Posted: February 14th, 2023
1 page
Some of the security controls that were selected during Phase 2 of RMF included data encryption. There was some confusion in the working group meeting this week regarding the need for multiple encryption solutions in the implementation and assessment phases (3&4).
Consider the difference between data at rest (storage) encryption and data in transit (transmission) encryption. Describe a possible implementation solution for each of these cases and explain if it falls within the symmetric or asymmetric model. Provide an assessment of the strengths and weaknesses of the proposed solution options. Include at least one research reference and associated in-text citation using APA standards. In your replies to your peers further discuss the strengths and weaknesses of the various technologies.
SOLUTION
Data Encryption for Data at Rest: One possible solution for data at rest encryption is the use of full disk encryption. This involves encrypting the entire hard drive or storage media, including the operating system and all files, using a symmetric encryption algorithm such as AES (Advanced Encryption Standard). This approach ensures that all data on the disk is protected, even if the disk is stolen or physically accessed by an unauthorized user. An example of a tool that implements full disk encryption is Microsoft’s BitLocker. Another solution is the use of file-level encryption, which encrypts individual files using symmetric encryption, and is useful for protecting sensitive data such as financial records or personal identification information. An example of a tool that implements file-level encryption is the open-source software VeraCrypt.
Strengths of full disk encryption include its ease of use and low impact on system performance. Since the entire disk is encrypted, users do not need to manually select which files or folders to encrypt, and there is no noticeable impact on system performance. Weaknesses include the risk of losing the encryption key or passphrase, which can render the encrypted data inaccessible. Another weakness is the potential for the encryption key to be compromised if an attacker gains access to the physical device.
Data Encryption for Data in Transit: One possible solution for data in transit encryption is the use of secure protocols such as SSL/TLS.
Place an order in 3 easy steps. Takes less than 5 mins.