Townsend Security Data Privacy Blog

Like most cloud service providers, Google provides options for customers to encrypt data in the Google Cloud Platform (GCP) for Google application and storage services.  Of course, core to any encryption strategy is how the encryption keys are managed. Properly managing encryption keys is central to overall encryption security. In this blog let’s look at your options for managing encryption keys in GCE and the implications for security, key custody (ownership), and business flexibility. We will also look at some alternatives to Google-provided encryption and key management.

Google has three models for encryption key management:

• Google managed encryption and encryption keys (you have no access to the keys)

• Customer-Managed Encryption Keys, or CMEK (you and Google share key management and access)

• Customer-Supplied Encryption Keys, or CSEK (you supply the key, Google does not store or manage)

It is important to understand key management in each of these areas.

Google Managed Encryption and Encryption Keys

Google automatically encrypts your data in storage for you. This is the default implementation of storage encryption. With this option Google creates and manages the encryption keys and you do not have access to the encryption keys nor to any key management functions. This basic level of encryption support ensures that your data is encrypted at rest, encrypted in Google-managed backups, and encrypted as it is replicated through the Google cloud infrastructure.

It is important to note that Google has full access to the encryption keys that protect your data and will not provide them to you. However, Google may provide these encryption keys and protected data to law enforcement or intelligence agencies as dictated by law in your country, and it may not notify you if encryption keys are disclosed under these circumstances.

Customer-Managed Encryption Keys (CMEK)

With the CMEK approach you and Google share in the administration and management of encryption keys. You have the ability to manage the creation and use of the encryption keys for protecting data in storage, and you have the ability to revoke or delete an encryption key. You do not have the ability to export an encryption key, so Google maintains exclusive custody of your encryption keys.

It is important to note that Google has full access to the encryption keys that protect your data and will not provide them to you. Google may provide these encryption keys and your protected data to law enforcement or intelligence agencies as dictated by law in your country, and it may not notify you if encryption keys are disclosed under these circumstances.

Customer-Supplied Encryption Keys (CSEK)

With the CSEK approach you provide the encryption keys to Google and Google does not create, store or manage the keys. You must generate the keys and manage them yourself outside of the Google Cloud Platform. This is normally accomplished using an Enterprise Key Management System. When you create a new virtual image you will have the option of specifying the encryption key in raw, Base64 encoded format, or you can specify the key using RSA key wrapping. Google does not store this encryption key. This means that you must supply the encryption key each time you start the GCP service. To some extent this can be automated using command line tools.

With CSEK Google does not store or manage your encryption keys in any way. Google cannot provide the key to law enforcement or intelligence agencies as it has no possession of the key.

Google Key Management Summary

In many ways the Google Cloud Key Management Service (Cloud KMS) is primitive compared to other cloud service provide key management services, and especially when compared to Enterprise Key Manager Systems which provide dedicated, non-shared, control over the entire encryption key lifecycle.  The cloud services that are protected by Google Cloud KMS are also limited to the storage of data. Additionally Google Cloud KMS does not support open standards for key management such as the OASIS Key Management Interoperability Protocol (KMIP). If data protection, encryption key custody, and exclusive access to encryption keys are important to you, you may wish to explore other cloud service providers and independent key management vendors (Townsend Security can help).

Encryption and Key Management with MongoDB in Google Cloud Platform

One notable exception to the limitations of Google Cloud Key Management is the implementation of MongoDB Enterprise Advanced on the Google Cloud Platform. MongoDB Enterprise Advanced supports the KMIP interface to key management, so you have many choices for the deployment of encryption key management outside of GCP. These choices include the ability to deploy key management:

• As hardware security module (HSM) in your own data center.
• As a hardware security module in a hosted data center.
• As a VMware virtual machine in your own data center or a hosting provider that supports VMware and vCloud.
• As a dedicated cloud instance in another cloud platform.

At the present time in July of 2018, MongoDB Atlas does not support the KMIP interface, so Atlas users will not have the ability to use their own dedicated key management system.

Resources:

Google Customer Managed Encryption Keys (CMEK):

https://cloud.google.com/storage/docs/encryption/customer-managed-keys

Google Customer Supplied Encryption Keys (CSEK):

https://cloud.google.com/storage/docs/encryption/customer-supplied-keys

A rose is a rose is a rose - let's talk KMS.

In IT technology and security, the language and three-letter acronyms we use can sometimes make things more confusing than they need to be. That’s true with encryption key management systems and services that are available today. So let’s sort out the language, TLAs, and try to reduce some of the confusion in this area.

HINT: In the following discussion, pay special attention to the words “system” and “service”. I’ve added emphasis below to help with clarity.

