Number 6 on the OWASP Top 10 List is Sensitive Data Exposure. This vulnerability occurs when data that should not be seen, such as credit card numbers, tax ID numbers, passwords, and social security numbers becomes exposed. At Clearent, we pay close attention to this issue and work hard to ensure that our data is protected within our payments platform.
Intuitively, developers understand that data elements like credit card numbers and tax ID numbers need to be protected. What they don’t always know, however, is how to protect that data. It’s fairly obvious to realize the need to encrypt sensitive data or store it on encrypted hard disks. What isn’t so obvious is the need for precautions for the mechanisms that transfer the sensitive data. And because many people don’t realize the need for this, it makes it possible to get their data by monitoring network traffic. To this point, many of the recent payment breaches were accomplished by monitoring unencrypted network traffic inside a system.
How to Protect Your Sensitive Data
The best way to start addressing this vulnerability is to classify all of the data that needs to be protected. Once the data is identified, it needs to be mapped through the system in order to understand how it needs to be protected. It is a good idea to document the information classification so that everyone in the company understands the data involved and how important it is. Then, after identifying the sensitive data, a decision needs to be made as to whether the data needs to be stored or discarded after use. If something does not need to be stored, don’t keep it. The best protection for sensitive data is to not store it!
Once the data that needs to be stored has been identified and mapped through the system, the next step is to ensure the data is encrypted. Data is at rest if it is being stored in a database or file system. Data at rest should be encrypted using a strong, standard encryption algorithm such as AES-256. Using standard encryption algorithms like this one ensures the data is properly protected. It is also important to ensure that the encryption keys (used for actually encrypting data) are properly managed.
It is important to note that not all approaches to encryption may be safe. For instance, data stored in an automatically encrypted database may not be as safe as it should be. Since an automatically encrypted database decrypts the data upon retrieval, a SQL injection flaw could allow an attacker to gather decrypted sensitive data. It is critical to review any approach to encryption and ensure it meets your needs.
The last thing to look at is how your sensitive data is transported through the system. Data should be passed in its encrypted form whenever possible and decrypted at the last possible moment. It is also important to use secure transportation protocols to prevent attackers from monitoring network traffic and sniffing sensitive data. This means that if you are building HTTP services, the services should communicate via HTTPS so that the data transfer is encrypted.
Clearent’s payments platform was created to ensure that all sensitive data is protected. Early on we aggressively classified sensitive data to ensure that we addressed its protection as we created the platform. We continually review the payments platform to ensure we are keeping all sensitive data protected- whether at rest or in flight.