by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2016
GCN MAY 2016 • GCN.COM 31 tions,” Pate said. “It makes sure that no- body is using an algorithm that’s easily breakable.” In general, though, each government agency has some leeway about how it implements encryption to address its own data security risks, said Scott Gordon, FinalCode’s chief operating officer. “Certain agencies, such as de- fense and intelligence, require stronger encryption, like the use of Suite B algo- rithms, and they are exploring the use of quantum-safe crypto technologies,” he added. OTHER DATA CHALLENGES Encrypting data in motion, data at rest and data in use each requires a differ- ent approach. Agencies should begin by identifying where their sensitive data is located and prioritize based on high- est risk because encrypting everything everywhere is usually not financially practical. Data in motion is often the easiest to get a handle on, and most agencies are already encrypting it, Irvine said. How- ever, they should check their websites and File Transfer Protocol sites — par- ticularly those that have been around for awhile — to make sure that com- munications are encrypted. Cates said email systems and cloud storage pro- viders might also lack encryption. Data at rest requires full-disk encryp- tion on mobile devices and file-based encryption on servers. The latest hard- ware makes such encryption faster and easier, but legacy systems are the single biggest obstacle. Encrypting data in use remains a challenge, however. “Data in use cannot be easily en- crypted,” Irvine said. “If I send a virus to your PC that gives me control of your PC, I can get access to everything. Right now, there’s no answer to that.” There are also emerging technolo- gies to keep an eye on, said Ted Hengst, principal at PTH Ventures and a 25- year veteran of the U.S . Army, where he served as CIO at the U.S . Special Op- erations Command at MacDill Air Force Base. Wearable devices and the Internet of Things will present new encryption challenges. “It all needs to be encrypt- ed,” he said. “Otherwise, it provides a backdoor into the network.” On a positive note, however, he said government agencies are beginning to take encryption seriously. “Five or 10 years ago, encryption, networks and cybersecurity were the domains of the CIO, and they were the only ones who cared about it,” Hengst said. “It was a fight every year to pro- tect the networks. It’s now an executive issue. It’s first and foremost on senior government [leaders’ minds] how to protect not only the agency but the people who use that agency.” • SOLUTIONS STATUS MISSING PIECES Data in motion Secure Sockets Layer, HTTPS, virtual private networks Should be in place everywhere Some legacy websites, policy enforcement, user training for VPNs Data stored on user devices Full-disk encryption, password locks, two-factor authentication Should be in place everywhere Policy enforcement, user training Data stored on servers File-based encryption, tokenization, format- preserving encryption Partially complete Legacy systems, large databases, key management Data in use Tokenization, format- preserving encryption, decrypting data in least usable units Mostly incomplete Legacy systems, legacy applications, lack of technology THE STATE OF DATA ENCRYPTION 0516gcn_028-031.indd 31 4/26/16 9:23 AM
March and April 2016
June and July 2016