Enterprise Key Management System

An Enterprise Key Management System is a security appliance (hardware or software) that manages encryption keys through their entire lifecycle - key creation, key activation, key use, key expiration or retirement, key escrow, and key destruction. The “Enterprise” part of this descriptive phrase is often dropped, and these types of system are often referred to as Key Management Systems. The word “Enterprise” is often used to indicate that the key management system can be used for a wide variety of purposes within an organization.

Key Management Systems may be hardware devices (usually hardware security modules, or HSMs), software appliances (think VMware virtual machines), or cloud instances. Their use is dedicated to a single organization and usually managed by security professionals within that organization providing the organization exclusive custody of the encryption keys. Key Management Systems are usually validated to the FIPS 140-2 standard by the National Institute of Standards and Technology (NIST).

Category: “Key Management System”; or “Enterprise Key Management System”

Three-Letter Acronym: Usually “KMS”; less frequently “EKMS”

Here at Townsend Security we provide our Alliance Key Manager as a Key Management System available as a Hardware Security Module (HSM), VMware virtual appliance, and as a dedicated cloud instance (Azure, AWS) and is FIPS 140-2 compliant.

Cloud Service Provider - Key Management Service

A cloud service provider’s Key Management Service is generally a multi-tenant, encryption key storage service managed by the cloud service provider that provides a subset of encryption key lifecycle management. Administrative duties for encryption keys are a shared responsibility of the cloud service provider and the organization that uses the keys. This means that the organization is sharing custody (ownership and access) to encryption keys.

Cloud-based Key Management Services are not FIPS 140-2 validated, but may be partially backed by Key Management Systems which are. Examples of cloud service provider key management services include Amazon Web Services Key Management Service (AWS KMS), Microsoft Azure’s Key Vault (Azure KV), and Google Cloud Platform’s Customer-Managed Encryption keys (GCP CMEK, also known as GCP Cloud KMS).

The cloud service provider’s use of the “KMS” acronym adds substantially to the confusion. Just remember that cloud service providers implement a multi-tenant, shared “service” and not a dedicated key management “system”.

Category: “Key Management Service”; or “Cloud Key Management Service”

Three-Letter Acronym: Usually “KMS”, “KV” or “CMEK”; less frequently “Cloud KMS”

Townsend Security is not a cloud service provider and does not provide multi-tenant, shared custody key management services.

ISV Solutions for the Cloud - Key Management Systems

Independent Software Vendors (ISVs) provide Key Management Systems that are not managed or accessed by the cloud service provider or the ISV, and which are dedicated to the user organization. This means that the cloud user is not sharing custody (ownership and access) to encryption keys and has full and exclusive management, ownership, and access to encryption keys. ISV cloud Key Management Systems provide support for the entire key management lifecycle including key creation (key establishment), key activation, key distribution, key backup and escrow, and key destruction.

ISV Key Management Systems are not FIPS 140-2 validated, but may be based on software that is FIPS 140-2 compliant.  

An ISV’s use of the “KMS” acronym more closely reflects the Enterprise Key Management System described above. These are key management systems that are dedicated to a single organization and which support the entire lifecycle of key creation, key distribution, and key escrow.

Category: “Key Management System”; or “Cloud Key Management System”

Three-Letter Acronym: Usually “KMS” or “Cloud KMS”

Townsend Security provides its Alliance Key Manager solution as a dedicated, single tenant, Key Management System on the Amazon Web Services and Microsoft Azure cloud platforms. The solution can be located in the relevant Marketplace.

Cloud Service Provider - Bring Your Own Key

One small variation on the theme of cloud service provider Key Management Services involves the ability to import your own encryption key to the cloud service. In this case the cloud service is not creating the encryption key for you, but is allowing you to bring an encryption key that you have created, or which you manage outside of the cloud, to the cloud’s key management service. In this case the key you bring is imported into the multi-tenant, shared key management service and is then available through the cloud service provider key management service interface. Although you have exclusive control over the creation of the key and may store it outside of the cloud, it is important to remember that the storage and management of the imported encryption key is a shared responsibility between you and the cloud service provider. You do NOT have exclusive control of the key after it is imported to the cloud.

Category: “Key Management Service”; or “Cloud Key Management Service”; often “Bring Your Own Key” or “Customer-Supplied Encryption Key”

Three-Letter Acronym: “BYOK” or “CSEK” (Google Cloud Platform)

Townsend Security fully supports bringing your own key to its Alliance Key Manager Key Management System for the Azure and AWS cloud platforms. Key custody remains fully with the organization and is not shared with the cloud service provider nor with Townsend Security.

In summary: A rose is a rose is a rose.

However, a Key Management Service is NOT a Key Management System.

When discussing encryption key management care must be taken to understand the meaning of KMS. It can be quite different depending on the context. I hope this blog helps clarify the language and issues around key management.

Patrick

(with apologies to Gertrude Stein)

Every now and then you get something wrong and have to eat crow. Well, it’s my turn. Caw!

