Single Point of Failure

If the security of your data rests on the back of one encryption key or access point, then control of that key or access point will control your data.

6 April 2015

Encryption key

In past columns, I’ve talked about the need to keep your encryption keys to yourself. But is that enough? At the International Association of Privacy Professional Global Summit, which I attended in early March in Washington, D.C., one of the newest topics of conversation was about compartmentalizing your data. An example of this was given by a former White House technologist. In one of the well-attended sessions, she described the operational security aspects of the President’s schedule. Apparently there is no master schedule of the President’s activities. Various parts of the schedule are kept in distinct operational compartments, perhaps even some information is only residing in staff member’s heads. The exact structure of how the schedule operated to prevent overlap was not discussed, suffice to say that the system worked while eliminating the operational risk that the President’s full schedule would be disclosed, hacked or otherwise exposed.

Segmenting your data on a need to know basis, or on a need to process basis, can add to the security of that data. Showing my ultimate geek side, I’m reminded of the rhyme of lore from Tolkien’s The Lord of the Rings:

One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them

If the security of your data rests on the back of one encryption key or access point, then control of that key or access point will control your data. Ideally you don’t want a single “key to the kingdom.“ Simplistically this means that you have different encryption keys or different access controls for each account, each customer, each project, and each time period or however your data logically segregates.

Another encryption technique that supports segmentation is what is termed M of N secret sharing. Developed by cryptographer Adi Shamir, secret sharing allows one to split up a secret (say an encryption key) in N parts, where it takes M parts to reconstruct the secret. Let’s say you had Coca Cola’s secret formula but didn’t want any one person to be able to divulge it. You could use secret sharing to create 5 parts where it took any 3 of them to reconstruct the formula. You then distribute those parts to your colleagues around the world. Only if 3 of them got together would the formula be revealed. If any one or two of them were kidnapped by rival soda makers, they wouldn’t have access to the formula. They would have to kidnap 3 of the 5 participants. There are not a lot of applications using M of N secret sharing, yet. But as the need to compartmentalize data increases and we see more and more breaches of sensitive data, these types of technique will become more common.

Whether you use advanced cryptography techniques or simple operational security, compartmentalizing your data may be a must have in your data security and privacy toolbox.

R. Jason Cronk

R. Jason Cronk

R. Jason Cronk is a privacy engineering consultant with Enterprivacy Consulting Group, a boutique privacy consulting firm, where his current focus is on helping companies overcome the socio-technical challenges of privacy through privacy engineering and Privacy by Design. He is a CIPP/US, a Privacy by Design ambassador, a licensed attorney in Florida, an author, blogger, speaker and passionate advocate for understanding privacy.