Click here to learn more about author David Schlesinger.

Why Is ‘Phil’ Downloading the HR Database at 4:00 A.M.?

Perhaps huge downloads of data from sensitive data structures are seen to be problematic and worrisome for your enterprise. The Product Price List is one thing, the HR database is quite another. Downloads from sensitive systems could easily be confined by the time of day, or day of the week, and also the amount that could be downloaded at one time. (Does he really need those 1,000,000 records?) If policy is violated, the system can be set to lock their account, which must be reset by their manager who hopefully will inquire why they needed all this sensitive information at that 4:00 AM. (Often the response is for the employee to have no knowledge of the download – that is how hacking works.) This protection certainly can be implemented were it requested and could prevent the theft of entire databases.

Sloppy is Easier – One Table to Rule Them All

It is, of course, easier and often common practice to lump all the data together. This is, however, why it is so easy for malicious hackers to steal sensitive data when they are successful in attacking.

An example of protective architectural design was exhibited by AOL years ago when a data breach saw their entire list of user passwords stolen. However they had kept credit card and personal data on a separate server elsewhere behind another firewall and only allowed stored procedures to extract one record at a time. The result was a non-event. They asked all their users to please change their passwords. Once this was done the damage was fixed, no money was stolen, no private information revealed.

Compare this with the recent government hack were the US Office of Personnel was hacked so profoundly that secret agents’ fingerprints along with all their personal data were stolen and published on the Internet. It is possible that somebody believed putting all the sensitive information together with the less sensitive information saved time and gave them faster response, but the security implications were never considered, or were deemed “too expensive” and crossed off the budget list. We may never know. (Perhaps we really don’t want to know.)

The Good Old Days are Well and Truly Gone

Belief that we still operate in a closed, protected cyber environment behind a firewall is a prime cause of commercial and governmental data security disasters. Situational awareness demands that we recognize that we are part of a Global Infrastructure that extends across the planet right up to the desktop and your handheld device. Situational awareness will motivate you to partner with your cyber security colleagues (the folks the company keeps down in the dark basement offices) to implement some of their marvelous data security tools, appliances, and capabilities on your behalf.

Data analysts, developers, project managers, business experts all working with cyber security specialists to protect sensitive institutional data should be part of every developmental methodology regardless of its name or popularity. Including people during planning, whose profession is cyber security, could make all the difference. They have tools to achieve amazing security protections, were they to be requested.

Consider Creative Options to Protect the Data

Creative data protection could solve a PCI requirement, HIPPA Rule, or corporate privacy policy to encrypt certain data fields. If decryption is connected to the single, existing authorization for access, it will accomplish little. If they steal the first authorization, they obtain the access to the decrypted data. If, however, decryption authorization is connected to a different factor, separate from the standard user Access Authorization, such as the decryption requirement requiring a corporate computer, the data may be stolen by an outsider but not decrypted. Thus, when authorization from a login is stolen from an employee and used by an external hacker, a download may commence but sensitive data would show up in key fields as gibberish. There are many solutions, and many tools, which enhance cyber security, but they are seldom requested prior to “The Incident” being scrutinized.

Requesting protection for specific data requires knowledge of what data is sensitive, its location, and which protection policies direct its governance. Capturing this information as metadata and making it available centrally is essential to share it across the enterprise to assure consistent implementation.

We are not working within our local enterprise anymore; the electronic Infrastructure has expanded and we are working on the web, in the cloud, on tablets and hand-held devices, through VPNs, and with multiple business partners. We are extended into the Global Infrastructure and must be able to protect our information within that global environment.   That is why we need systems in place to stop “Phil” from downloading the entire HR database at four o’clock in the morning.