Freely subscribe to our NEWSLETTER

So when one considers the notion of how security solutions are becoming more utilized for the protection of online data, understand the term “security” is not simply about keeping bad guys out of places they are not supposed to be, but also (and perhaps predominantly) about securing the continued operation and longevity of the business models that organizations rely on for growth. This is why it is best to consider the classic CIA triad (confidentiality, integrity, availability) when examining this question.

Confidentiality: Simply put, confidentiality is about keeping things secret from anyone who is not authorized to know the secret. This could be anything from financial information, trade secrets, medical data, battle plans…or anything else one would like to prevent others from seeing. With the growth in online users over time it has become increasingly difficult to keep prying eyes off of our online data. At one time it was considered acceptable to use “security by obscurity” to protect information, then eventually complex passwords, but today organizations are utilizing HSMs (hardware security modules) with tamper evident microcontrollers and PKI (public key infrastructure) in order to offer much higher assurance that secrets remain secrets.

Integrity: Integrity is all about making sure the data remains intact and unaltered once it has been created and is either moving through networks or at rest in storage. In the days of pencil and paper this was accomplished by keeping copies of information with versioning applied (usually a date stamp sufficed) and cross checking if a question arose, or simply just to make sure nothing was inadvertently altered. With the vast amount of fast moving data available today in the online world, existing only in bits and bytes on magnetic or logic-based storage media, new methods have arisen (new being a relative term). Today data is “hashed”, meaning it is assigned a value based on its current composition, and if data integrity is questioned the data can be hashed again and values can be compared, and if the data changes the hashes will not match and you know the data integrity has been compromised. Systems also log data access and changes so failed integrity checks can be more easily investigated for specific moments where the data changed. Additionally, data is often mirrored in real time, in case one system fails, and regular backups are often taken to allow organizations to go back in time if needed.

Availability: This is the area where I believe the greatest improvement has happened. Ultimately not being able to access data when it is needed or wanted is what is likely to have the most immediate impact on online users. The massive increase in bandwidth of data networks coupled with the growth in speed of computers of all sizes has led to real-time availability that allows the seemingly impossible to occur. I can take a picture with my phone and have it appear on my desktop and 3 different online storage sites within minutes (sometimes seconds). If I lose my phone or laptop I can restore all my data from online backups by simply buying a new device and authenticating to online servers that will automatically make me whole again. Organizations do not necessarily have to provide all of the methods for ensuring availability, by merely providing an API so other organizations can get in the game. An example would be Apple providing the capability for Google and Amazon to back up my photos. This allows Apple to give me peace of mind without having to manage all the means of availability.

This is certainly not an exhaustive list, and it is also important to understand that organizations users choose to do business with in the online world are not necessarily always providing all of these features…nor are they always doing a good job. It remains the responsibility of all of us to do our own due diligence in order to ensure that our online experience remains secure. I do believe we are all getting better at this, but we can always do more.