The Immutable kBlog: thoughts on data integrity

I’ve read a great post on David Lacey’s blog. Very clearly, he points out how most people and organizations are forgetting that information security is based is a three-pillar house (Availability, Confidentiality and Integrity, or CIA).

Availability was the main focus some years ago. Denial-of-service was the main worry, and business continuity was the focus of organizations. Then came the turn for confidentiality, and encryption became something that was -almost- everywhere. The impacts of a loss in availibility is big; the impact of a loss of confidentiality is bigger… and scarier.

But now comes the time for data integrity. Right now, few decision-making minds in organizations focus on that, or care about it. But still, the impact of a loss in data integrity is -and here we agree with Mr. Lacey- huge. What if somebody changed the data -intentionally or not? Results can go from from undermining the people’s (think about the recent alleged attack by a hacker to the Virginia Health Professions Database) or even fraud (think about the Satyam Computers‘ case.

And it gets darker. The problem comes not only by safeguarding integrity, but also to the long and painful process of recovering from one of this attacks: how to know exactly which data is trustworhty (i.e. hasn’t been tampered with) and what is not?

It is surprising that currently there is not a big concern about this. We are guessing that unfortunately this concern will come when it is too late, and there are many breaches in data integrity and costs and consequences are there to remind us of its important. That is why, in David Lacey’s words,  it a time-bomb, waiting to explode.

The British Standards Institution (or BSI) has recently published the BSI 10008, a new standard that focuses on the evidential weight of electronic information. It establishes up a set of requirements organizations should follow in their data management procedures for ensuring… yes, you got it: the integrity of information.

The new standard’s name is quite self-explanatory: “Evidential weight and legal admissibility of electronic information. Specification”. As the BSI website states, “legal admissibility concerns whether or not a piece of evidence would be accepted by a court of law. To ensure the admissibility, information needs to be managed by a secure system throughout its lifetime (which can be for many years). Where doubt can be placed on the information, the evidential weight may well be reduced, potentially harming the legal case”. The BSI 10008 is aimed therefore to ensure that any piece of electronic information used in a Court of Law has the maximum evidential weight.

There are many interesting aspects here. First, it shows the need of clearly establishing guidelines and a common framework for how to deal with electronic data and digital evidence. And second -but no less important- it outlines how data integrity is a key aspect in information management.

We just bought a copy of the standard. We’ll read it and publish some thoughts… Stay tuned.

Public Health Records (PHR) allow individual to save, post, manage and share all their health record information via the Internet. Advantages associated to the use of this kind of tools are rather obvious: forget about trying to remember if you are allergic to this or that medication; don’t bother walking all the way to the doctor with your new test results, just to realize when it’s your turn to go talk to the doctor that you forgot home the previous results. Everything will be available online, but only for the people that you allowed to, and under the conditions that you stated.

Or at least in theory.

The adoption of PHR has been slower than assumed, mainly due to lack of trust in the protection of that data, according to Zöe Baird, president of the Markle Foundation. As a response, a group formed by technology companies, providers, health insurers and consumer groups released last June a common framework that will help consumers gain trust in these technologies. It is expected that this joint effort will boost its acceptance and use.

The framework consists of nine consumer policies that rely on seven different support technologies. It is no surprise that one of these technologies (CT3) is Immutable Audit Trails, and four of these nine consumer policies are based on the immutability of the audit trails. This, in other words, means that audit trails -files that track the use, access, modification or deletion of any data- must have integrity and be tamper evident: the integrity of this audit trails must be evident.

Security concerns have been shifting over the years: first on availability, later -in recent years- to confidentiality, and we totally agree with what David Lacey, one of the leading authorities in Information Security Management thinks.

As final users, we see the importance of data integrity only after an attack has occurred, or data has been tampered with. The impact of any change -be it malitious or accidental- is huge. Today, data integrity is percieved more as a “nice to have” than a “must have”… rarely enough stress is put in this.

Gradually people and enforcers are realising the potencial danger associated to “false proofs”. We in Kinamik believe that data integrity will be, quoting Mr. Lacey, “the next big threat”.