We used to live in an analog world. We played records, radio stations had static interference, we flattened out dollar bills to work in vending machines and we anguished over hanging chads. Sure, everything was converted into bits and bytes in the end, but the world we interacted with was a physical one.
These days, thanks to the internet, we live in the so-called "connected world." As a result, the new world, the digital world, has expanded, obliterating chunks of cozier analog world. Very often, what's left of the old analog we knew now exists only in the fringes of an entirely digital world.
Today, vending machines on street corners accept credit cards. Electronic voting machines are the norm. Gaming and gambling terminals have gone wireless and cashless. Even projectors in movie theaters are showing digital streams of video.
It's a trend that poses a potentially vexing security problem: How do we secure these new digital devices on the fringe cheaply, effectively and able to scale?
The threats in both the digital and the old analog world are essentially the same: counterfeiting, eavesdropping and data corruption spring easily to mind. But the potential scale is different. In the analog world, things have to be read, changed or replicated piece by piece, item by item. There was a cost of crime. After all, printing fake bank notes isn't cheap. The digital domain makes this task much easier, because mass replication, interception and distribution become a practical reality. Not only is the damage done from a digital attack higher than it once was in an analog world, but the likelihood of attack is also higher.
As the digital world expands, digital information or "content" is no longer confined to secure data centers, managed by IT professionals. Instead, digital content is generated at the fringes or is pushed out to the fringes. Credit card numbers are captured on the street corner, scanned documents are created in remote offices, votes are cast in temporary polling stations, and digital movies reside in the local multiplex. Just the kind of places where IT security staff are scarce or non-existent. Forget the DMZ, digital content is all over the battlefield!
In the past, the best example of street corner security was the ATM. A hardened device with security properties that were heavily regulated by the banking industry and standards bodies. It now seems inevitable that these relatively stringent security properties will become requirements for this new and rapidly growing population of vending systems, data collection devices such as, document scanners and voting terminals and content distribution devices like movie projectors – "fringe" devices that live at the edge of the network between the analog and digital worlds.
The standard for handling sensitive information on corporate servers and at ATM machines is to encrypt it, and furthermore, the secret keys that are the lynchpin for encryption are stored in hardware – specifically, in hardware security modules (HSM). Desktop and laptop computers have followed the same trend, fueled in part by some high-profile data breaches, resulting from the theft or loss of mobile devices. The Veterans Administration, a part of the U.S. Department of Veterans Affairs, for example, suffered an embarrassing loss that prompted it to encrypt all of its laptops within a four-week period last year. Most enterprise-class laptops and desktops now ship with Trusted Platform Module (TPM) hardware, a chip that acts much like an HSM to protect and manage secret keys in hardware. Microsoft's new Vista operating system is the first mainstream operating system that can interact with TPMs, effectively ending the debate over whether keys should be stored in hardware or whether software storage is sufficient.
Both industry best practices and regulatory mandates are accelerating the adoption of ubiquitous encryption, which means that every piece of hardware that sits on the network must be a trusted device. To be a trusted device, it must be able to process and protect encrypted information. Computers and corporate servers are relatively open systems, so adding encryption technology is straight forward. The challenge is how to add secure hardware-based encryption to the new class of "fringe" devices in a cost-effective manner. Most of these fringe devices are not computer-based, are highly proprietary in terms of architecture, and most challenging of all, because they are often deployed in high volumes, can be highly cost sensitive.
So, fringe devices are the next logical phase for hardware-based encryption and key protection, as long as the solution meets the criteria above: cheap, easily embedded and scalable – essentially a "mini" or even "micro" HSM. Without hardware protection, a vast swath of devices in some of the most untrustworthy locations will process sensitive information and represent a serious weak link in corporation's IT security infrastructure attracting the interest of regulators, auditors and attackers alike.
However, hardware protection is not the last step. The high geographically distributed nature of these fringe devices will require organizations to deploy systems to manage the use of encryption and keys centrally. Local staff, if they exist at all, will neither be sufficiently experienced nor trustworthy to perform the operations locally, and manual processes' coordinated and dispatched from the corporate IT group simply won't scale across thousands of devices. The system will need to be automated to a high degree and, it almost goes without saying -- absolutely secure.
Encryption is the absolute last line of defense for protecting sensitive data. As the world transfers information from the physical world to the digital world, we will need to extend hardware security and its security management infrastructure beyond traditional computing devices, right out to the edge of the network.
-Richard Moulds is vice president of marketing for nCipher