IT Thrill Seekers

March 5, 2008

I’ve heard recently that there is a new craze for thrill seekers known as Russian Roulette parachuting – a one in six chance that the parachute might not open – but apparently this is just not close enough to the edge for some IT folks out there. It seems the latest stunt is using FTP (File Transfer Protocol) to provide access to information. You would have thought that this went out with Glitter Rock since they both showed up around 1972 but apparently there are still FTP groupies out there.


It comes as no great surprise that an ‘illegal database’ containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses has just been found: http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9065038&intsrc=hm . The stolen credentials belong to companies from around the world and apparently anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems. And where there’s one database …


The solution to the problem is to stop using FTP Servers – and that does not mean stop using FTP!  The reason that FTP is so extensively used is that it has become a de facto standard for exchanging files between different organizations and systems. Although there have been a number of advances in securing the transmission such as SFTP and FTPS, all that this offers is that the data is secured during transmission. But the clear message from this latest piece of news is that no one need bother trying to intercept the data during transmission when the data is going to eventually end up on an FTP server, probably in your DMZ. Ask anyone who has really tried and they’ll tell you that it is impossible to secure and protect the actual FTP Server itself so why bother trying to intercept encrypted data.


There are particularly serious issues when the transfer is system to system. The files should be secured during transitions as well as when stored without having to install software on all application servers. In many cases when the transition is between dissimilar systems the files are often stored in plain ASCII and can be changed by a wide range of authorized persons who need access to the files on a daily basis. The changes can be made without the need of verification and can bypass application controls. For example Administrators can grant themselves access to files – remind anyone of a well known French bank? As a result, security monitoring is very limited due to a large number of events being generated. The chances of detecting any unauthorized activity in real-time are nil. Monitoring may indicate that something changed, but it is not possible to trace what was changed.


What Should You Do?


If you want to eliminate the risks associated with FTP, here is what you should do. Obviously, if you want to play Russian Roulette with your IT security you should not bother.


While information is waiting to be retrieved by the enterprise or sent to the business partner, it must reside in a secure location. This is especially critical when the intermediary storage is located on an insecure network, such as the enterprise’s DMZ, outsourced site, or even the Internet.
But encryption and other security mechanisms are not helpful if the security layers where the data is being stored can be circumvented. Encryption is good for confidentiality, but does not protect data from intentional deletion or accidental modifications. In order to build multi-layered security, a sterile environment must exist to accommodate and protect the security infrastructure. Creating such a sterile environment requires the creation of a single data access channel to the machine and ensuring that only a strict protocol, that prohibits code from entering, is available for remote users.


Digital Vaults offer the only highly secure solution available on the market. Derived from the requirement of a sterile environment they address the need to separate the storage of the data from the place which data is being accessed. Since no one ‘works’ or ‘runs’ on the vaults, there is no insecure local access, in contrast to desktop encryption systems or an application running on a server, such as an FTP server.


While it is important to protect data at rest with encryption, encryption is only part of the solution. Data needs to be protected against accidental or malicious tampering, and version control is essential, ensuring an easy way to revert to the correct file content or recover from data deletion.


Data must also be protected against tampering. This can be easily achieved by integration of authentication and access control that ensures that only authorized users can view and change the data.


One of the major challenges of the file transfer system is how to allow the many different types of users to perform the file transfer operations. The types of users can range from internal systems which require a high level of automation and scheduling to users who simply want to browse to web site and manually download files. This is easily achievable by allowing a variety of interfaces to interact with the digital vault. So you still enjoy the ease of use of FTP without having the associated risk of the FTP Server.


As data transfer is an essential part of a larger business process, it is critical to be able to validate that this step in the process was executed correctly. This requires the solution to provide auditing features, data integrity verification and guaranteed delivery options.


Every activity needs to be logged and external processes need to be aware of the successful or unsuccessful completion of the data transfer. After all it’s no use transferring 99% of a file.


Performance is a major issue in many networks, especially when using the Internet (where service lvels are difficult to guarantee). When there are large volumes of data and a high number of recipients, it is critical to ensure that performance is optimized. It is therefore essential to use compression to reduce file size, and since network availability and reliability may disrupt the transfer process, automatic resume from the last successful checkpoint is also a andard feature.


In the 70s you listened to your favourite Glitter Rock on your walkman but I’m sure you’ve graduated to the iPod. It’s time you graduated your FTP to digital vault. That is of course unless you’re the ultimate thrill seeker!


Calum Macleod is the West European and Emea Director for Cyber-Ark.: www.cyber-ark.com