Friday, December 21, 2012

Data breach: Beware of the side channels

Let's start with the news that prompted this entry: "Swiss spy agency warns U.S., Britain about huge data leak" on Reuters.

A side-channel is a way of transferring data that is "out of the usual path". In today's world of e-mail, google Drive, Dropbox and Microsoft SkyDrive, a USB thumb drive looks like yesterday's jam. A modern hard drive can store 3TB enough to store approximately 125,000 A4 pages scanned in high resolution. That's quite a lot of secrets ...

This is not, however, the only way of taking data off of a secret network: what about printouts? Or screen hardcopies? Taking a picture of the screen? Even memorizing documents?

Controlling side channels is not easy: it would be impractical to ask all and each employee to strip down and change clothes before entering the data sensitive areas, and even so: there are possible ways out. (No pun intended)

That's were data sensitive agencies need to put statistical controls in place: is it normal that employee A accessed around 1 million documents ranging from 2000 to 2012? Or employee B has accessed a certain document 20 times during the last week, but is not supposed to be working on that case?

Behavioral statistics can also indicate a change in a person: arrival and departure times, repetition of late lunches and so forth can help track someone whose habits have changed either abruptly or over time.