EU Data Protection Regulation Proposals

Grab a cup of coffee and talk.

EU Data Protection Regulation Proposals

Postby richh » Wed Jan 11, 2017 1:01 pm

In my mail today is a white paper from Sophos on 'how to comply with upcoming data confidentiality reform laws'. They are referring to EU Data Protection Regulation Proposals. See https://secure2.sophos.com/en-us/security-news-trends/whitepapers/gated-wp/eu-data-protection-laws.aspx

The paper asserts: "To meet compliance, your solution should include encryption to prevent unauthorized users from reading data if it is lost or stolen."

Rather than guessing at what this means in practice, does anyone have experience with the interpretation of these proposals, when they are likely to apply in practice, and what Servoy Developers need to be aware of?
Richard Hinder
Chartered Engineer and priest
richh
 
Posts: 78
Joined: Sat Jan 14, 2006 8:34 pm
Location: London

Re: EU Data Protection Regulation Proposals

Postby ROCLASI » Wed Jan 11, 2017 1:52 pm

Hi Richard,

I did a quick read-up (1) on this and from what I understand it really only applies to 'personal data'. In other words data relating to a ‘data subject’ (a person) who can be directly or indirectly identified on the basis of that data.
This page shows 6 steps to see if your data falls under this rule.
This EU law will go into effect on May 25, 2018.

As for your specific question.
You could encrypt your data at rest using filesystem level encryption or at database level, the implementation of this depends on your platform(s) of choice.
Another thing to keep in mind is your backups. You should encrypt those in some way to be sure they won't get compromised.

Hope this helps.

P.s. At upcoming ServoyWorld I will do a talk about securing servoy (and more) which covers this aspect as well.


(1)
- https://en.wikipedia.org/wiki/General_D ... Regulation
- http://ec.europa.eu/justice/data-protec ... _oj_en.pdf
Robert Ivens
ROCLASI Software Solutions / JBS Group, Partner
SAN Developer / Servoy Valued Professional / Servoy Certified Developer
Twitter: @roclasi / @servoyforge
--
ServoyForge - Building Open Source Software.
PostgreSQL - The world's most advanced open source database.
User avatar
ROCLASI
Servoy Expert
 
Posts: 5189
Joined: Thu Oct 02, 2003 9:49 am
Location: Netherlands/Belgium

Re: EU Data Protection Regulation Proposals

Postby kwpsd » Thu Jan 12, 2017 8:13 pm

One of our customers uses MSSQL in a cluster, and I am told by their IT staff that stored data is automatically encrypted (aka 'data at rest')/decrypted by the database server as is enters/leaves the server. Unauthorized access or theft of data is encrypted. It makes sense to me that this is done as a back end process where the data resides and is not encumbent on the applications that uses the data. Then, there is 'data in transit' which is protected by SSL and other means.
Kim W. Premuda
San Diego, CA USA
User avatar
kwpsd
 
Posts: 561
Joined: Sat Jul 28, 2007 6:59 pm
Location: San Diego, CA USA

Re: EU Data Protection Regulation Proposals

Postby Jan Aleman » Thu Jan 12, 2017 8:36 pm

I'd be interested to know how they do this Kim. The closer to the db the encryption happens the more security breaches could technically occur. For example:
Database encryption with automatic startup: key will be stored on disk: security issue
Database encryption with key prompt on startup: key will be stored in memory: security issue for local breach
(etc)
Jan Aleman
Servoy
Jan Aleman
Site Admin
 
Posts: 2070
Joined: Wed Apr 23, 2003 9:49 pm
Location: Planet Earth

Re: EU Data Protection Regulation Proposals

Postby kwpsd » Thu Jan 12, 2017 11:38 pm

Jan, I contacted the customer who verified this was the case and was directed to this link:

https://cloud.google.com/security/encryption-at-rest/

I am not familiar with DEK and KEK terminology, but the article states that the keys are stored near the data (what you said). Perhaps, this would make a good topic for one of the online technical presentations?
Kim W. Premuda
San Diego, CA USA
User avatar
kwpsd
 
Posts: 561
Joined: Sat Jul 28, 2007 6:59 pm
Location: San Diego, CA USA


Return to Servoy cafe

Who is online

Users browsing this forum: No registered users and 1 guest