At the MongoDB World 2018 conference I gave the security session on encryption key management for MongoDB. I love doing this session because MongoDB really makes getting encryption key management right by exposing a Key Management Interoperability Protocol (KMIP) interface available to plug in a key manager. I talked about the MongoDB interface, about the principles of good encryption and key management, and then demonstrated how easy it is to deploy our Alliance Key Manager with MongoDB. It takes just a few minutes for a complete implementation.

There were really good questions at the end of the session. One of those questions was:

“How do you rotate the encryption keys for MongoDB?” 

Key rotation is, of course, required under the PCI Data Security Standard (PCI DSS) and is a good security practice. The National Institute of Standards and Technology (NIST) addresses this in their Key Management Best Practices document Special Publication 800-57. See the section on crypto-periods for data encryption keys.

This is where I ran off the rails. It was my impression that you had to create a new MongoDB database, encrypt it with a new key, and then copy the data into the new database. And that was not right! That is the procedure for some databases, but not MongoDB.

Luckily Davi Ottenheimer, MongoDB’s head of security, and a MongoDB engineer were right there to set me straight.

Fortunately you do NOT have to create a new MongoDB database in order to roll the data encryption key. It is actually much simpler. Here are the steps you use to roll the data encryption key (extracted from the MongoDB documentation for KMIP key management):

1) Rotate the master key for the secondary members of the replica set one at a time.

a. Restart the secondary, including the --kmipRotateMasterKey option. Include any other options specific to your configuration, such as --bind_ip. If the member already includes the --kmipKeyIdentifier option, either update the --kmipKeyIdentifier option with the new key to use or omit to request a new key from the KMIP server:

mongod --enableEncryption --kmipRotateMasterKey \

--kmipServerName <KMIP Server HostName> \

--kmipServerCAFile ca.pem --kmipClientCertificateFile client.pem

If using a configuration file, include the security.kmip.rotateMasterKey.

b. Upon successful completion of the master key rotation and re-encryption of the database keystore, the mongod will exit.

c. Restart the secondary without the --kmipRotateMasterKey parameter. Include any other options specific to your configuration, such as --bind_ip.

mongod --enableEncryption --kmipServerName \

<KMIP Server HostName> \

--kmipServerCAFile ca.pem \

--kmipClientCertificateFileclient.pem

 If using a configuration file, remove the security.kmip.rotateMasterKey.

2) Step down the replica set primary.

Connect a mongo shell to the primary and use rs.stepDown() to step down the primary and force an election of a new primary:

 rs.stepDown()

When rs.status() shows that the primary has stepped down and another member has assumed PRIMARY state, rotate the master key for the stepped down member:

a. Restart the stepped-down member, including the --kmipRotateMasterKey option. Include any other options specific to your configuration, such as --bind_ip. If the member already includes the --kmipKeyIdentifier option, either update the --kmipKeyIdentifier option with the new key to use or omit.

mongod --enableEncryption --kmipRotateMasterKey \

--kmipServerName <KMIP Server HostName> \

--kmipServerCAFile ca.pem \

--kmipClientCertificateFileclient.pem 

If using a configuration file, include the security.kmip.rotateMasterKey.

b. Upon successful completion of the master key rotation and re-encryption of the database keystore, the mongod will exit.

c. Restart the stepped-down member without the --kmipRotateMasterKey option. Include any other options specific to your configuration, such as --bind_ip.

mongod --enableEncryption --kmipServerName \

<KMIP Server HostName> \

--kmipServerCAFile ca.pem \

--kmipClientCertificateFileclient.pem

If using a configuration file, remove the security.kmip.rotateMasterKey setting.

This is pretty easy. You can find the documentation online at the MongoDB documentation site.

If you attended my class in New York, or if you are implementing encryption and key management for MongoDB, I hope you find this helpful. As soon as the recording of the class is available I’ll send it to you in a new blog.

Thanks to all of the MongoDB team members who put on the MongoDB World in New York! It was an exciting two days and I always learn a lot at the conferences.

Patrick

We are pleased to announce that Syncsort has acquired Townsend Security's IBM i security offerings. Solutions in the sale include Townsend Security's encryption, tokenization, authentication, FTP, as well as SIEM integration products. Syncsort is the global leader in Big Iron to Big Data software. The acquisition helps Syncsort deliver on its ongoing commitment to strengthening the security of the IBM i platform and to businesses that rely on its performance and resilience to drive the business forward.  

Townsend Security will continue in business focusing on Alliance Key Manager, our FIPS 140-2 compliant encryption key management solution that is in use by over 3,000 customers worldwide. Alliance Key Manager provides encryption key management and encryption services to a wide set of relational database solutions, big data solutions, and blockchain platforms. We are pleased that we will have an on-going partnership with Syncsort around providing the Townsend Security Alliance Key Manager solution to Syncsort customers.

