A Paradigm is a set way of looking at something. This makes some things we do more understandable, but often allows us to ignore other ways of doing it.
When inventory automation was first introduced on mainframes in the 1960’s, most corporations still ran it only once a month. This was just as they had been doing using the manual system, because manually it took a full month to calculate it.
Running their costly computerized inventory program only once a month offered no real business advantage. When they broke the monthly report paradigm and started running inventory daily, unseen trends appeared as well as impending shortages. They could then even order additional replacement merchandise of a suddenly popular item before they actually ran out of it! The monthly paradigm had held them back.
Most manufacturing today suffers from a number of outdated production paradigms as well, but that is work for others, we are concerned here with paradigms that put our data at risk of being stolen and published on the Internet, or used against our customers.
In a most common cyber-attacks and thefts, a common risk factor was that sensitive data was easily available to the hacker in plain text. Most cyber-attacks happen when a hacker uses known but unpatched vulnerabilities to make themselves administrator of one of your Web servers. Web servers are notoriously easily fooled or misconfigured or unpatched. Often the Web server can access data inside the firewall. Once the hacker is in charge of it, the hacker can also access data inside the firewall.
Once inside the corporate network, the hacker looks for vulnerabilities on all the servers he can access. If he finds an unused server Admin account or an unprotected function, the hacker now makes himself a legitimate user on the network and he can search for strings of data that resemble credit card numbers, social security numbers, passwords, or government IDs. It is trivially easy for hackers to find sensitive data on your network since they do not ask for permission to look at it and they do not care if they crash a few servers. Often the hacker will use SQL commands that are obscure and out of date, or just SQL commands strange to normal workers. There are hundreds of SQL commands and hackers pour over old SQL books looking for strange command strings to infiltrate modern systems.
Entire data structures are systematically searched and reports of the searches sent to the Web server that dutifully prints it to a screen that is captured elsewhere in the world by the hacker for evil purposes. Thus, any server with sensitive data needs additional protection from what appears to be authorized users on the network.
Adding a layer of security to sensitive information goes a long way in making your company more resistant to infiltration and data exfiltration.
The problem is the old paradigm of “all the technical people and other servers should have admin rights on other servers”. If you don’t think this is real, just try suggesting that System Administrators not have access to the data in the databases they manage. Wow! Watch the feathers fly. Regardless, that is how high security networks are set up in certain high-security organizations. (Don’t ask.)
The point is that we still cling to the nice, mainframe-oriented paradigm that we are all friends inside the firewall and we should get around easily everywhere on the network.
Them days be gone for good!
Even worse, often when you try to demand that you identify sensitive data in the network for extra protection, you hear other people worry that this makes it easier for hackers to find–not knowing that finding sensitive data, while difficult for the legitimate user, is trivially easy for the hacker. Remember, the hacker asks for no permissions and does not care which systems he messes up.
“Security by obscurity” is what H. L. Menken meant when he wrote his famous quote: “Every complex problem has one, obvious, easy to understand, wrong answer.”
If you put forth the idea that at least the very sensitive data should be protected or encrypted until used in a business process, you might be told that this will not only cost more than the budget can allow, but will slow transactions downs marginally and force users to perform an extra task to access it. The fact that it will stop hackers is never fully considered.
Management will often spend untold millions to make certain that Web apps can find that size 14 blue rain jacket among the zillion items in huge warehouses scattered across the globe, but spend precious little to locate and secure their highly sensitive data. This is why so many companies, hospitals, law firms, insurance agencies, and consumer corporations find their customer’s data published on the Internet.
This paradigm of universal access deserves to die.