Category List

Tag List

Tag Cloud

Archive

14 Feb, 2012

There’s more than one way to protect enterprise data.

In discussing these options, especially as they pertain to loan servicers, it’s first important to understand data encrypted at rest and data encrypted in motion. The latter refers to the normal encrypting of data just before it’s sent over a communication channel. After an encoding process, the data is sent to its destination. During this journey from point A to point B, the scrambled information is unreadable to external parties. Upon arrival, the data is decrypted and stored in a readable manner.

Data encrypted at rest is data that is encrypted while sitting idle on its home server. This
renders the data useless should a rogue database admin walk off with a company hard drive or flash drive.

In recent years, financial industry regulators and auditors have started to require that the Personally Identifiable Information (PII) be encrypted at rest. PII is defined as any information that identifies a person, for instance, a Social Security Number.

 

Seeing this industry trend toward encryption at rest, we decided to act on behalf of our Nortridge Loan System (NLS) customers. But first, we had a choice. One option was to use database encryption, for example Microsoft SQL Server’s Transparent Data Encryption (TDE). This option (and its equivalent in Oracle) allow for encryption of the database at rest. Having the data encrypted at rest keeps the data encrypted in backups, exports, and on the hard drives. Were a backup or the actual hard drives from the server be stolen, the data would remain encrypted. Without the encryption keys, the data would be unreadable. While this option is very effective, we chose a different path.

We chose to build encryption into NLS at the column level of the database using 256-bit Advanced Encryption Standard (AES). For us, it negates the need to use Microsoft SQL Server Enterprise Edition or to setup the TDE.

Why choose AES at the column level? Our main reason is that our customer base is typically on Microsoft SQL Server Standard Edition. Microsoft TDE is only available in the Enterprise Edition of SQL Server, which is more expensive and would require an upgrade of the database server.

AES, which has been adopted by the U.S. government, is extremely secure. In fact, it’s so secure that I need to share a ridiculous statistic. Assuming a brute-force attack (an exhaustive key search in which every possible combination is attempted) executed at 1 quadrillion combinations per second, it would take longer than the current age of the universe to crack the code.

When upgrading to NLS version 4.5 and later, the upgrade will create a private encryption key and encrypt the following data elements at the column level:

• Social Security Numbers
• Drivers License Numbers
• Credit Card Numbers
• Bank Account Numbers
• Credit Bureau information related to PII
• All modification histories of PII information

This data being encrypted at rest will be decrypted when requested to be shown in the application and then re-encrypted when modified and saved to the database. This is also the case with all of the Nortridge interfaces and reporting tools.

There are two sacrifices that are made with encrypting the data.

First, querying the data. Partial number searches of the Social Security Number are now not possible. Searches for an entire SSN number will still operate.

Second, any custom reports or interfaces that a customer has that include PII data will have to be modified. Nortridge provides a library, NLSClientLibrary.dll, that allows our customer to decrypt the data for custom reports and interfaces. This library is available in both 32-bit and 64-bit variations. There is also a stored procedure that allows for decryption directly in SQL Server.

Though data encryption always comes with trade-offs in terms of minor performance penalties, we feel like NLS database information is securely protected in the most practical way available for our users.

-Greg

Add Pingback

Please add a comment