During the transition, Townsend Security will work closely with Syncsort to make sure that your IBM i product needs are met. As part of the acquisition, we will be sharing your account information with Syncsort and anticipate a full handover within 6 months.

To learn more about Syncsort’s IBM i products and content offers, you can sign up here to be added to their mailing list.

We thank you for your business and trust you will continue to experience the same high level of customer satisfaction and support with Syncsort.

Patrick Townsend
Founder/CEO
360.359.4400

Microsoft SQL Server customers ask us whether they should use Always Encrypted or Transparent Data Encryption (TDE) to protect sensitive data. It is a relevant question, especially given the concern for the GDPR, and it is relevant to many other compliance regulations and data protection needs. Let’s explore these technologies in more detail and I think the answer will emerge.

Always Encrypted

Always Encrypted is a relatively new, client-side implementation of encryption for SQL Server. That is, data is encrypted on the source system before you insert it into a SQL Server database. Implemented as a Windows driver, Always Encrypted intercepts your SQL statement before it leaves your client-side system (PC, web server, etc.), determines if there are any fields in the SQL statement that need to be encrypted, establishes or retrieves an encryption key, encrypts the field, and sends the modified SQL statement to SQL Server for processing.

One advantage of this approach is that the data is encrypted as it travels over the internal or external network, and as it resides in the database. A retrieval of the encrypted data reverses this process ensuring that the data is protected in transit.

One significant limitation of Always Encrypted is that it can only be applied to a small subset of SQL operations. Many SQL operations are complex and cannot be processed by Always Encrypted.

Transparent Data Encryption and Cell Level Encryption

SQL Server Transparent Data Encryption (TDE) and Cell Level Encryption (CLE) are server-side facilities that encrypt the entire SQL Server database at rest, or selected columns. The client-side application is completely unaware of the implementation of TDE or CLE and no software is installed on the client-side system. All of the encryption tasks are performed by the SQL Server database itself. It is easy to implement and performs very well for most SQL Server customers.

TDE and CLE are a part of the Microsoft SQL Server Extensible Key Management (EKM) strategy which has been a part of SQL Server since the 2008 edition. It is a mature technology and many organizations deploy TDE or CLE to protect their sensitive information.

Encryption Key Management

An encryption strategy is only as good as the encryption key management strategy. Creating, protecting, and using encryption keys is the hardest part of encryption, and for the sake of your overall security, it is important to get key management right.

With Transparent Data Encryption the key management strategy is well defined through the Microsoft Extensible Key Management (EKM) Provider interface. Key management systems such as our Alliance Key Manager for SQL Server provide software written to the EKM interface specification and SQL Server customers get full encryption key management integrated through the EKM Provider interface.

Always Encrypted does not provide a formal interface for key management. Instead, third party vendors must provide Always Encrypted drivers that implement an interface to a key management system. This means that the interface to the key management system is proprietary. Additionally, since the Always Encrypted implementation is a client-side deployment, each client-side application will have to have access to the key manager in order to properly protect and use encryption keys. This can be a challenge in distributed network topologies.

The bottom line: you can achieve proper key management with either approach, but expect to deal with more complexity with Always Encrypted when you have distributed clients.

When to Use Always Encrypted

Because Always Encrypted functions by modifying the SQL operation before it interfaces with the SQL Server database, and because many complex SQL operations will not work with Always Encrypted, I would only recommend using Always Encrypted when the application architecture is very simple. For example, you might want to use Always Encrypted to send data from an internal SQL Server database to a web-hosted SQL Server database and application. The data will be protected in transit and encrypted in the database. As long as your web application makes simple SQL queries to the database this approach can work well.

When to use TDE or CLE

Transparent Data Encryption and Cell Level Encryption are implemented directly in the SQL Server database itself. This means that complex SQL operations are fully supported and you will not find limitations imposed by your encryption or application strategy in the future. The SQL Server implementation of TDE and CLE also support a standardized interface for encryption key management. This means you will have choices in key management vendors and can readily find a solution.  TDE also has good performance metrics for the large majority of SQL Server customers, and is exceptionally easy to implement.

Summary

For the reasons outlined above I believe that Transparent Data Encryption or Cell Level Encryption implemented within SQL Server will almost always be the better choice for most SQL Server customers. You will not be locked into restrictions on the use of SQL operations, key management is well defined, and the encryption performance metrics are impressive.

I hope this overview of the two SQL Server encryption approaches has been helpful. Please feel free to reach out with any questions you have.

Patrick

As the date for the formal implementation of the EU General Data Protection Regulation draws near, many of our customers are struggling with the question of whether or not they have to encrypt sensitive data. Because the fines for violating the GDPR can be quite high, this question is taking on a growing urgency. So, let’s take a look at this question in more detail by looking at the actual GDPR source documents.

