Mobile Devices Get Means for Tamper-evident Forensic Auditing

leadership team img1

By Michelle Drolet

Founder & CEO

Ms. Drolet is responsible for all aspects of business for Towerwall. She has more than 24 years of,

Read More

Providing early evidence of tampering can shorten investigation times for breaches and audits.

The convenience of mobile devices has led to their rapid proliferation in the workplace. But along with that convenience comes security and compliance issues contributing to the degeneration of trust.
Risk management for mobile devices is of rising concern, particularly in highly regulated industries such as healthcare and finance. In order to detect security breaches and guarantee compliance, tamper ‘proofing’ has not been sufficient. When it comes time for a forensic audit, the ability to detect unauthorized changes to digital files becomes invaluable in an investigation.
In an article published by Enterprise Mobile Solutions, Mike Gault of Guardtime admitted how “Enterprises and government agencies don’t want to rely on trust authorities when it comes to ensuring transaction trails are secure. They’re looking for proof – an independent verifiable audit trail.”
The Institute of Internal Auditors says that internal audits are the leading method of detecting fraud among all industries. Compliance policies have, of course, requirements to provide clear audit traces, but that is not always sufficient. Having a means to more easily recognize tampering can improve audits by flagging digital files that have been altered or deleted in the time since they were created. Using tools to provide evidence of tampering rather than simply attempting to stop it can simplify and shorten investigation times for security breaches. These applications also shore up trust of mobile devices and the data they access or carry by validating it.
Keyless signature technology has been tapped to provide the best tamper-evident applications for mobile devices, cloud computing, and any other less-than-secure means of disseminating information. This method, rather than relying on keys, secrets, or other third-party information, uses hash functions for data verification. It creates a signature indicating the time, integrity, and origin (business, computer, or user) of the information against which to compare the received file.
The method of keyless signature is highly scalable and benefits from the simplification of the validation method. Certification-based validation schemes are often very complex and have management issues such as the revocation or expiration of the validating instrument. In addition, keyless signatures can be appended to almost any type of file or file format and the signature stored separately from the file, embedded into the file, or as a separate file alongside the original if needed.
By integrating keyless signature technology with mobile risk management, governments and enterprises can more easily comply with auditing policies. The forensic logs and audit records provided by these types of solutions are extremely transparent. Not only is the data and device validated, the audit trail itself is secured.
Says Rick Segal, CEO of mobile risk management provider Fixmo, “When it comes to proving compliance, the ability to verify a document’s integrity before and after a transfer is just as important as ensuring the data it contains is accurate and verified. The integration of keyless signatures and mobile risk management ensures our customers can confidently prove compliance in an auditable fashion across all corporate-liable and employee-owned (BYOD) devices on their network.”
Gartner announced that for 2012 cloud computing will become more mainstream with a 10X increase in deployments. Tamper-evident forensic auditing is not only a requirement for compliance of mobile devices; it will also serve to enhance cloud computing security and trust as well.
By lessening dependence on third-party trust instruments and easily integrating with almost any file system, keyless signatures improve data integrity and provide a means of showing proof of authenticity for each mobile device in use.By Michelle Drolet, founder and CEO, Towerwall
Special to Info-Security Magazine

This article was recently published in Info-Security Magazine