Information Systems 365/765Information Systems Security and Strategy

Lecture 3Data Classification and Data Loss Prevention

Today’s Agenda

• Discuss Frontline video, “Cyberwar” and assignment #1

• Discuss readings, Cyberwar, Chinese Hackers, Vendor Liability

• Lecture, Data Classification and Data Loss Prevention

Readings Are Now Online

• We are going to save some trees!• Readings are all at:

mywebspace.wisc.edu/ndavis1/365• Readings are placed in the folders

for each class session. For example, readings for Thursday, September 11, are in the September 11 folder

• Link to Cyberwar video is in September 4 folder

Cyberwar Video• Overall, what did you think of the

premise that both government and the private sector are at risk for cyber-attack?

• Can you think of specific businesses which should be concerned about cyber-attack?

The CIA Triad

• Confidentiality• Integrity• Availability

• The goals of a secure information system

Confidentiality

Confidentiality• Confidentiality is

assurance of data privacy

• Only the intended and authorized recipients: individuals, processes or devices, may read the data

• Disclosure to unauthorized entities must be avoided

• Examples - Rayovac

Ensuring Confidentiality

• Encryption of data• Protecting the data with some type

of authentication such as username/password

• Data handling policies• Data storage policies• Data retention policies

• Which of these are technical controls? Which are administrative controls?

Integrity

• Integrity is assurance of data and/or source non-alteration.

• Data integrity is having assurance that the information has not been altered in transmission, from origin to reception.

DICOM Example of Data Integrity

Source Integrity• Source integrity

is the assurance that the sender of information is who it is supposed to be.

• Source integrity is compromised when an agent spoofs its identity and supplies incorrect information to a recipient.

Spoofing Data and Source Integrity

• Data integrity can be compromised when information has been corrupted or altered, willfully or accidentally, before it is read by its intended recipient.

• We will study ways to avoid such spoofing

Ensuring Data Integrity

• Digitally sign the document

• Digital signature uses a checksum to ensure data integrity

How a Check Digit/Checksum Works

• A check digit consists of a single digit computed from the other digits in the message.

• This is accomplished with a simple formula

• More complex messages require the use of a checksum

Check Digit Example

• UW-Madison ID Card• The last digit is a check digit• Let’s use example “524” with a check

digit of “3”, so your student ID might be “524 3”

• Formula example, check digit = first digit + second digit – third digit. In this case, 5 + 2 – 4 = check digit of 3

• Equipment reading your card can be programmed to make use of the check digit if it knows the formula for computing the check digit

Availability• Availability is assurance

in the timely and reliable access to data services for authorized users. It ensures that information or resources are available when required.

C&I Are Nothing Without the A

• Confidentiality and integrity can be protected, but an attacker causes resources to become less available than required, or not available at all.

• Denial of Service (DoS)• Do you remember the DoS

discussion on the video?

Ensuring Data Availability

• Fully redundant network architectures and system hardware without any single points of failure ensure system reliability and robustness.

• Virus scanning / malware scanning

• Striping of data across hot swappable disks, mirroring data, remote live site.

CIA Summary• To secure data,

you must ensure confidentiality, integrity and availability

• Be careful not to compromise confidentiality and integrity as you seek to provide availability

How Do We Know If Data Should Be Protected?

• Before we build a system to protect business data, we need to understand how to rate the sensitivity of business data

• This is done through data classification

Data Classification• Data Classification is

the conscious decision to assign a level of sensitivity to data as it is being created, amended, enhanced, stored, or transmitted.

Data Classification Levels

• Top Secret• Highly Confidential• Proprietary• Internal Use Only• Public Documents

• Terminology varies by organization

Top Secret• Highly sensitive internal

documents e.g. pending mergers or acquisitions; investment strategies; plans or designs

• Information classified as Top Secret has very restricted distribution and must be protected at all times. Security at this level is the highest possible.

Top Secret - Handling

• Must sign in to gain access to the data

• Must be supervised while viewing the data

• Must not remove the materials from the secure viewing area

• May not copy the data or even be in possession of devices which could copy the data, including pens and paper

Highly Confidential

• Information that, if made public or even shared around the organization, could seriously impede the organization’s operations and is considered critical to its ongoing operations.

Highly Confidential – Handling

• May only be shared with a specific list of people

• May not be copied• May not leave the company’s

physical location

• More administrative control here than with Top Secret

Proprietary• Information of a proprietary

nature; procedures, operational work routines, project plans, designs and specifications that define the way in which the organization operates.

Proprietary - Handling

• May only be shared with a specific list of people

• Copying is permitted but not encouraged

• May be taken off-site• May not be shared with

anyone outside the company

Internal Use Only

• Information not approved for general circulation outside the organization where its loss would inconvenience the organization or management but where disclosure is unlikely to result in financial loss or serious damage to credibility.

Internal Use Only - Handling

• Does not necessitate an authorization list

• May be copied without reservation

• May be taken off-site• May not be shared with the

public

Public Documents

• Information in the public domain; annual reports, press statements etc.; which has been approved for public use. Security at this level is minimal.

Public Documents - Handling

• No distribution list required• May be copied at will• May be taken off-site• May be shared with anyone

and even promoted

Data Loss Prevention (DLP) Technologies

• First classify your data• Now, protect it appropriately• Control the environment• Control access to the data• Protect while in transit• Protect while in storage

Next Generation Compliance Filters

• Content filters for HIPAA, GLB, SOX and other regulations automatically scan emails for protected financial and health information. Easily extensible lexicons allow companies to customize these rules to meet specific requirements.

Appliance

Anti SPAMAnti SpywareAnti Virus

Host Based Software

• Virus Scanning on your workstation

• Personal software firewalls

Appliances vs. Host Based DLP

• Both provide some protection• Host based is usually more

configurable, but harder to manage, especially at remote locations

• Appliances are more rigid

Encryption

• Protects confidentiality• Ensures recipient

authentication (Only the intended recipient can decrypt the message)

• We will spend an entire lecture on email encryption and YOU will send encrypted email

Content Scanning

• Can be hardware or software based

• HTTP traffic, viruses, malware• Phishing attempts• Peer to Peer applications• Instant Messaging• Key loggers

Enterprise Management Tools

• The ability to know exactly what your users have been doing, in a form which can be audited. Web, email, etc.

• The ability to control the sending and receiving of specific content.

• Websense