-
Notifications
You must be signed in to change notification settings - Fork 0
Ops 401 Class 06
As one of the basic building blocks of information security, the CIA Triad is likewise a vital piece in establishing secure enterprise file transfers. In this post, we explain what the CIA Triad is and how you can apply it to your B2B data transfers.
The CIA Triad refers to three basic principles/objectives in information security, namely: confidentiality, integrity, and availability. It's been proven that, in order to establish a secure system, you need to achieve these three objectives. Let me explain each one first and why they are crucial to business file transfers.
In the context of information security, confidentiality refers to the principle of restricting access to or knowledge of certain pieces of information to certain individuals. There are several reasons for doing so. For example,
- a company might not want competitors to know its trade secrets, key personnel salaries, list of customers, products in development, or sales and marketing plans
- a law firm might want to preserve attorney-client privilege
- a healthcare organization may want to secure ePHI and comply with HIPAA / HITECH requirements
- trading partners might want to keep transaction details between themselves
Unfortunately, when two parties exchange information over a network, especially one as vulnerable as the Internet, the confidentiality of that information will always be at risk. If they want, attackers can steal secret information by either carrying out a man-in-the-middle attack to eavesdrop on a transmission or hack directly into a server. It is therefore imperative to establish countermeasures that can mitigate unauthorized access and disclosures.
The second member of the CIA triad, integrity (which means data integrity) pertains to the principle of preventing data from being tampered. Data integrity is particularly crucial in business transactions where unauthorized alterations to data (whether intentional or accidental) can lead to disputes, report misstatements, and (in the case of fraudulent alterations) financial losses.
Like confidentiality, integrity can likewise be compromised during data transfers through either man-in-the-middle attacks (where attackers can intercept the data, make changes, and then forward the altered data to the intended recipient) or through a direct hack on the server.
Ok. Let's say you're able to preserve the confidentiality and integrity of your data at all times. But what if there are times when you need it and the data becomes inaccessible? That can be a problem, right? In the case of file transfers, data access problems can be due to a variety of reasons. Power interruptions, network disruptions, server failures, missing files, DDoS attacks, and natural disasters are just some of the many unfortunate events that can render data inaccessible.
Availability issues can be a serious problem, especially if they involve business-critical data. More so if the data is part of a supply chain, where several organizations or business units can suffer.
Encryption is by far the one most closely associated with confidentiality, so let's start with that. Encryption basically renders data unreadable, thereby preserving that data's confidentiality. The data can become readable again only after it's decrypted.
Encryption solutions are usually grouped into two categories: those that encrypt data-at-rest and those that decrypt data-in-transit. File transfers require both. That's because, as mentioned earlier, threats to file transfer confidentiality exist both while the files are tranversing the network (data in transit) and while they're stored on the server (data at rest).
Data-in-transit encryption is usually achieved through solutions like SSL (e.g. FTPS, HTTPS, WebDAVs) or SSH (e.g. SFTP). On the other hand, data-at-rest encryption is usually achieved through OpenPGP or other disk-level or file-level encryption solutions. When you encrypt data before (while in the sender's server), during (while traversing the network), and after (upon arrival at the recipient's server) a file transfer, you call that end-to-end encryption.
Recommended read:SSL vs SSH - A not so technical comparison
Another method you can use to secure data confidentiality is authentication. Good authentication can help you restrict access to your confidential data to authorized individuals. If you can implement 2-factor authentication, then that would be even better.
To achieve data integrity in your file transfers, you can use hash functions and digital signatures, security elements that are readily available in secure file transfer protocols like FTPS, HTTPS, SFTP, and WebDAVs. These solutions will enable file transfer recipients to determine if the files they receive have been tampered along the way.
The best way to ensure (file transfer) service availability is to set up a high availability (HA) cluster. There are two ways to do this. The first one would entail setting up one or more failover server(s) that can immediately take over should the primary server go down. This is known as an active-passive high availability configuration.
Alternatively, you can set up two or more server (s) in such a way that they are both active servers. This is known as an active-active high availability configuration. The main purpose of an active-active HA configuration is to distribute the workload and reduce the chance of a server from going down due to overload.
All content above cited from jscape
You’ll sometimes see MD5, SHA-1, or SHA-256 hashes displayed alongside downloads during your internet travels, but not really known what they are. These seemingly random strings of text allow you to verify files you download aren’t corrupted or tampered with. You can do this with the commands built into Windows, macOS, and Linux.
Hashes are the products of cryptographic algorithms designed to produce a string of characters. Often these strings have a fixed length, regardless of the size of the input data. Even if someone modifies a very small piece of the input data, the hash will change dramatically.
MD5, SHA-1, and SHA-256 are all different hash functions. Software creators often take a file download—like a Linux .iso file, or even a Windows .exe file—and run it through a hash function. They then offer an official list of the hashes on their websites.
That way, you can download the file and then run the hash function to confirm you have the real, original file and that it hasn’t been corrupted during the download process. As we saw above, even a small change to the file will dramatically change the hash.
These can also be useful if you have a file you got from an unofficial source and you want to confirm that it’s legitimate. Let’s say you have a Linux .ISO file you got from somewhere and you want to confirm it hasn’t been tampered with. You can look up the hash of that specific ISO file online on the Linux distribution’s website. You can then run it through the hash function on your computer and confirm that it matches the hash value you’d expect it to have. This confirms the file you have is the exact same file being offered for download on the Linux distribution’s website, without any modifications.
Note that “collisions” have been found with the MD5 and SHA-1 functions. These are multiple different files—for example, a safe file and a malicious file—that result in the same MD5 or SHA-1 hash. That’s why you should prefer SHA-256 when possible.
While hashes can help you confirm a file wasn’t tampered with, there’s still one avenue of attack here. An attacker could gain control of a Linux distribution’s website and modify the hashes that appear on it, or an attacker could perform a man-in-the-middle attack and modify the web page in transit if you were accessing the website via HTTP instead of encrypted HTTPS.
That’s why modern Linux distributions often provide more than hashes listed on web pages. They cryptographically sign these hashes to help protect against attackers that might attempt to modify the hashes. You’ll want to verify the cryptographic signature to ensure the hash file was actually signed by the Linux distribution if you want to be absolutely sure the hash and file weren’t tampered with.
all content cited from how to geek
This content is relevant to our classes because it breaks down and explains different techniques and tools that can be employed in our future careers. It also provides a general overview of industry-standard accepted practices for achieving CIA security.