Cybersecurity: Evolving Technologies in Data Security

Background

Cyber attacks aimed at businesses are increasing in frequency. The days of posting a message bragging of an attack are over. Instead of fame, cybercriminals want money. Specifically, they want untraceable electronic currency such as bitcoin.

Greed is the reason why many cyber attacks use ransomware that locks a network until the money is paid.

According to PurpleSec, the estimated global damage from ransomware was:

• $8 billion in 2018
• $11.5 billion in 2019
• $20 billion in 2020

The same PurpleSec report states that an attack on a supply chain affected more than 18,000 customers. Fortune 500 companies and government agencies were among the victims.

“Threat actors search for targets that can be easily compromised and have significant monetary value. Attacking a supplier to gain entry to larger organizations is one way to bypass their sophisticated security controls,” PurpleSec states.

Other numbers important to business leaders are:

• 45%: The number of breaches involving hacking compared to 22% for phishing and 17% using malware (Verizon)
• 68%: The percentage of business leaders who believe their cybersecurity risks are increasing (Accenture)
• 86%: The number of financially motivated breaches compared to 10% from espionage (Verizon)
• 95%: The number of cybersecurity breaches caused by human error (Cybint)
• 11,762 recorded network breaches from Jan. 1, 2005 – May 31, 2020

Source: VARONIS.COM

Reducing Cyber Attacks

Companies big and small are rightfully worried about keeping their data secure, especially today. 2020 saw a dramatic increase in the number of employees working from home, many using basic home internet to connect with company networks.

A Dec. 9, 2020 Pew Research study of workers who can perform their jobs at home shows:

• 20% worked from home before the coronavirus outbreak
• 71% are working from home during it
• 54% want to keep working from home after virus-related restrictions end

Many companies store their data in distributed computer server centers collectively known as “the cloud.” The widespread adoption of cloud computing and the internet of things (IoT) IoT systems potentially exposes businesses to cyber attacks. Add to this explosive growth in the number of people working from home and it’s easy to see how much more vulnerable businesses are now than ever before.

Is Cloud Computing Safe?

In short, the answer is yes.

“Information stored in the cloud is likely to be more secure than are files, images and videos stored on your own devices. Why? Cloud companies often rely on far more robust cybersecurity measures to protect your sensitive data,” antivirus company Norton suggests.

Cloud data storage has four key security advantages over using an in-house server:

• Limited physical access: Few people have access to warehouses holding the large server farms.
• Constant security updates: Larger cloud storage companies immediately apply security updates even though they are already using high-grade and more robust operating systems.
• Distributed computing: Cloud data is not typically stored on just one set of servers in a single location. The data is typically backed up to at least one remote site, preventing data loss should a natural disaster strike.
• Data encryption: All data is kept secure behind robust firewalls to prevent unauthorized access. Should a hacker make it past the firewalls, they then have to decrypt the scrambled data. Top-level encryption methods include Rivest-Shamir-Adleman (RSA), the Advanced Encryption Standard (AES) and others.

Data Encryption

Using codes to hide messages from view is no longer limited to spies. Businesses have been using encryption methods for millennia starting with the Spartans in 600 BC.

Note that Microsoft Office 365 lets company IT administrators turn on encryption by default for all emails in Outlook. Individual Outlook users can also send and receive encrypted messages.

Microsoft states that Dynamics 365 encrypts data at rest and in transit. “Microsoft uses encryption technology to protect customer data in Dynamics 365 while at rest in a Microsoft database and while it is in transit between user devices and our data centers. Connections established between customers and Microsoft datacenters are encrypted, and all public endpoints are secured using industry-standard TLS. TLS effectively establishes a security-enhanced browser-to-server connection to help ensure data confidentiality and integrity between desktops and datacenters. After data encryption is activated, it cannot be turned off.”

Encryption and CGMPs

The Food and Drug Administration’s Current Good Manufacturing Practice (CGMP) regulations list 188 instances where encryption is mentioned. One frequently used section is the use of electronic signatures for regulatory documents known as SOPP 8116 from the Center for Biologics Evaluation and Research. Part of this requirement is using secure email to communicate with the FDA. That requires encryption.

Title 21 of the Code of Federal Regulations covers the FDA’s portion. Many of the CGMPs listed require stored data to be either encrypted or hidden in some way, especially if it contains personally identifiable information.

Using Blockchain with D365

According to Microsoft, blockchain, “is a secure, shared, distributed transaction ledger database that decentralizes data, eliminates the need for trusted third parties and enables the anonymous exchange of digital assets such as bitcoin,”

“It is a replicable database that is immutable, verifiable and cryptographically secure, establishing trust through a network of untrusted nodes.”

An updated version of blockchain, Blockchain 3.0 with cloud servicing, multilayer middleware and cryptlets, is one of Microsoft’s greatest innovations.

An important part of the pharmaceutical business is the supply chain. Microsoft’s blockchain version helps create smart contracts, process micropayments, filing taxes, shipping and logistics management.

The Microsoft Azure platform on which D365 sits can also use blockchain technology to help manage physical assets across the supply chain.

Summary

Any business serious about protecting its data will want to explore cloud data storage. It’s now more secure than many private networks. Cloud computing companies such as Microsoft go to great lengths to encrypt all data, which they keep stored behind robust firewalls.

Additional functionality in the form of blockchain technology helps track and protect pharmaceutical supply chains from raw materials to delivered goods.