Data breaches pose a significant risk to digital retailers, leading to lost customer trust and potentially far worse. Whether it’s malicious code placed on a checkout page or a clever phishing attack, hackers will find a way to siphon off sensitive customer data. A report published by cybersecurity firm Shape Security showed that 80% to 90% of the people who log in to a retailer’s ecommerce site are hackers using stolen data, accounting for $50 million per day in potential losses.
Clearly, efforts to keep the hackers out of retailers’ databases are not working. Perhaps it’s time for retailers to consider a different approach — one where if hackers get in, they don’t walk away with anything of value. Consider a jewelry store where every item on the shelves consists of worthless glass gems — all the diamonds, rubies and emeralds are kept offsite in a safe. It might be annoying to have the front window broken in the event of a heist, but the cost hit would be minimal.
One of the most effective ways to put the equivalent of costume jewelry in your database is with expanded use of encryption and tokenization, both of which can be implemented without disrupting current applications and processes. By using these technologies, retailers essentially use algorithms to transform sensitive customer and other data into a non-readable form. Even a massive data breach yields nothing of value to the hackers, and has no impact on the retailer’s reputation.
Unfortunately, database administrators and IT professionals have historically viewed encryption as carrying unacceptable performance overhead, and data security professionals have viewed it as redundant — only useful if firewalls, identity management and other security measures fail. As the steady stream of data breaches indicates, it’s time to shatter this false assumption.
Embracing Application Encryption
The goal for any organization should be to proactively encrypt sensitive data as soon as possible, and keep it secured until it’s needed for processing authorized transactions. By implementing encryption up front at the application layer, data exposure to outside threats is virtually eliminated.
This “top-down” approach to encryption also reduces the need for secondary encryption platforms like full-disk hard drive encryption software. This largely addresses the concern that encryption at the application layer — where it’s needed the most — is cumbersome to deploy and manage.
Fundamentally, application encryption allows organizations to encrypt entire files or specific fields of data at the application level, before it is stored. Data is encrypted immediately upon ingestion into an application, which protects it across its entire lifecycle, from input to storage. For added flexibility, application encryption can work together with other cryptographic techniques such as Point-to-Point Encryption (P2PE), tokenization or any other additional encryption-based data security mechanisms.
To ensure system performance, organizations can easily fine-tune their application encryption by only targeting specific files, data types or columns of data that are deemed sensitive. This reduces unnecessary encryption of non-sensitive data and minimizes any effects on system performance.
Avoiding Common Mistakes
Any effective application encryption solution requires what’s known as key management, combined with general purpose encryption within the application. For large organizations, this will require implementation of a hardened key management infrastructure.
A common mistake is performing key management within the application itself. This is troublesome for multiple reasons, but the most important is vulnerability. This model places the keys within the application, which subjects them to the same network threats as the application itself. It also requires the extension of key management access to each application manager, which raises the risk for internal theft or negligence.
Another common mistake with key management for application encryption is using software-based key storage programs. Software-based encryption programs are inherently flawed due to their vulnerability to malware, keylogging and other attacks that attempt to determine encryption keys.
To avoid these risks, the preferred approach is to use hardware security modules (HSMs) to store encryption keys. HSMs offer a far more secure option and are scalable and flexible enough for enterprise-level application encryption. HSMs store keys in an internal secure cryptographic device that is fully compliant with industry requirements (specifically FIPS 140-2 Level 3). Such a device offers sophisticated levels of physical security, including:
- Tamper-responsive circuitry that erases sensitive data upon detection of any intrusion attempt
- Physical security barriers that prevent access to internal components
- Digital signatures of cryptographic modules that prevent substitution attacks
Data breaches are a fact of life in the retail industry. Encrypting data at the application layer is one of the most effective ways to keep your sensitive data out of the hands of criminals, and to protect your company.
Ryan Smith is VP of Global Business Development for Futurex, a trusted provider of hardened, enterprise-class data security solutions. Smith is focused on overseeing Futurex’s global and strategic relationships with customers, partners and industry stakeholders, and has deployed Futurex’s solutions in some of the largest enterprise IT infrastructures in the world. Smith represents the company on industry standards bodies including Accredited Standards Committee X9 and the Payment Card Industry Security Standards Council (PCI SSC). He is a subject matter expert in key management and cryptographic infrastructures.