How to Protect Sensitive Data Stored in your ServiceNow Instance (and other Cloud Platforms)?
Moving to the cloud has many compelling advantages: reduced cost, greater scalability, increased mobility, faster deployment and instant upgrades to name a few. However, cloud security risks and cloud data security policy compliance continue to be the main barrier for cloud adoption by enterprise organizations. Not only international and national data protection regulations are getting stronger and stronger, but it is as well crucial for companies to extend their data protection policies and regain control over information lying outside their four walls. The recent death of the EU-US Safe Harbor agreement and its replacement by the EC Model Clauses made it even more urgent for multi-national businesses to take proactive steps to reduce their exposure by anonymizing sensitive personal data before it leaves a country.
The State of Data and Encoding methods
Before developing further, it’s important to understand that data can have various states. Data in Transit (or in Motion) is defined into two categories, data that flows over the public or untrusted network such as the internet and data which flows in the confines of a private network such as a corporate or enterprise LAN. Data at Rest refers to inactive data stored physically in any digital form. In a cloud context, it is the data stored by the service provider in its datacenters. Finally, Data in Use refers to active data stored in a non-persistent digital state typically in computer random access memory (RAM), CPU caches, or CPU registers and this across the whole way from the End-User to the service-provider DB Server. This is one of the most vulnerable state for data.
To protect data independently of its state, and therefore achieve a high level of security, there are two main ways that can be used separately or in combination: Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. To ensure the safekeeping of encrypted data in the cloud, the customer, not the cloud provider, must maintain control of the encryption keys. The other method, tokenization, substitutes a sensitive data element with a non-sensitive equivalent, the randomly generated token. The token is a reference that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods which render tokens infeasible to reverse in the absence of the tokenization system.
To encode or not to encode
Encryption can be costly in terms of the computing resources. As the encoding/decoding process has to be handle in real-time for the obvious reasons (transparency for the end users), the more there is to encrypt/decrypt, the more it uses the resources with consequences on the size of the necessary infrastructure and the level of performances. You might as well be willing to preserve some functionalities such as search capabilities for example. Encrypting certain fields would make search difficult and requires to have a method in place to ensure it remains possible. Therefore, a close analysis of what has to be encoded may show that not all the data must be encrypted but “less being more”, reveal that the anonymization of certain key fields is sufficient to achieve a high level of protection.
As a leading integrator of ServiceNow supporting hundreds of companies in their cloud journey, Fruition Partners is regularly facing the question of data protection. While SSL technology helps protect Data in Transit and ServiceNow, as well as other cloud platforms, offer encryption of Data-at-Rest, the customer does not control 100% of the process and Data in Use is hardly protected. Therefore, we usually suggest the implementation of a third-party technology such as CipherCloud.
Acting as a gateway, CipherCloud transparently inspects data and applies security policies before data goes into the Cloud. The solution is transparent to end users and has virtually no impact on performance, functionality or on the overall user experience.
The encryption is performed through a set of reverse proxy servers that reside on Customer’s premises (more than 1 server are usually needed for high availability reasons). The encryption keys are managed by the Customer on the CipherCloud above-mentioned servers and is not available to ServiceNow or any other third-party.
Tokenization substitutes randomly generated values for the original data, which never leaves the enterprise. The original data and mappings for the substitutes are stored locally in a secure JDBC-compliant database. While encryption is handled with stateless servers, tokenization requires a more complex on-premise infrastructure. A good example and general use of tokenization is when attachments have to be stored locally in compliance with data residency and sovereignty policies.
To preserve user experience, CipherCloud provides a Strong Search Encryption technology that leverage its gateway architecture to provide secure local index and search operations. This solution enables natural language, wildcards and Boolean searches of encrypted data. It is as well ServiceNow application aware and preserves data formats, data sorting, and other advanced functions.
Typical steps to achieve your Cloud Data Protection with CipherCloud
- Setup the CipherCloud infrastructure;
- Network settings to direct traffic to the cloud platform through the CipherCloud gateway;
- “To encode or not to encode” analysis : what information do I need to protect, analyse databases, define fields to protect and encoding method for each of the field;
- Gateway configuration;
- Import/Export of the already existing data to ensure its encryption.
A typical project duration is around 12 weeks including Planning, Design, Implementation and Support until Go-live.
So, as we keep hearing about data breaches everyday, we highly recommend to any company to start addressing the topic. Every industry, every company, is at risk and potentially exposed to legal consequences and to damages of the reputation and image. Encryption is to be considered as an additional line of defense, especially in a cloud environment.
While this article focuses on ServiceNow, CipherCloud proposes an entreprise data security strategy for all cloud applications such as SalesForce, Box, Microsoft Office 365 with one unified multi-cloud gateway