10 Best Practices for Encryption Key Management and Data Security
New threats to data security are constantly surfacing. These ten tips can help you keep your data safe with encryption.
In modern-day applications, data encryption has become an essential part of development. Every single piece of data has its own importance, and we can’t leave them vulnerable, without any encryption mechanisms or security features in place. Encryption of data has become a major safeguard for data which resides in databases, file systems and other applications which transmit data. Given the magnitude of data security, one must follow the best practices while implementing encryption mechanisms and data security.
Here we'll cover some of the best practices which should be followed while implementing encryption mechanisms and data security.
Decentralize the Process of Encryption and Decryption
This is an important aspect of designing and implementing a data security plan. The choice is to implement it at a local level and distribute it throughout the enterprise or to implement it at a central location on a separate encryption server. If the encryption and decryption processes are distributed, the key manager has to ensure the secured distribution and management of keys. Software which performs the encryption at the file level, database level and application level is well known for providing the highest level of security while allowing users full access to the application. The decentralized approach of encryption and decryption has the advantages of:
Central Key Management with Distributed Execution
Any solution based on the hub-spoke architecture is considered to be a good architecture. This architecture enables the encryption and decryption node to exist at any point within the enterprise network. The spoke key management component can easily be deployed onto different nodes and can be integrated with any encryption application. Once deployed and the spoke components are ready, all the encryption/decryption mechanisms are available at the node level, where the encryption/decryption task is performed. This approach reduces the data's network trips. This approach also reduces the risk of application downtime because of the failure of the hub component. The key manager should be responsible for managing the generation, secure storage and expiration of the keys which are used by the spokes. At the same time, the expired keys need to be refreshed at the node level.
Support for Multiple Encryption Mechanisms
Even if we have the best available encryption mechanism implemented, it is always advisable to have support for different encryption technologies. This becomes essential in cases of mergers and acquisitions. In either of the two scenarios, we need to work with our business partners in our ecosystems. Having a security system in place which supports the major industry standard encryption algorithm ensures the organization is well prepared to accept any new government rules and regulations. (Sometimes you need more than just encryption to keep your data safe. Check out Encryption Just Isn't Enough: 3 Critical Truths About Data Security.)
Centralized User Profiles for Authentication
Given the sensitivity of data, it becomes essential to have an appropriate authentication mechanism in place. Access to these data should be based on the user profiles defined in the key manager. Only the authenticated users will be assigned and issued credentials to get access to the encrypted resources which are associated with the user profile. These user profiles are managed with the help of a user which has administrative rights in the key manager. In general, the best practice is to follow an approach where no single user or administrator has sole access to the keys.
No Decryption or Re-Encryption in Case of Key Rotation or Expiration
Every data field or file which is encrypted should have a key profile associated with it. This key profile has the ability to enable the application to identify the encrypted resources which should be used to decrypt the data field or file. Thus it is not required to decrypt a set of encrypted data and then re-encrypt them back when the keys expire or are changed. Freshly encrypted data would be decrypted using the latest key, while for the existing data, the original key profile which was used for encryption will be searched and used for decryption.
Maintain Comprehensive Logs and Audit Trails
Logging is an essential aspect of any application. It helps in keeping track of the events which have happened in the application. Extensive logging is always helpful in the case of distributed applications, and is an important component of key management. Each and every access to the set of data which is encrypted because of its high degree of sensitivity, should be logged in detail with the following information:
- Detail of the function which has accessed the sensitive data
- Detail of the user who has accessed the sensitive data
- Resources which are used to encrypt the data
- The data which is being accessed
- The time when the data is accessed
Common Encryption/Decryption Solution for the Entire Application
It is always the best practice to follow a common encryption mechanism to encrypt the fields, files and databases. The encryption mechanism needs not know the data it is encrypting or decrypting. We must identify the data which needs to be encrypted and also the mechanism. Once encrypted, the data becomes inaccessible and can be accessed only based on user rights. These user rights are application specific and need to be controlled by an administrative user. (To learn more about encryption, see Trusting Encryption Just Got a Lot Harder.)
It is a common approach in enterprises to have a large number of external devices. These devices may be point-of-sale (POS) devices which are dispersed over the network. These do not have typical database-oriented applications and are dedicated to single function, using proprietary tools. It is always a good approach to use an encryption mechanism which can be easily integrated with any third-party application.
Principle of Least Privilege
It is always advised not to use applications requiring the use of administrative privilege unless it is absolutely necessary. Using the application via the power user or a user with administrative privilege makes the application vulnerable to security threats and risks.
One of the major aspects of data security is data backup. Given the magnitude of sensitivity, all data must be backed up on a daily basis. It is also important to restore the backed-up data and check the application for correctness.
Encryption and decryption are essential for keeping data safe in today's business world. If you follow these pieces of advice, then your data should remain safe from prying eyes.