When it comes to processing sensitive data, enterprises must make sure that they have comprehensive security parameters in place in order to protect personal information from unauthorized access. Encryption is a highly touted means of security. While this can be a positive and useful method to secure data, the downside of encryption is that it does not leave you with security completely assured. The reason is that, while the information does not appear in plain text, it is easily decipherable if the associated encryption key is acquired. Quite frankly, these keys can be difficult to keep track of, especially in a working-from-home environment in which encryption keys may be shared on messaging platforms or with people who shouldn’t have access to them.
This is where the concept of secret isolation comes into play. You can leverage secret isolation in two different ways to protect your personal data – a central access model and a shared access model. Each method is highly dependent on your business needs. In a central access model, the protection system and its secrets are stored in a centralized location. For a non-technical example, think of building security. When protecting a building, a security guard with keys acts as the sole and central enforcer of security, denying third-party access to those who don’t warrant it, and only granting access to those who require it. All access decisions depend entirely on the security guard.
In a shared access model, the protection information is shared and distributed to all the instances that need access to this sensitive information. Extrapolating to the same building analogy as above, the security and keys are distributed to everyone who requires access to the building, not just to the central security guard. In large enterprises, this could quickly rise to thousands of people having keys. As you no doubt have seen in building scenarios like this, people can share physical keys or key fobs in certain situations—“hey, can I use your security card to go to the bathroom?”—even when rules expressly prohibit it. Who can keep track of all those keys?
Challenges & Opportunities
Clearly, in the central access model, you can easily administer access and security because only one point of granting access needs to be accounted for, whereas with the shared access mode security is more difficult to manage due to challenges inherent in monitoring who actually has access to these keys and how they are being used and shared. It is much easier for those who do not have permission or access to be granted permission on a case-by-case basis.
That is not to say that the central access model doesn’t have its own challenges. Imagine in our building analogy that the security guard is off sick—well, then, nobody is at the guard desk! Perhaps you’ve walked into a secured building with nobody in attendance in the lobby, and you just stood there alone wondering whom to call? The result is that no one can access the building, even if access is required and permitted. To circumvent this problem with centralized building security, enterprises should and do implement a team of guards who work in shifts, meaning that someone is always available to monitor and control access at any given time: somebody’s always in the lobby. Bringing this back to a data security setting, we can confidently say that allowing predetermined privileged users to act as a conduit to sensitive data is far more secure than simply handing keys to any individual who requests them. In general, the fewer people who have access to sensitive information, the more secure that data will be.
When it comes to software, using the central model can ease access control and auditing, but it is also possible to harden the system to make it more secure. In the real world, encryption is known for requiring shared secrets and subsequently necessitating complex key management. Tokenization, on the other hand, will leverage a central access model. Both methods can be implemented either way. When you’re looking for a data protection solution which addresses your specific business needs, you need to look behind the marketing jargon and understand the properties of each protection model and how it is implemented in order to meet your exact needs. To make an informed decision about your data security investment, you need to gain the necessary understanding of both the benefits and drawbacks of all possible solutions.
What type of “building” is your data environment?