The most relevant part of the GDPR regulation related to encryption is Article 32 - “Security of Processing”. The actual text of the article is very readable and you can find a link in the Resources section below. Here is an extract from Article 32 (emphasis added):

“Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

1. the pseudonymisation and encryption of personal data;
2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.”

Well, it looks like we don’t really have to encrypt the sensitive data because we get to take into account the costs of the implementation and the nature, scope, context and purpose for processing. Along with some other potentially mitigating factors. If you read no further you might draw the conclusion that encryption is a recommendation, but it is not a requirements. Question answered, right?

Not so fast. Let’s dig deeper. The next point in Article 32 shines a brighter light on this question:

“2. In assessing the appropriate level of security account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.”

In effect the GDPR is saying that your security controls must account for the risk of accidental, unlawful, or unauthorized disclosure or loss of personal data. That is a very broad category of potential violations of the protection of an individual’s data. Have you ever lost a backup cartridge? Do you really think your systems are secure enough to prevent access by sophisticated cyber criminals?

While on first look it seems that we have some leeway related to the deployment of encryption, GDPR quickly raises the bar on this question. Given the current state of security of data processing systems, no security professional should be absolutely comfortable with the security of their systems.

If you are still thinking you can avoid encrypting sensitive data, be sure to take a read of Recital 78, “Appropriate technical and organisational measures”.

It should be clear by now that if you decide NOT to encrypt sensitive data you should definitely document all of the reasons it is not feasible or practical to do so, and all of the measures you are actually taking to protect that data. Put this in writing and get senior management sign-off on your conclusions.

But there is more.

If you are wondering how serious GDPR is about encryption, be sure to read Recital 83 “Security of processing”. Here is an extract with emphasis added:

“In order to maintain security and to prevent processing in infringement of this Regulation, the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption. Those measures should ensure an appropriate level of security, including confidentiality, taking into account the state of the art and the costs of implementation in relation to the risks and the nature of the personal data to be protected. In assessing data security risk, consideration should be given to the risks that are presented by personal data processing, such as accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed which may in particular lead to physical, material or non-material damage.”

If you are getting the notion that the authors of the GDPR really want you to encrypt sensitive data, you would be right.

Where else does encryption come into play?

There are safe-harbors in GDPR around data breach notification IF you are encrypting sensitive data. The avoidance of notification is not absolute, but here is one relevant section of Article 34, “Communication of a personal data breach to the data subject” (emphasis added):

The communication to the data subject referred to in paragraph 1 shall not be required if any of the following conditions are met:

1. the controller has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;

If the sensitive data of a data subject is lost and not encrypted, it will be difficult to argue that the information is inaccessible. The loss of unencrypted data will certainly require notification to the supervisory authority and the data subject.

There is one more aspect to the discussion of encryption and that relates to the management of encryption keys. Your encryption strategy is only as good as your ability to protect your encryption keys. This is reflected in Recital 85 “Notification obligation of breaches to the supervisory authority” (emphasis added):

“A personal data breach may, if not addressed in an appropriate and timely manner, result in physical, material or non-material damage to natural persons such as loss of control over their personal data or limitation of their rights, discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality of personal data protected by professional secrecy or any other significant economic or social disadvantage to the natural person concerned. Therefore, as soon as the controller becomes aware that a personal data breach has occurred, the controller should notify the personal data breach to the supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the controller is able to demonstrate, in accordance with the accountability principle, that the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where such notification cannot be achieved within 72 hours, the reasons for the delay should accompany the notification and information may be provided in phases without undue further delay.”

If you are not properly protecting the encryption key used for encryption, it must be assumed that the encryption can be reversed. Don’t use weak encryption keys such as passwords, don’t store encryption keys in files or in application code. Instead, use a professional key management solution to protect the keys.

Returning to our original question about the need for encryption of sensitive data, I hope you have arrived at Yes as the most responsible answer. The loss of unencrypted sensitive data will definitely trigger the need for data breach notification. And the improper protection of encryption keys will also trigger the need for breach notification. You are at more risk of financial penalties if you are not properly protecting that sensitive information with encryption.

The GDPR is complex and some parts are subject to interpretation. But if you control or process sensitive data you should not underestimate the serious intent of the GDPR to enforce protections for individuals. GDPR is revolutionary and disruptive - it is dangerous to ignore it.

