The recent security hole found in OpenSSL has me thinking about security from a large perspective. I have been educated that the majority of times your system or system data are compromised occurs from an internal source; not from someone who has found an open door somewhere. So, I want to drop some random thoughts for consideration and see where the conversation goes.
When I worked on applications under PCI requirements we always encrypted data whenever it was at rest. We encrypted not only data that contained credit card information, but also data that could be used to open up new lines of credit such as birthdate or social security number. This data was encrypted before generating any persistence such as files, ftp or even saving in a database. If it was written to disk it was encrypted.
However, if a hacker (external or internal) can get to your production servers through something like OpenSSL and see the data un-encrypted in memory, what should you now do?
My thoughts then turned to database backups. Do you maintain backups on disk, or even send backups offsite in some form? Perhaps you even have database replication over the internet. All of those scenarios should take into consideration that encryption may be required. Someone could get their hands on an old database backup and restore it into their own system. Do they now have access into a snapshot of your data?
What are the practices you find most vulnerable that a company typically ignores? What are some of the lines of defense you rely on for internal and external attacks?
Share your thoughts. Get into the conversation here online, or drop an email to btaylor@sswug.org.
Cheers,
Ben