Data Encryption

Purpose

This document provides the Chemwatch employees (primarily IT) with the information required to effectively and efficiently plan, prepare and deploy encryption solutions in order to secure Legally/Contractually Restricted Information (Sensitive Data) 

The focus is on providing a range of tools for the most common systems that are likely to be deployed in the Chemwatch environments which store, transmit or process Sensitive Data.

When properly implemented, encryption provides an enhanced level of assurance that the data, while encrypted, cannot be viewed or otherwise discovered by unauthorized parties in the event of theft, loss or interception.

Policy Statements

  1. Sensitive data transferred between Chemwatch and clients should be protected by encryption.
  2. Transfer of data can be made by: post or delivery service, Chemwatch employee.
  3. Transfer of sensitive data should be traceable (registered mail, etc.).

Types of Encryption

  1. Boot Disk Encryption

    Scenario:
    Mobile systems such as laptops are highly susceptible to theft and frequently contain valuable data. Boot disk encryption requires the key in order to start the operating system and access the storage media. In this scenario the operating system is removed as a vector for attack in the event of physical compromise. Boot disk encryption is typically implemented in conjunction with full disk encryption.

    Product(s):
    BitLocker, Symantec Endpoint Encryption, PGP Desktop, TrueCrypt*

    OS-Integrated Product(s):
    BitLocker

    Preferred Product(s):
    Symantec Endpoint Encryption

  2. Email Encryption

    Scenario:
    Email-specific products integrate encryption into the email client, allowing messages and attachments to be sent in an encrypted form transparent to the user. This is most appropriate for departments whose users require frequent and regular encryption of email communications. Most departments can make use of a broader range of file/folder encryption products to encrypt individual files and folders.

    Product(s):
    PGP Desktop

  3. External Devices Encryption

    Scenario:
    External devices such as hard drive, DVDs, CDs and USB flash drives can be encrypted in their entirety. Data on these systems can be considered secure without access to the key and encryption software.

    Product(s):
    Cryptainer LE, PGP Desktop, TrueCrypt*


  4. File Encryption

    Scenario:
    Individual or multiple files can be encrypted separate from the host operating system. These encrypted archives can be stored in different locations such as network shares, external hard drives or be transmitted securely via e-mail.

    Product(s):
    7-Zip, Cryptainer LE, Disk Images, EFS, FileVault, PGP Desktop, TrueCrypt*, WinZip, WinSCP, WinZip

    OS-Integrated Product(s):
    Disk Images, EFS, FileVault

  5. Folder Encryption

    Scenario:
    Folders containing data can be encrypted separate from the host operating system. These encrypted archives can be stored in different locations such as network shares, external hard drives or be transmitted securely via email.

    Product(s):
    7-Zip, Cryptainer LE, Disk Images, EFS, FileVault, PGP Desktop, TrueCrypt*

    OS-Integrated Product(s):
    Disk Images, EFS, FileVault

  6. Full Disk Encryption

    Scenario:
    Full disk encryption encrypts all data on a system, including files, folders and the operating system. This is most appropriate when the physical security of the system is not assured. Examples include traveling laptops or desktops that are not in a physically secured area.

    Product(s):
    BitLocker, Symantec Endpoint Encryption, PGP Desktop, TrueCrypt*

    Preferred Product(s):
    PGP Whole Disk Encryption

  7. Mobile Device Encryption

    Scenario:
    Mobile devices such as PDAs and smartphones allow users to exchange, transfer and store information from outside of the office. The extreme portability of these devices renders them susceptible to theft or loss. ISS/C recommends the use of standardized devices such as laptops for storing, transmitting or processing Sensitive Data.

    Product(s):
    BlackBerry Content Protection (BlackBerry Content Protection is not available on all BlackBerry devices), iPhone Encryption

  8. Transport-Level Encryption

    Scenario:
    Secure transport client/server products provide transport-level encryption to protect data in transit between the sender and recipient in order to ensure delivery without eavesdropping, interception or forgery. This scenario requires the appropriate configuration of a server in order to allow clients to connect in a secure manner.

    Product(s):
    FileZilla, PSFTP, SCP, WinSCP

Forms/Instructions

Step 1 - Data Classification

Data classification is the process of assigning a level of sensitivity to data and determining to what degree the data needs to be controlled and secured. Differentiating between data of little or no value and data that is highly sensitive is crucial when selecting and deploying an encryption solution.

The process of classifying data is rarely simple. It is most often a collaborative process requiring the active participation of data owners who have the greatest familiarity with the data, and who are indispensable in accurately identifying the value of individual and aggregated data items.

Step 2 - Product Selection & Implementation

Encryption products should be selected based on the type of encryption they offer and the technical details of the system on which they will be installed, such as operating system. Most products are available for only one operating system, some are available for multiple operating systems, some are platform specific and are included as part of a standard installation. 

Step 3 - Key Creation

The construction of encryption/decryption keys should follow the established standards detailed above.

Step 4 - Key Management

Encryption products use one or more cryptographic keys to encrypt and decrypt the data that they protect. Some products support the use of a recovery key that can be used to recover the encrypted data if the regular key is lost. If a key is lost of damaged it may not be possible to recover the encrypted data. Departments need to ensure that all keys used in a storage encryption solution are secured and managed properly to support the security of the solution.

Extensive key management should be planned which will include secure key generation, use,storage and destruction. Considerations should be made as to how these key management practices can support the recovery of encrypted data if a key is inadvertently disclosed,destroyed or becomes unavailable. Specific technical options should be tied to particular products.

Departments need to ensure that access to encryption keys is properly restricted.Authentication should be required in order to gain access to keys (passwords, tokens,etc.). The keys themselves should be physically secured with at least two upper-level trustees assigned access.

Step 5 - Key Recovery

The technical and procedural processes that are established and followed in order to retrieve or change encryption keys in a controlled and safe manner are referred to as key recovery.In the event of compromise or loss all affected keys must be revoked and/or changed and redistributed. Some products incorporate key recovery as a technical feature.


(Satisfies ISO 27002 10.8.4, 10.9.1, 10.9.2, 12.2)