Patrick

Resources
The General Data Protection Regulation (GDPR)
The GDPR Recitals
GDPR Article 32 “Security of Processing"
Recital 78, “Appropriate technical and organisational measures”
Recital 83, “Security of processing”
GDPR Article 34, “Communication of a personal data breach to the data subject”
Recital 85 “Notification obligation of breaches to the supervisory authority”

Guest blog by Sophia Khan of CyberGuard Compliance

With all of the security breaches you hear of in the news and the occurrence of these incidents becoming more widespread, how can you be sure your customer’s credit card information remains secure? This is the purpose of PCI DSS (Payment Card Industry Data Security Standards) as it pertains to all merchants who accept credit cards, irrespective of their annual revenue and credit card transaction volume. Even with this mandatory requirement, a vast majority of organizations are still struggling to maintain PCI compliance, and the process is costing companies a great deal in consulting fees to address the root cause of PCI audit failures. By being proactive in assessing the areas of weakness when undergoing a PCI Audit, especially for the first time, companies can avoid the frustrations of a failed audit and be well on their way to continued PCI compliance.

FIRST TIME PCI AUDIT AREAS OF WEAKNESS:

1) Encryption Key Management

Several sections of PCI DSS address cryptography and key management with respect to the protection of cardholder data. When a company is unfamiliar with the ever-evolving encryption standards and requirements, this can provide additional challenges in maintaining PCI compliance. PCI DSS does not specify which cryptographic standards should be utilized, however most companies do implement Advanced Encryption Standard (AES) and Triple Data Encryption Standard (TDES), which are widely accepted for the encryption of sensitive data. These are the standards approved by the National Institute of Standards and Technology (NIST).

The list of requirements includes the protection of cryptographic keys utilized for the use of encryption of cardholder data by limiting access to the fewest number of custodians necessary, and the secure storage of keys in as few locations as possible. Additionally, cryptographic keys generated need to be strong with secure key distribution and storage, with periodic key changes being mandatory. For example, if a vendor hosts your encryption keys, then they along with hackers can most likely access it. Therefore, it is essential for maximum security to exclusively host your own encryption keys.

The solution to the complex issue of encryption key management, is the utilization of encryption and tokenization tools which will protect sensitive information with NIST-validated AES database encryption. There are five fundamentals of encryption key management:

1. Key storage
2. Key policy management
3. Key authentication
4. Key authorization
5. Key transmission

By implementing a strong key management application, secure data can be protected and there will be prevention of third-parties from accessing unencrypted content.  

2) Two-Factor Authentication

Passwords are typically the first and final line of defense in protecting user accounts. They are also the easiest for hackers to crack and on their own can compromise the security of sensitive information. Two-factor authentication, also known as multi-factor authentication, significantly reduces the risk of system intrusion, as you are required to utilize both a password as well as an additional measure such as a security code sent to a mobile device. PCI security standards require at least two of three authentication methods described in the requirement to be utilized.

• Something you know: This utilizes knowledge of something such as a password, PIN, or phrase.
• Something you have: This may involve an RSA token device, smartcard, key fob, or cellular device with mobile authentication.
• Something you are: This involves biometric measures such as a fingerprint or retina scan, facial or voice recognition, or other unique physical identification.

By utilizing two-factor authentication, companies can reduce the security threat of possible intrusion with added authentication mechanism beyond a simple password.

3) System Logging

Section 10 of the PCI DSS indicates organizations must track and monitor all access to network resources and cardholder data. This is one of the most important PCI compliance requirements as it related to network security and access. The requirement has many subsections outlining what needs to be fulfilled in order to maintain compliance in this section.

The following must be logged and maintained:

• There must be a system for logging access to all system components and every individual user.
• Audit trails for each of the following must be established:
  • Individual users with cardholder data;
  • All actions performed by users with administrative privileges;
  • All invalid access attempts;
  • Tracking of audit log clearings;
  • Secure assessment trail logs and access restriction to those with a job-related need.

System logging capabilities and the function to track user activities are imperative in detecting, preventing, and diminishing the potential impact of a data security breach. In the absence of system activity logs, it would be near impossible to detect the cause of a compromise and correct it. By maintaining knowledge of who had access to the system what they used the data for, a company can be proactive in the event cardholder data goes missing or there is suspicion of any foul play.

In recent times, many organizations have fallen into the ‘check the box’ category, where PCI compliance is simply a mandatory prerequisite they try and get through for the sake of fulfilling a minimum requirement. By practicing good cybersecurity hygiene on a consistent basis, and being cognizant of the potential areas of weakness, your Company can ensure cyber-risk management is a continued priority as you minimize operational risks. This will also allow your firm to stay ahead of the curve as technology evolves when the standard updates with time.

Visit CyberGuard Compliance’s website to learn more about their services relating to PCI audits.

About CyberGuard Compliance
CyberGuard Compliance is based in the United States, but serves clients around the globe. The firm’s leadership team has over 150 years of combined business management, operations and related information technology (IT) experience. CyberGuard Compliance has performed over 1,000 SOC audits, and unlike most traditional CPA firms which focus on financial statement auditing and tax compliance, CyberGuard Compliance focuses on cybersecurity and compliance related engagements. These engagements include, but are not limited to, SOC 1 Audits, SOC 2 Audits, SOC 3 Audits, SOC Readiness Assessments, ISO 27001 Assessments, PCI Compliance, HIPAA Compliance, HITRUST Compliance, Vulnerability Assessments, and Penetration Testing. For more information, please visit https://www.cgcompliance.com.

