Designing For Security: What You Need to Know

Data Security and Its Aspect

Data is a very important aspect of any system, organization, and business. It plays a crucial role in user behavior, and sentiments and drives the businesses. In day-to-day life, as we come online, we start playing with data. These data are collected from various means like social media, cookies, user profiles, user login, browsing, etc.

It is imperative for any system to critically deal with any kind of data. If compromised, it brings harm to users, and organizations and, in turn, leads to loss of money, time, and trust. It is of the utmost importance for any system to deal with data in a very careful way.

Usually, when we design a system, security is the last thing considered. In this article, I would like to discuss various different classifications of data and its handling. Before we deal with handling the data, we should understand its classification and accordingly design our system.

Data Classification

Data can be categorized into various types based on sensitivity; it is classified into high, medium, and low. A high sensitive data is highly confidential and restricted like financial data. Medium sensitive data is sensitive data but does not contain any confidential information like emails without any confidentiality. A low sensitive data is publicly available data like website data and social media posts and is unrestricted.

Oftentimes, data when looked at individually, can look like a medium but when combined with different data, becomes restricted or confidential like PII (Personal Identifiable Data), for e.g., an address independently is public data but when combined with user information is sensitive data. Data classification plays a crucial role in understanding the level of criticality a system is dealing with.

Requirement Analysis

In order to design a system better, we gather the requirements. Based on the requirements, the system is designed and developed. During the requirement phase, one should outline security requirements along with functional and non-functional requirements. Oftentimes, we focus more on functional requirements as these are the core of any system. We can derive the security requirements based on functional and non-functional requirements.

Once we narrow down the functional and non-functional requirements, we can outline the type of data the system will deal with at various layers say transport layer, data layer, service layer, downstream, etc.

Once all the dependent systems are identified, one will get a good idea of the type of data flow through and into the system. It is highly recommended to outline all the possible security callouts in the design phase. A few of these could be:

1. Authentication
2. Authorization
3. Encryption at REST
4. Encryption at Transport
5. Application level encryption
6. Logging preservation time
7. Logging of non-critical data

Best Practices Design

Once we have outlined the security requirements, we can implement various security practices into the system. These can be:

• Security code reviews where the review will look from the security perspective and best practices.
• Proper authentication and authorization mechanisms should be in place.
• PEN testing before release and at an interval can be incorporated into best practices.
• Proper alarms should be configured.
• Alarms in case of any malicious or high burst/volume of data are requested.
• Gating mechanism to ensure DDoS protection.
• Application-level encryption using custom-managed keys.
• Encryption at REST using custom-managed keys.
• Key rotation at a certain interval.
• Gating mechanism to ensure access to critical data is protected.
• Policies at storage to ensure critical data egress for qualified consumers.
• Data loss prevention mechanism in case of any compromise.

System Design

Once the requirements are in place, we move to high-level and low-level system design. This acts as a blueprint for the system and acts as a basis for requirement conversion. One should carefully look into various aspects of the system and use proper infrastructure to ensure security.

In case the system is currently not dealing with any critical data, but in the future, due to some changes, the system starts to interact with critical data, the documents should be updated as such and re-reviewed to ensure all security practices are followed to uphold the high security and avoid any incidents.