If you would like to be notified of when Deb Shinder releases the next part in this article series please sign up to our WindowSecurity.com Real-Time Article Update newsletter.
If you would like to read the first part in this article series please go to Secure Sharing: Collaboration without Compromise (Part 1).
Introduction
In Part 1 of this series, we talked about the importance of secure sharing in today’s collaborative work environment. In Part 2 of this series, we’ll start to dig further down into the nitty-gritty of different file sharing methods and the security (and persuasive) mechanisms that you can put into place to ensure that your users use the safest ones and that your data is as secure as it can be when in the process of being shared.
Classifying data sensitivity
Internet connectivity has made it easy to share anything with anybody, anytime from anywhere. However, this ease of use may cause us to place convenience above security. There are many ways to transfer files relatively securely across the Internet but it’s important to remember that there is some information that is just too sensitive to be trusted to the Internet.
In the business environment, it’s important to classify all the data stored on the network in terms of the level of sensitivity. The appropriate method of sharing will depend on the sensitivity classification of the data. For purposes of this discussion, we can classify data into four general categories:
- Ultra-sensitive (or highly sensitive) data
- Sensitive (or confidential) data
- Low sensitivity (private) data
- Public data
You might want to break these categories down further, into different types of ultra-sensitive or sensitive data, for example, to assist in assigning access permissions.
Dealing with ultra-sensitive data
In the personal realm, a good example of this is the documentation that you send to your CPA or other tax preparation professional to complete your income tax returns. Those docs contain a wealth of personal information that would make any identity thief salivate: social security numbers, bank statements, credit card statements, addresses and phone numbers. In other words, basically everything needed to go out and open new accounts in your name is there, all in one neat little package.
In the business world, ultra-sensitive data might be comprised of the same kind of data pertaining to customers. Many businesses, especially those in health care, legal services, financial services and so forth, will have their clients’ most sensitive personal information in their files. They will also have the confidential personal data of their employees in personnel files. Other highly sensitive information might include the company’s financial data, trade secrets and information that’s covered by non-disclosure agreements (upcoming products that haven’t been released yet, research results and so forth).
In order to classify data, you need to do a risk assessment and analysis of what harm would result from exposure of the data. Ultra-sensitive data would be any data, the unauthorized access to which carries the risk of a high degree of harm to individuals and/or the company, including both direct monetary harm and harm to reputation or productivity.
Access to ultra-sensitive data should be restricted to only persons who have an explicit need to know in order to do their jobs, and who have been individually authorized by name or position/role to access the particular data. Just because an individual has a need to access one set of ultra-sensitive data shouldn’t mean he/she automatically is authorized to access other data sets that are classified as ultra-sensitive, unless there is a need to know for that set of information, too.
When ultra-sensitive data has to be shared, extreme care should be taken to do so in the most secure way possible. The most secure method of sharing data will always be to hand it off in person. Physically placing the data into the hands of the other person will always be the ultimate in both security and reliability. Not only do you know for certain that no one else intercepted the data, you also know for sure that the recipient did get it, and in a timely manner. You can copy the files to a CD/DVD, a removable hard drive, a USB thumb drive, or a flash memory card. The optical media has the advantage (assuming it’s write-only media) that the information can’t be changed. Removable drives can easily be encrypted for more security in case of loss.
Unfortunately, the in-person method is much less convenient and in some cases is impossible. Urgency and/or distance may dictate that you need to send the information over the Internet. In that case, you have to find the best means for making the transfer. First, let’s talk about what you shouldn’t do.
- Never share ultra-sensitive information over instant messaging.
- Don’t send ultra-sensitive data via email unless you send it over an encrypted connection from a secure server and you know for certain that the recipient will download it from a secure server.
- Never, ever send ultra-sensitive data over a public wi-fi connection.
- Never transfer ultra-sensitive data via a public file-sharing service unless it offers strong encryption.
- Never send ultra-sensitive data over any network without encrypting it.
- Don’t give ultra-sensitive data files names that contain sensitive information. Some file-sharing services transfer the file names unencrypted when you access them from mobile devices.
Okay, those are some no-no’s. But if you aren’t able to personally deliver the information to the recipient or hire a private courier service to do it, what is the best way to transfer ultra-sensitive data?
Enterprise file sharing services
There are numerous enterprise-grade secure file sharing services available (for a price, of course). Many online storage services also provide for secure sharing. Some features to look for when comparing services include the following:
- Authenticated logon.
- Strong encryption. AES 256 bit encryption is the standard for protecting data while “at rest” in storage; 128 bit SSL is standard for protecting data when it’s in transit between two points.
- Assurance that security standards meet or exceed regulatory compliance requirements for common statutes or industry regulations such as HIPAA, SOX, GLB, etc.
- Ability to set granular permissions separately for different persons viewing or downloading files; you should be able to give some persons the right to view only but not make any changes while giving others the right to edit or delete the files.
- Tracking systems that allow you to find out who has viewed and downloaded files and when they did so.
- The ability to set expiration dates on files stored in the service so that after a particular point in time, files that contain sensitive information can be automatically deleted.
- Ease of use features that offer an intuitive interface both for the owner of the files and for those with whom they’re shared.
Some enterprise file storage/sharing services offer the ability to create a custom client portal that’s branded with your company logo and can be customized as to appearance, color scheme, etc. Some offer drive mapping to make it easy for users to move their files into the cloud service, scanning features that make it easy to create digital copies of paper documents and share them securely, and mobile apps so that the documents can be accessed from any device.
Speaking of mobile apps, while it can be extremely useful for workers to be able to view or work with files on their mobile devices, it’s important to consider the security implications of doing so when setting your security policies – particularly when it comes to ultra-sensitive data.
In this BYOD era, many mobile devices are not completely under the control of the IT department. Users may not update their operating systems and apps regularly, so security holes don’t get patched. They can install third party apps of their choosing, and some of these apps may contain malware. Android is currently the most popular mobile operating system and according to a recent study that was reported by International Business Times, about one out of every ten Android apps is partially or completely infected with malware. Malicious apps may be able to access and capture corporate data that is downloaded to the device and send it back to the malware author/distributor.
In addition, there is the very real risk of mobile devices being lost or stolen, and unauthorized persons gaining access to the corporate data that may be on the device that way. If user credentials for logging into the file sharing web site are improperly stored on the mobile device, the thief may even be able to access more sensitive data that is residing in the file sharing service.
These risks can be ameliorated somewhat by blacklisting known untrustworthy apps, preventing users from installing apps other than from a corporate store (easy enough when the devices are company-owned, but many users will be very unhappy to be restricted in that way on their personally-owned devices), and ensuring that devices all have strong lock screen protection enabled (strong passwords/passphrases, biometric or preferably both). However, this is only a partial solution. The safest policy when dealing with ultra-sensitive data is to prohibit access/download from mobile devices.
Summary
In this, Part 2 of our series on secure sharing, we discussed data classification and some do’s and don’ts for sharing ultra-sensitive data with collaborators both inside and outside the company. In Part 3, we’ll talk about how those with whom you share such data can deliberately or inadvertently compromise the information after it leaves your hands, and some solutions for helping to prevent that.
If you would like to be notified of when Deb Shinder releases the next part in this article series please sign up to our WindowSecurity.com Real-Time Article Update newsletter.
If you would like to read the first part in this article series please go to Secure Sharing: Collaboration without Compromise (Part 1).