With big cost savings in mind, many Oracle Database customers are migrating selected applications to MongoDB. Let’s take a look at some of the factors that are driving this migration, and how MongoDB helps protect and secure data after the migration.

First, how do customers protect data that is stored in an Oracle Database?

Oracle Database supports Transparent Data Encryption (TDE) through a special interface implemented in Oracle Advanced Security. Once you’ve made the costly upgrade to Oracle Advanced Security, you can configure and activate encryption of the Oracle Database through the Advanced Security Wallet application. The encryption support can be either whole database encryption through Transparent Data Encryption or column level encryption. If you are using the Oracle Key Manager (OKM) solution, or a third-party key manager, the interface in Oracle Wallet is usually through a PKCS#11 interface library. This is simply a software library that uses the key manager to protect the local key used for database encryption.

The increase in cost to deploy Oracle Advanced Security can be substantial. It varies depending on your licensing agreement with Oracle or one of their distributors, but it affects the cost basis for each database user.

Faced with the increased cost of deploying Oracle Advanced Security, or wishing to achieve cost savings with existing Oracle Database implementations, Oracle customers are moving to MongoDB Enterprise which has a different security strategy.

So,  how do MongoDB customers protect data in an equivalent fashion?

MongoDB Enterprise edition also supports Transparent Data Encryption of the database. But this is a native part of the Enterprise edition of MongoDB and does not involve additional license costs. Additionally, MongoDB Enterprise overall pricing is substantially lower that Oracle Database [Organizations are saving 70%+ by switching from Oracle to MongoDB]. Without the need for increased costs to get the encryption option, MongoDB customers are able to achieve Transparent Data Encryption in an affordable way.

Additionally, encryption key management is based on the industry standard Key Management Interoperability Protocol (KMIP) as defined by the OASIS standards group. Most enterprise key management systems, including our Alliance Key Manager for MongoDB solution, support KMIP. This means that customers can easily deploy Transparent Data Encryption with an affordable key management solution that plugs into MongoDB through the KMIP interface. This will make security-conscious Oracle Database customers happy in achieving an equivalent level of security after the migration.

MongoDB has been doing a lot lately to woo Oracle Database customers to its platform. While MongoDB is a NoSQL big data database, it supports SQL-like interfaces to the database. This means that migrations from Oracle to MongoDB are pretty straight-forward [A Step-by-Step Guide on How to Migrate from RDBMS to MongoDB].

MongoDB also just announced a key feature that will make Oracle Database customers happy. That announcement is that MongoDB version 4 will fully support Atomicity, Consistency, Isolation and Durability (ACID) as a core feature of MongoDB. This is database geek-speak that means that MongoDB database applications will work with the same reliability as big commercial SQL databases - something that Oracle Database customers expect. I think this will help accelerate the migration from Oracle Database to MongoDB Enterprise database.

Oracle Database customers typically run a wide range of packaged and custom-built applications. I believe that early migrations from Oracle to MongoDB mostly involve those custom-built applications that are relatively simple in their architecture. Migrating from an Oracle ERP or CRM application might involve a great deal of planning and re-engineering. But I think almost every Oracle customer has some custom-built applications that are easy targets for a migration to MongoDB.

The cost savings combined with the ease of migration, the equivalent level of database encryption and key management security, and the new support for ACID database reliability in MongoDB version 4 is a winning combination for MongoDB as a company. I suspect that migrations from Oracle to MongoDB will pick up dramatically this year as MongoDB version 4 roles out.

Here at Townsend Security we’ve done a lot to align with the MongoDB Enterprise strategy. We’ve formally certified our Alliance Key Manager solution with the MongoDB security team, we support both Intel and Power platforms for our key management interface, we deploy in cloud, VMware and on-premise environments, and we’ve aligned our pricing and licensing strategy with the MongoDB strategy. Entry level MongoDB customers can deploy compliant (PCI DSS, FIPS 140-2) key management in an affordable manner, and key management licensing follows the MongoDB model. Even very large MongoDB Enterprise customers will be happy with our key management licensing, scalability, and pricing strategy.

I am impressed with MongoDB’s goal of bringing enterprise level database technology to a wide variety of small, medium, and large Enterprise customers. It’s just the right time for a new, disruptive approach to databases.

If you'd like to learn more about how we are helping secure MongoDB Enterprise with encryption and key management, visit our Alliance Key Manager solution for MongoDB page.

