in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Encryption Software: If So Good At Protecting Data, How To Account For Wikileak?

The big news today is the release of US diplomatic cables via WikiLeaks.  I've read somewhere--sorry can't produce a link because today's been a blur of Wikileak-related stories--that the leaked embassy missives are classified as "secret," at least.  What this means is that the communiqués were protected with data encryption.

A friend asked me, if encryption works so well, how can you explain WikiLeaks producing all this information?

Insider Leak?  Vulnerability in the System?  Who Knows?

It's obvious that someone leaked the information to WikiLeaks.  What's not so obvious is whether an insider to the US government did so or otherwise.  This observation is in sync with how encryption software can protect data...and how it cannot.

Encryption cannot protect against data breaches when insiders that have access to the data are involved.  For example, an IT administrator working at the highest echelons of the CIA with the appropriate security clearance decides that he'll leak all this info before calling it quits, a decision that he came to just today.  The man has access to the data because he knows the passwords for accessing the encrypted content.

This data breach cannot be prevented, short of someone figuring out the soon-to-quit employee's motives and stopping him from copying the data to another medium, such as a distant server, a USB stick, a DVD, etc.

Even if insiders are not involved, however, it is possible for outsiders to gain information (possible but unlikely in this case).  A common way is to plant keystroke logging software in a computer, recording a computer-user's click-clacks from beginning to end.  This way, one can either gain access to the passwords required for accessing data, or one can just dispense with breaking in because he already has a copy of all the words typed.

Is Encryption Useful At All?

Yes, of course it is.  The reason why WikiLeaks's diplomatic cables are so fascinating is not because it comes from the government.  I mean, would you find DMV paperwork as enthralling?  Are you a regular viewer of C-SPAN?  Instead, everyone wants to take a peek because they couldn't do so before.  Because it was secret.

What kept it secret all this time?  Encryption, plus other data protection technologies and policies.  Anyone who's involved in the encryption business knows there is no such thing as 100% security, in this industry or any other, for that matter.

Remember, the only secret that is 100% is the one that you keep to yourself and share with no one.

 
<Previous Next>

Data Encryption Ransomware Making The Rounds, Asking for $120

Hard Disk Encryption: WikiLeaks has Bank Of America Executive's Hard Drive?

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.