This is the fourth installment in a series of discussions on Backups, Disaster Recovery and Security. Here are links to installments #1, #2 and #3.
In this installment we will focus on Security and RDA. Webster’s 1828 dictionary defines Security as: Protection; effectual defense or safety from danger of any kind; as a chain of forts erected for the security of the frontiers. In this article we are reviewing the security measures for the protection of your highly sensitive RDA data.
We will look at two aspects of security risks:
As discussed previously, more and more organizations are moving their mission critical data and processing to the cloud. We believe this is a great first step to increased security. Moving servers offsite to the cloud eliminates the huge risk of physical access to the hardware.
With the older on premise servers model, the majority of computer data security breaches are by in-house staff. Moving servers to the cloud eliminates this exposure. It is the business of Cloud Service Providers (CSP’s) to protect data. They think about it every day. Access to servers and other supporting hardware is monitored and highly controlled.
Cyber risk is from attacks via the internet or internal network. CSP’s have robust internal controls and auditing to protect against cyber access to customer data. Each RDA clients server has its own secure connection via a Secure Socket Layer (SSL). SSL is the standard security technology for establishing an encrypted link between a cloud web server and a browser. This link ensures that all data passed between the web server and browser is encrypted and remains private.
In addition to the above, RDA software has powerful security features built in. User password security is a key component. RDA supports passwords up to 60 digits in length. The more digits in a password, the more secure. Short phrases as passwords are even better. RDA clients have the option of mandating periodic password changes for their users. Mandating password changes is highly encouraged by RDA.
Security of stored passwords is critical. RDA stored passwords are “salted” for better encryption and security. Salts do not have to be memorized by people. They can make the size of the encrypted password prohibitively large without placing a burden on the users. Since salts are different in each case, they also protect commonly used passwords, or those users who use the same password on several sites.
Application Security within RDA can be managed at the following levels:
The ability to configure security at these key levels provides your team with access only to the RDA data needed to fulfill their roles. All other RDA data remains securely protected.
A final layer of security is having a solid Disaster Recovery (DR) plan. We know not the future. In the unlikely event of a new type security breach like ransomware, the only option to regain control of your system and sensitive data may be to execute your DR plan. A good DR plan would allow you to gracefully spin up a new un-compromised system in a matter of hours.
We believe cloud servers, robust password security and multilayered security within RDA applications provide a solid line of protection against traditional attacks. A comprehensive disaster recovery plan provides protection against any new intrusion technology like ransomware.
If you would like more information on RDA security, please contact Mimi English (firstname.lastname@example.org).