Patrick

The MongoDB database is designed to be resilient and gives you several options for high availability and business continuity. But what about encryption key management - how do we implement high availability when we’ve deployed a key management system for MongoDB encrypted databases? Here at Townsend Security we encounter this question with MongoDB users on a regular basis. Let me share some of the approaches that we recommend.

We can take a GOOD, BETTER, and BEST view of key management high availability. Not every MongoDB database implementation needs extreme high availability, and there are costs and benefits for different approaches. So let’s run down some of the common options:

GOOD

Not everyone uses the MongoDB database for mission critical applications, and hot failover is not needed. But, of course, in the event of a disaster that takes down your data center, network, or servers, you want to be able to recover in a reasonable amount of time. In this case, you can rely on the backup and restore capabilities of Alliance Key Manager for MongoDB. Here is a diagrammatic example of a simple case of a primary and secondary MongoDB implementation that share a single key manager:

In this case we deploy a single key manager to serve both the primary and secondary nodes of a MongoDB implementation. After initializing the MongoDB database for encryption, we perform a key manager backup to archive the master encryption key for the primary and secondary nodes of the database.

Recovery of the MongoDB database may involve migration from the secondary node to the primary node when it is back online, or restoration from a backup image, and a restore operation for the key manager. Alliance Key Manager makes it easy to backup the encryption key database and configuration, and to restore from backup when needed. This is the simplest case of key management recovery when hot failover is not needed.

Remember to follow security best practices when backing up Alliance Key Manager. You will want to save the secret keys separately from the data encryption keys, and ensure separation of duties. See the Alliance Key Manager documentation for guidance on backup and restore operations.

BETTER

For many MongoDB customers the applications built on the MongoDB database represent core, mission critical applications that must be available at all times. These customers need a high availability strategy that guarantees very little loss of availability and rapid recovery. While there are different failover strategies for MongoDB customers, the normal approach would be to failover to a secondary MongoDB node at a geographically independent data center. The primary and secondary nodes would use separate key management systems which would be synchronized. A diagrammatic might look something like this:

The primary MongoDB node has a key manager deployed in its data center or cloud location, and the secondary MongoDB node has a different key manager deployed in its data center or cloud location. The two key managers are mirroring encryption keys in real time in an active-active configuration. Both the MongoDB data and the Alliance Key Manager instances are fully redundant in real time.

BEST

Enterprise customers who build mission critical applications on MongoDB databases and who must have full business continuity and high availability failover can achieve this with MongoDB replication and redundant Alliance Key Manager servers. A primary MongoDB node can associate two redundant key servers, and a secondary replicating MongoDB node can associate two different redundant key servers. Since MongoDB configuration only allows for the definition of a single key server, we can use a load balancer to implement the redundant key management pair. A diagram of this configuration would look like this:

With a load balancer placed between the MongoDB database and the two key managers you can achieve hot failover in the event of a lost connection to the first key server without loss of access to the database. When the connection to the main key server is restarted the load balancer will bring it on line. The two Alliance Key Management servers automatically mirror encryption keys to each other in an active-active configuration.

In the event of a full loss of the primary MongoDB database the failover to the secondary MongoDB database will occur by the MongoDB Arbiter. The fully replicated data will be available and the secondary database will be protected by a pair of Alliance Key Manager servers in the same was as the primary MongoDB database.

Note that there can be multiple secondary MongoDB nodes and each can implement a similar key management failover strategy. With the above strategy MongoDB database customers can achieve a very high level of business continuity and high availability failover.

Additional Considerations

MongoDB database deployments vary a great deal in their overall architecture and implementation. This is a testament to the flexibility of the database and its ability to meet a wide variety of customer use case scenarios. Alliance Key Manager for MongoDB can help improve security and recoverability in any MongoDB deployment.

Alliance Key Manager is available has a Hardware Security Module (HSM), VMware software appliance (virtual machine), and as cloud instances. The interface to all of the key managers works in exactly the same way. This means you can create hybrid deployments of MongoDB and Alliance Key Manager across clouds, and between cloud and on-premise deployments.

At the time this blog was written (March 2018) the MongoDB Atlas cloud platform did not support independent third party key management solutions through the KMIP interface. That is likely to change in the future. For Enterprise customers who must achieve exclusive custody of encryption keys, you can deploy MongoDB in a normal cloud instance and use the encryption and key management capabilities of MongoDB with Alliance Key Manager. You can then migrate to the Atlas service when it supports the KMIP interface for key management.

About Alliance Key Manager

Alliance Key Manager for MongoDB is certified by the MongoDB security team, and supports the MongoDB Enterprise pricing model. Regardless of the size of your MongoDB implementation you will find an affordable and easy-to-deploy Alliance Key Manager for MongoDB solution.

Image Credit:
Load balancer created by AlexWaZa from the Noun Project
Key created by icon 54 from the Noun Project