Commentary|BY ROB ROY
ROB ROY is CTO of the U.S. Public Sector Cyber Group at Hewlett Packard Enterprise.
A simple security fix that’s tough for attackers
Format-preserving encryption offers a more granular approach to securing legacy systems and new solutions alike
In the past few decades, the U.S. government created more than 100,000 custom digital applications. Those apps continue to serve different purposes and span teams, departments, organizations and even entire agencies.
At the federal level, the government manages terabytes of anonymized and personally identifiable information (PII). But with such a mammoth amount
of information, how does the government keep its data safe?
Many agencies are using an obsolete form of full-disk encryption in which data at rest requires only one- or two-factor login credentials. The entire disk is effectively on lockdown instead of the data it contains. In a worst-case scenario,
a rogue actor or nation-state bent on committing espionage needs
to compromise only one point of entry before hitting a metaphorical jackpot of PII.
We saw that unfold when data on 22 million federal employees was stolen by Chinese hackers during the infamous Office of Personnel Management breach in 2015. Since then, federal agencies have been more adamant about modernizing their data security.
Although peace of mind can never be fully realized in the ever- changing space of cybersecurity, we can move toward a more data- centric approach in which security is embedded at a more granular level. Format-preserving encryption (FPE) has been widely adopted by
the retail and finance industries,
and the federal government now recognizes the importance of that continuous form of data protection, which reduces threats from insiders, malware and advanced attacks.
Unlike its predecessor, FPE cannot be reverse engineered. It secures
FPE is a continuous form of data protection that reduces threats from insiders, malware and advanced attacks.
data in motion, in use and at rest — all in accordance with Federal Information Processing Standards.
Beyond the security advantages, FPE could enable more collaboration among agencies to identify short- and long-term trends. For instance, officials at the Centers for Disease Control and Prevention actively collect nationwide health data to identify possible epidemics and other disease outbreaks. Sharing secure information could also make data a key driver of digital diplomacy and shift constituents’ expectations of government agencies to be less reactive and more proactive.
Additionally, the advanced security built into FPE protocols offers the ability to share non-PII
information publicly. That kind of transparency would enable societal progress and keep the government accountable for the security and accuracy of the data it collects.
But anyone who works in public-sector IT knows that legacy systems — including mainframes, physical media and other equipment unrecognizable to Americans under the age of 30 — dominate the U.S. government. As the Modernizing Government Technology Act of 2017 states, legacy IT systems
“pose security risks, including the inability to use current security best practices, such as data encryption.”
It has been estimated that the cost of re-architecting more than 100,000 apps to meet modern security protocols would exceed $1 trillion. Fortunately, FPE is versatile enough for legacy and new systems alike. The ability to retrofit decades-old mission-critical datasets without having to completely overhaul the IT infrastructure could help federal IT leaders meet their security goals without going over budget.
There is no silver bullet when it comes to modernizing the way the government stores and shares data, but FPE is a smart approach in an age of nefarious and sophisticated adversaries. Legacy equipment should not be viewed as an obstacle but rather as an opportunity to shift the paradigm from database to data- centric security. The threats will evolve, and it’s up to us to ensure that the nation’s most sensitive data remains secure. n
8 August 2017 FCW.COM