Written by Russell Berkley
How do organizations keep electronically stored data secure? To answer that question, experts developed the CIA Triad of information security. Unrelated to the Central Intelligence Agency, the letters in this acronym represent the three core areas that your organization must address to effectively secure its data: confidentiality, integrity, and availability.
Let’s examine these components one by one and see how Keylok makes all three of them integral to its security solutions.
Confidentiality means data is accessible by only authorized parties, which include people at different levels of access within your organization. It prevents access by unwanted outside parties.
User permissions are a standard method of implementing confidentiality within an organization. You can achieve them through encrypting data, storing data in a protected location, and other measures. While confidentiality should restrict access, it is just as important that authorized parties can access the protected data as it is that unauthorized parties cannot.
To achieve confidentiality for your application, KEYLOK dongles have internal byte-addressed memory. This means that you can safely store critical constants or other information within the dongle’s memory. Only properly authenticated applications can use the KEYLOK libraries to access the internal memory. Additionally, KEYLOK Fortress dongles offer an additional area to store security-sensitive files with the CodeVault feature. CodeVault’s protected memory provides safe and accessible storage of data like RSA keys, logos, and operational data. Executable code can also run directly on the dongle, protecting critical functions from would-be attackers.
To manage access to information or application features, you can use the dongle’s memory to set permissions flags for specific users. Dongles can be programmed to allow access to only certain parts of an application. Using these flags correctly means creating a multi-tiered authentication scheme for your application. All you need to give a user the right authentication for their level of access is a properly programmed dongle.
Integrity means the data will not degrade or be tampered with. Ensuring that the data placed into memory has not been modified is an essential part of your application’s overall security. Many hacking methods involve “injecting” malicious data into operational data.
Keylok fulfills the integrity requirement by moving your essential data into protected memory. This long-term memory can retain data for at least 10 years, guaranteeing your data will remain stable without use. The dongle’s memory can be accessed only through the Keylok libraries and with the correct authentication codes. This means that the data being communicated to your application will always be the same as what you provided to the dongle, with no risk of tampering during transit on the internet.
The final pillar of information security is availability. Availability is the counterpart to confidentiality and is the reason there is no such thing as perfect security. It means the data is still accessible to authorized parties when they need it.
Keylok achieves availability by placing the data on hardware directly connected to the computer running the application. As a result, Keylok dongles can authenticate and provide stored data whether the computer has an internet connection or not. Keylok dongles have also been designed to work in harsh conditions, such as an operating temperature range of 32°F to 157°F (0°C to 70°C). Your organization and your application’s users will be able to access exactly the data they should when they need it
Trust Keylok to achieve the CIA Triad
The three pillars of information security are vital abstractions of the requirements for proper security. With strong data confidentiality, integrity, and accessibility, your application will run both securely and effectively.
When you’re looking for a partner who can help you implement the triad, Keylok is a superior choice because we ensure that our solution enables customers to fulfill all three requirements. We’ve made it simple to integrate virtually impenetrable data security into your systems through our custom API and utilities. To learn more, contact us today.