Preventing Another Wikileaks

Published: January 19th 2011
in Economics » World

Aside from revealing diplomatic secrets, Wikileaks also showed the world just how vulnerable our secure data is.

Besides spilling the secrets of 100 empires, the Wikileaks scandal revealed to the world just how vulnerable "secure" data really is - and how ineffective traditional data protection methods, like firewalls, really are. After all, if an army officer armed only with a rewritable CD could manage to lift hundreds of thousands of sensitive and top-secret documents from a U.S. Defense Department server - which one would assume would enjoy full protection from intruders - what hope is there for the rest of us?


A great deal, says Alon Samia, CEO and co-founder of Covertix, an Israeli startup offering a product that might have prevented the mass revelations of diplomatic secrets by Julian Assange. The company's document technology prevents unauthorized individuals from opening and reading files, alerting managers when a document's security is compromised and automatically blocking usage if unauthorized use is suspected.


"With the growth of online information fencing, where it's easy to sell credit-card and other data, the incentive to steal information is greater than ever," says Samia. "The danger is just as great -- perhaps even greater -- from organization insiders as it is from outsiders."


Using the Covertix SmartCipher system, Samia says, lets organizations keep track of documents and data that are at risk, even from employees who have physical access to servers and can copy whatever they want by attaching a USB drive to a data port. With SmartCipher, they may get away with copying a document - but they won't be able to read it.


Playing by the rules


In a system protected by SmartCipher, documents get tagged with a small attachment containing a set of rules specifying who is authorized to access them. On servers where SmartCipher is installed, the systems keeps track of all document access - who read it, when, on what computer and whether any changes or copies were made. Outside the office, users authorized to read the document must first install a plug-in unique to the particular company. Samia likens this process to receiving a PDF and having to install a PDF reader.


In-house and out, the Covertix system can assign different rights to recipients. Beyond access, the Covertix rule-set can regulate just about any user action regarding the document, including whether it can be printed, copied or forwarded. And if those permits are in place, the Covertix plug-in will report back to the server that armed it with the rules exactly where the information went.


Those rights could vary by computer as well - for example, a rule could be implemented that would let laptop users view, but not edit, a document. The rules can also analyze content. For example, if a document contains one credit-card number, it could be assumed that the number belongs to an individual attempting to buy something online. But 10 numbers would indicate that the document is a record of company customers that has no business being in the hands of someone outside the organization, and the rules would prevent the file from being opened.


Depending on the level of security, the system could potentially even ban a recipient from accessing the document based on location. For instance, if the document rules expect a particular IP address on the recipient's computer and a different one shows up, the system could assume that it is being accessed by an unauthorized individual.


‘Like a GPS for documents'


Despite the extensive authentication process, the security handshake process is invisible to users. As far as document recipients are concerned, they're looking at a regular file.


Related articles: (Covertix, SmartCipher, Wikileaks)
Share with friends Print this page Read later Recommend 0 times