Why you can’t stop data breaches – Part I

By Harold Byun, VP Products | April 24, 2020

Over the past decade plus, we’ve seen a continued onslaught of data breaches that shows no signs of slowing down. And as we talk with prospects, we continue to get the the same questions over and over again.

– How are you different than database encryption?
How are you different from TDE (Transparent Database Encryption)?
How are you different from encryption at-rest?

The fact that this question gets asked repeatedly suggests a fundamental misunderstanding of the modern day threat model and how specific security controls are actually mitigating data breach risks or failing to do so.

As an industry, security and compliance professionals have been remiss in specifying encryption types and methods, and have instead, opted for checkbox requirements, such as “data must be encrypted”. Even the much respected CISSP certification spends more time on encryption algorithms for VPNs and handshaking vs. threat model analysis for security applied to actual data values.

The reality is that encryption methods matter and the vast majority of security professionals are relying on a legacy method (encryption at-rest or TDE) that does ABSOLUTELY NOTHING to protect against modern day hacks. (You may also be interested in our CTO’s article on how to break data tokenization here.)

Encryption at-rest and TDE were designed to protect against physical data theft or data center break-ins. This is not how data is being stolen today. We jokingly refer to this as the “Tom Cruise” threat model — a scenario where Tom Cruise (yes, the actor) breaks into a data center and drops down from the ceiling and steals your hard drives. This isn’t what’s occurring in your colo today. And it’s certainly not occurring in AWS, Azure or GCP.

This fundamental mis-match of a security control vs. the threat is one of the main reasons that data breaches continue to occur.



Simplifying Application Level Encryption White Paper

 

Download the Paper


This simplified diagram below helps explain some of the gaps in the above security approaches.

Anyone inside your network, with privileges or access can get your data in the clear if you rely on TDE or encryption at-rest.

As you can see, anyone inside the network or moving laterally or with privileged access can gain access to data in the clear. The encryption at-rest and TDE encryption methods are container-based encryption methods that will do nothing to stop this access. In other words, once you have access and you’re in the network, you’re in.

If your organization operates under an assume breach posture or zero trust model, then the only logical approach, given the above scenario, is to protect your data using data-centric protections as a last line of defense. Alternatively, you can accept the risks and grant that your organization will be one of the many that gets breached or re-breached going forward.

Fortunately, we’ve seen the above questions diminish in frequency over the past couple of years as more and more customers realize that data-centric protection methods can help mitigate the risk of breaches and data theft. And we’ve continued to focus on simplifying data-centric encryption and access control methods to enable a data protection service layer for our customers who recognize that, in today’s world, “encryption” just isn’t enough.

Some Useful Links:

Encryption Complexity
How to Simplify Encryption
Baffle Supported Encryption Modes
Why Data Tokenization is Insecure
Baffle Product Overview