Getting Data Security Right with Advanced FPE and Stop Decrypting!
I’ve seen some quite interesting differences in the analyst community when it comes to understanding the benefits of data-centric security, especially Format-Preserving Encryption (FPE) – some only understanding half of its power, and others getting it absolutely right, so I thought I’d clear things up a bit.
Perhaps this is based on looking at some of the other vendors who’ve recently added FPE-type approaches, attempting to mimic some of our nine years of industry leadership and standards development work in this area, but taking a very simplistic and less useful implementation approach based on a rudimentary implementation of the algorithms themselves which are very basic and don’t offer “full power” FPE.
When we implement Format-Preserving Encryption at Micro Focus we add a whole array of capabilities on top of the raw algorithm itself to make the data useful in executing applications, analytics and business processes – without needing to decrypt it. We do this on any platform, at massive scale. That means most if not all of your applications operate to a very wide extent on de-risked data without needing the live data elements – no decryption. For rare cases where the live data needs to be processed (e.g. on capture or to pass to a third party), we’ve a whole array of policy controlled options for pretty much every platform including Azure and AWS, mission critical systems tools like z/OS and HPE NonStop, Teradata, Hadoop tools and lean yet powerful API’s and file processors to match all manner of scenarios and platforms. These keep data secure wherever it goes, even in complex Hybrid IT systems bridging mainframe transaction processing to the latest cloud micro-service for augmentation of processing power on demand.
For example, a query running to a database or from a BI tool to Hadoop can operate using, respond to, and return encrypted data for insights into customer behavior analytics without decrypting live identity data that might be regulated under PCI (Payment Card Industry), GDPR (General Data Protection Regulation), HIPPA (Health Insurance Portability and Accountability Act) or other compliance mandates. With a correctly designed set of data policies, there’s no need to decrypt and you can use protected data without exposing it to risk. For vendors, doing this is tricky and needs cryptographic expertise and know-how to make it happen securely – that’s exactly our DNA and why our FPE technology is quite different. We have multiple on-staff world-renowned cryptographers, and work with the best in academia for on-going state-of-the-art advances in FPE and crypto technology to keep data secure at all times. That’s really the point of a modern data-centric strategy – don’t decrypt. If you don’t decrypt, then you don’t need to expose keys, don’t need to grant access, don’t need cycles on CPUs to convert across systems, and don’t need to worry so much if data is inadvertently exposed. Enterprises can start to do more with data too – use lower cost IT, cloud, big data – overcoming live data risks and objections.
Of course, not all vendors can do this and require endless decrypt/re-encrypt cycles as data goes in and out of databases which adds complexity instead of removing it – and if it’s just protecting data in the database, that’s only data at-rest protection, not in-use or in-motion where most attacks happen. Not so with Micro Focus FPE and Voltage SecureData – we retain more logic and value in the data in its protected form so data can be used as encrypted – and stay encrypted. We’ve been doing this for years in enterprise applications and payments. Your data is probably protected by it right now without you knowing it. Data secured by default. That’s how it should be, right?
For example, if you shop in major retailers, or even pay for a pizza or sippy cup with your trusty chip or stripe card in the US, it’s likely protected by Voltage SecureData and our FPE technology and your data is safe. Underneath it’s our FPE magic at work. Technically, it’s incredibly hard to encrypt a full EMV payload or old-style magnetic stripe track in that card reader in what looks and feels like a valid track and keep everything usable in encrypted form –all those encoded bit fields and parameters still need to “work”. After you swipe or insert your chip, this encrypted payment card data flows over a complex array of payments systems from varying vintages, gets stored along the ride, end-to-end to the bank. Yet with our FPE, it’s encrypted and invisible until it gets to the acquirer bank – data protection stays at all times, and yet is usable along the flow. The same goes in the enterprise – protecting complex data structures and formats end-to-end – without decryption – as it flows in and out of applications and databases.
This might be why some well-known analysts correctly categorize how we do FPE in the “Data in-Use”’ Encryption class, but others have a more narrow view and may be under the impression that FPE data would be decrypted as it leaves a database. That’s not how our customers use it –and not how we recommend it be used for maximum value and minimal impact. We recommend you avoid decryption – and avoid risk and complexity in the process. Hopefully the analysts are reading this and have a new perspective. After all, it’s probably their data too that we’re protecting end-to-end in all those leading enterprises operating this way.
About the Author:
Mark Bower is Global Director of Product Management for Micro Focus. He will be delivering a session at The Teradata PARTNERS 2017 Conference titled, “Mapping Encryption to GDPR requirements: practical use cases.” He is also an author of many articles and blogs, including; “Micro Focus Warns on the Risk of Incomplete Data Protection: A Wake Up Call Following Recent Mega-Breaches,” and “Retail Debit and Credit Card Breach – Help is here.” on the voltage.com blog.