back-end systems and encrypt anything we deem sensitive," says Harvey Ewing, senior director of IT security at Accor North America. The encrypted data could be personally identifiable information, such as names, addresses, Social Security numbers or telephone numbers, or it could be medical or financial data that is subject to government regulations.

Accor, a Texas-based manager of economy lodging chains, including Red Roof Inn and Motel 6, uses Key Manager from RSA Security Inc. to centrally manage the encryption keys of its 1,300 properties. The product allows different applications to share encrypted data without the need for each one to have its own keys. "The key management server is the nerve centre of all our encryption processes, and it takes the management of individual keys out of the picture," Ewing says.

Accor has short-circuited one of the major problems in encryption. Managing keys can be complex and risky, and it has been a major impediment to the broad rollout of cryptography. The difficulty arises because encryption comes into organizations "organically, not strategically," says Jon Oltsik, an analyst at Enterprise Strategy Group Inc. in Milford, Mass. "It's the piece that many people will get wrong over the next two to three years."

Oltsik predicts that hard drives, tape drives, new versions of data­base software and the like will eventually include encryption functions, and companies will bring them in one at a time. "Next thing you know, you've got five key management systems and all kinds of complexities," he says. "The biggest risk now is disaster recovery; either you'll have to recover five different key management systems to get a business process up or you'll do a good job of backing up four of them but lose the keys on the fifth and tank the whole process."

IT security manager Marc Massar says his company, which he asked not to be named, processes more than half of all card transactions around the world. He says the company has for many years protected its transactions with narrowly focused products that do specific things like encrypting the personal identification number in an ATM transaction. These products are geared toward protecting "data in motion," Massar says.

There are several ways to encrypt data in motion; options include Secure Sockets Layer (SSL) for the Internet and the IPsec standard for "tunneling" -- establishing a secure tunnel in an otherwise nonsecure network. "These kinds of products are fairly well established, and they paved the way for e-commerce several years ago, especially SSL," Massar says. "Nobody would question the need to encrypt a credit card number across the Internet anymore."

Page Break

It is much less common today for companies to encrypt "data at rest" -- on servers, desktops, laptops and backup tapes. But protecting files and data­bases has recently become the focus of encryption projects at many companies. For example, Massar rolled out Ingrian Networks Inc.'s DataSecure Platform, a dedicated encryption appliance that sits between applications and databases. The hardware and software are specially tuned for computationally intense cryptographic processes.

Massar says he uses the Ingrian devices to apply one of the basic principles of encrypting data at rest. "Think of a piece of data as having a life cycle," he says. "I want to protect it as close to its point of origin as possible, so when it comes into my first system, I encrypt it then. Then if I want to funnel it into a back-office system, it stays encrypted, and if I need to back it up to tape, it's still encrypted.

"We are doing this first for our Internet-facing systems, because that's where the most risk is," Massar adds. But the goal is to have one encryption service, so application developers don't have to develop a new encryption routine every time they get a piece of sensitive information.

But Massar acknowledges that such comprehensive, seamless encryption is easier to imagine than to accomplish. He says he has more than 1,000 systems subject to the encryption guidelines of the Payment Card Industry Data Security Standard, and "that requires a lot of architectural decisions."

Organizations moving to encrypt their information at rest naturally look first at the most vulnerable data, which can exit the company in laptops, handheld devices and so on. A computer services firm recently set a policy that the hard drives on all laptops be encrypted using Whole Disk Encryption from PGP Corp. in Palo Alto, Calif., says Lawrence Hale, the firm's chief information security officer. He asked that his employer not be identified.

Companies often balk at encrypting large amounts of data because the mathematical algorithms used in encryption and decryption are computationally intensive. Hale says it can take six to eight hours to encrypt a 60GB to 80GB hard drive from scratch. But that's a one-time job for each drive. Once it's done, the day-to-day incremental encryption and decryption run in the background, unnoticed by users. "The files you bring up open very quickly," Hale notes.

Page Break

Performance Perils

While Moore's Law has taken a lot of the sting out of encryption, Hale says a server that processes many transactions against a large database can become unacceptably slow if care isn't taken. The answer, he says, is not whole-disk encryption but selective encryption at the application or even data-element level. "We will encrypt Social Security [numbers], name, address -- anything that is personally identifiable information," Hale says. In some cases, he says, it's possible to do that using the features embedded in commercial software, such as database applications.

But while going to that level of granularity saves processing cycles, it comes at cost: the effort required to inventory and classify applications and data. In fact, technology per se is not the hardest part of a broad encryption deployment, says Matt Haynes, a security architect at a major telecommunications firm that he declined to name. "The big effort is that you have to identify where the data is. It took us a quarter to do that. The second thing is figuring out policies and procedures: How do you live with this new thing called encryption?"

Haynes recommends tackling an encryption project with two distinct teams: "One to find and classify data, and the other to become experts on the encryption tools and processes themselves."

The work doesn't stop once encryption is in place. "There's process overhead, administrative overhead, and you obviously have to manage that system very closely," Haynes says.

And there's key management. "Once you've got a lot of data encrypted, you'd better damn well be sure you can get it decrypted and know who can get it decrypted," he says.

Still, there are technology choices that can greatly minimize the deployment effort, Haynes says. For example, some approaches to encryption require that applications be modified at each point where they access an encrypted database. "When we first started looking at encrypting data," Haynes recalls, "we understood that the need to make complicated and numerous application changes was going to turn the concept into a many-year, many-million-dollar project." But he was able to avoid such an undertaking by using the Ingrian encryption appliance. It sits between the database and the applications and is largely invisible to the applications. Application-level changes were "minimal," he says.

"Encryption is a strategic initiative," Massar says. "For the past year or so, we have been focused on some very tactical things -- encrypting tapes, laptops, BlackBerries and so on. These are some quick-win situations. But what if I had taken a more strategic approach a couple of years ago?"

For example, if he had re-architected his applications so as not to store data in clients, then he might not have to encrypt the laptops. If the source Massar is backing up to tape had been encrypted to begin with, then he wouldn't need to encrypt the backup tapes. "Maybe if I had done a little work upfront," he says, "I wouldn't have to do these tactical things later on."

Encryption gotchas

Companies rolling out encryption programs tend to focus on well-known difficulties, such as key management. But other surprises await the unwary.

- Search: Traditional search methods may not work on encrypted data, says Harvey Ewing, senior director of IT security at Accor North America. And to search a big database by decrypting every entry as you go is computationally infeasible. The answer: Use a special algorithm to, for example, create a unique hash value for each credit card number, and include that alongside the encrypted credit card number. The hash value can't be converted back into the credit card number if someone improperly gains access to it, but it can be searched on as easily as any other data element.

- Dependencies: Make sure you aren't passing an encrypted data field from one system to another that is expecting to find it unencrypted. "Once you begin encrypting data in one location, if you don't know all the dependencies of where the data is stored and used, then you are going to break things," says Ewing.

- Performance: Despite the march of Moore's Law and the tuning and optimization of hardware and software by cryptography gear vendors, performance is still a concern. "We did hit some stumbling blocks in the way some of our databases interacted," Ewing says. "That can be a problem if you are at the front desk of a hotel swiping a credit card." (With technical help from the vendor, the performance problem proved "manageable," he says.)