How to Ensure Complete Web Transaction Privacy – Even After Your Data is Stored

Most forward-looking companies today leverage the internet as their primary business communications tool linking employees, customers, partners, and suppliers.

Indeed, we are seeing the deployment of more and more back-office applications with a web-based front end, including everything from enterprise resource planning and customer relation management applications, to B2B e-commerce and custom software applications for vertical markets.

Although these web-based applications help extend the boundaries of the extended enterprise, improve operational efficiencies, and create new revenue opportunities with customers, they also create significant new information security risks for everyone involved. The problem is that the internet is inherently insecure, which means that data is at risk when it is in transit over the internet and when it is stored on internal servers and databases. As every IT manager knows by now, these security issues are very real and must be dealt with effectively.

Protecting web-based data in transit over the internet is pretty straightforward. For example, you can use the secure sockets layer (SSL) protocol to establish secure connectivity with any web-based client, regardless of their physical location. The transaction path is secured through the use of cryptography, rendering data in transit unreadable by would-be attackers.

However, SSL's value often ends when the secure connection is terminated within the enterprise. At that point, sensitive customer and business data is typically unencrypted, converted back to clear text, routed through the internal network, and stored on backend application servers and databases.

This, unfortunately, is the point in the transaction where sensitive data is perhaps the most vulnerable. Why? Because there may be cyberattackers lurking in the corporate network as a result of successfully penetrating other access points. For example, if the firewall is not configured properly (which is often the case), or even if it is, attackers can find ways to sneak through and gain full access to thousands of customer credit cards, patient records, insurance claims, financial plans, etc.

Just recently, one company in the U.S. was a victim of this type of attack, resulting in the theft of millions of personal credit card numbers. And this wasn't an isolated example. Many large and well-known companies have been victims of attack in recent years, directly as a result of unprotected data stored on backend systems.

The result of that type of data theft, defacement, tampering and/or distribution is not only significant financial loss, but also business disruption, productivity loss, and - perhaps most damaging - loss of consumer confidence with the company because they did not adequately protect their information assets.

One solution for safeguarding data in storage is to install special cryptography software on each server to encrypt sensitive data stored on servers and databases, thus ensuring that it is protected and 'unreadable' by potential hackers. While this strategy might seem effective, it has several drawbacks.

  • The secret keys used for encryption are stored on insecure web or application servers. This means that if attackers can get access to the secret keys, they don't need to try to manually decipher the encrypted data fields. Instead, they can simply use the secret keys on each server to 'unlock' all of the sensitive information wherever it is stored. If they succeed, they could walk away with enough confidential data to bring down a business. This is a risk IT organizations cannot afford to take - especially in the government, health care, and financial services markets, where government regulations require safeguards for sensitive information.
  • Every time this type of software needs to perform its cryptographic function (which can be a computationally-intensive function), it needs to tap into the processing power of the server. This process, which is repeated every time specified data must be encrypted, protected against tampering, or fingerprinted, can significantly degrade server performance and application response time - particularly in a transaction-intensive server environment. The performance problem can be solved by adding more servers to share the processing load, but that approach is neither cost-effective nor scalable.
  • Having special cryptography software installed on every target application server could easily become an administrative nightmare. This includes not only the time required to install configure, maintain, and update the software for each server, but also the administration requirements associated with secret keys, logging and reporting for each server. This solution simply does not scale. IT organizations would rather minimize complexity wherever possible.

A better solution involves a two-part strategy. First, let servers to do what they do best - handle requests for information. This basic strategy allows IT organizations to extract maximum performance value from the extensive farm of web and application servers. Second, offload processor-intensive security functions from servers onto a specialized platform that can easily interface with transaction servers. That way, when any sensitive data is submitted to an internal server, the server automatically forwards that data to a separate platform where it is instantly encrypted and delivered back to the server or database for safe storage.

This type of specialized transaction security platform should be able to simultaneously handle cryptographic services, key management and certificate administration for multiple web and application servers. This would give customers a scalable solution that delivers enhanced transaction privacy, simplified security administration, and restored server performance.

As the quantity and quality of B2B and B2C web transactions continues to grow, the need for complete, end-to-end transaction privacy will become increasingly important. It is important for all internet-powered businesses to understand that traditional perimeter defense systems are still essential, but no longer adequate on their own to address critical transaction privacy requirements. Businesses owe it to themselves - and their employees, customers, partners, and suppliers - to ensure that sensitive data remains private throughout the transaction, especially when the data is finally stored on backend systems.

Franklyn Jones is head of marketing, Ingrian Networks (


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.