Data Encryption Guidelines
The most reliable way to protect the university’s sensitive data is to avoid handling sensitive university data. Sensitive university data should be retained or handled only when required. Encryption can be an effective information protection control when it is necessary to possess sensitive university data.
IT Owners and IT Custodians should understand that data encryption is not a substitute for other information protection controls, such as access control, authentication, or authorization; that data encryption should be used in conjunction with those other controls; and that data encryption implementations should be proportional to the protection needs of the data.
This guideline serves as a supplement to the Information Resources Use and Security Policy, which was drafted in response to Texas Administrative Code 202 and UT System UTS-165. Adherence to these guidelines will better assure the confidentiality and integrity of the university’s sensitive data should data encryption be used as an information protection control.
The objective of these guidelines is to provide guidance in understanding encryption and the encryption key management required for maintaining the confidentiality and integrity of the university’s sensitive data, should data encryption be used as an information protection control.
These guidelines apply to all devices, physical or virtual where university data is classified as Category A, B, or C (see Data Classification Standard).
- Encryption Applicability
- Transmission: In order to protect the confidentiality and integrity of the university’s sensitive data; any data classified as Category A data, and having a required need for confidentiality and/or integrity, shall be transmitted via encrypted communication to ensure that is does not traverse the network in clear text. It is further recommended, but not required, that data classified as Category B be transmitted via encrypted communications when possible. See the university Data Classification Standard for further clarification on the classification of university data. Applications of encryption for data transmission include, but are not limited to, those identified in APPENDIX-A.
- Storage: In order to protect the confidentiality and integrity of the university’s sensitive data; any data classified as Category A data, and having a required need for confidentiality and/or integrity, shall be stored encrypted in systems and/or databases and/or portable media. Category B or Category C data classifications do not require such encrypted storage. See the university Data Classification Guidelines for further clarification on data classification. Applications of encryption for data storage include, but are not limited to, those identified in APPENDIX-B.
- A combination of business practices and technology can act as mitigating factors and could significantly reduce the risk of unauthorized data exposure, thereby offsetting the specific need to implement data encryption. Examples of such mitigating factors include, but are not limited to, those identified in APPENDIX-C.
- Encryption Services
- The symmetric algorithms referenced in APPENDIX-D shall be used for encrypting Category A information.
- The algorithms referenced in APPENDIX-E shall be used for public key asymmetric encryption of Category A information.
- The encryption services referenced in APPENDIX-F shall be used for digital signature purposes when Category A information is involved.
- Digital signatures shall be used to associate a user or entity with a respective public key.
- Digital certificates shall apply recognized standards (e.g., X.509v3) and shall at least:
- Identify the issuing certificate authority ; the certificate authority shall be one authorized by DIR or strictly designated for internal UTB/TSC usage
- Identify its subscriber
- Provide the subscriber's public key
- Identify its operational period
- Be digitally signed by the issuing certificate authority
- Encryption Key Management
- Encryption keys used to protect Category A data shall also be considered Category A data.
- Professional key management is critical to prevent unauthorized disclosure of Category A data or irretrievable loss of important data. A centralized campus key management infrastructure shall be made available to all university users to ensure appropriate controls are applied. The university data managed by all key management infrastructures shall be considered both Category A and mission critical.
- All university key management infrastructures shall create and implement an encryption key management plan to address the requirements of these encryption guidelines, other university and UT-System regulations, and applicable State and Federal law. UTB/TSC encryption plan allows for:
- The encryption key management plan shall ensure data can be decrypted when access to data is necessary. Backup or other strategies (e.g., key escrow, recovery agents, etc) shall be implemented to enable decryption; thereby ensuring data can be recovered in the event of loss or unavailability of encryption keys.
- The encryption key management plan shall address handling the compromise or suspected compromise of encryption keys. The plan shall address what actions shall be taken in the event of a compromise (e.g., with system software and hardware, private keys, or encrypted data.)
- The encryption key management plan shall also address the destruction or revocation of encryption keys that are no longer in use (e.g., the user has left the university) or that aren’t associated with a key management program.
- All symmetric encryption keys used on systems associated with Category A data shall be randomly generated according to industry standards. Acceptable standards include, but are not limited to, those referenced in APPENDIX-G.
- Where symmetric encryption is used to protect Category A data:
- Master keys shall be changed at least once per year.
- Key encrypting keys shall be changed at a minimum of twice per year.
- Data encrypting keys shall be changed once per session or every 24 hours.
- When asymmetric encryption is used, the operational period of asymmetric keys associated with a public key certificate are defined by the encryption key management plan of the issuing certificate authority.
- Encryption keys shall be stored within an encrypted key store or an otherwise encrypted form using approved algorithms; or the keys may be stored on a security token (e.g., a smart card). The encryption keys shall never leave the device if stored on a security token.
- This requirement does not pertain to keys (e.g. SSH host keys) or protocols (e.g. encryption used by backup technologies) that are providing layers of encryption transport in addition to the strong encryption that has already been applied to Category A data.
- Encryption keys are confidential information, and access shall be strictly limited to those who have a need-to-know. The owner(s) of data protected via encryption services shall explicitly assign responsibility for the encryption key management that should be used to protect this data. If keys are transmitted over communication lines, they shall be sent in encrypted form. The exchange of keys should employ encryption using a stronger algorithm than is used to encrypt data protected by the keys.
- Encryption keys that are compromised (e.g., lost or stolen) shall be reported immediately to the Office of Information Security (email@example.com), the key manager, and the information owner of the data being protected. The key shall be revoked or destroyed and a new key generated. Key re-assignments shall require re-encryption of the data.
- Certificate Authorities
- Encryption keys that are generated by a university production certificate authority (CA) and used to control access to the CA server or used by the CA to perform functions shall be stored on Hardware Security Modules (HSM).
- All HSMs used within the university shall adhere to recognized standards (e.g., FIPS 140-3).
- University CAs must be designed such that all CA administrator functions are accounted for in detail. Ideally, no single administrator shall obtain full access to the CA encryption keys (e.g., separation of duties, dual control, etc.)
- University CAs within the university must adhere to a respective encryption key management plan and create a documented Certificate Practice Statement (CPS).
- Legal Requirements
The encryption systems used by the university must comply with applicable laws and regulations. Any export or import of encryption products (e.g., source code, software, or technology) must comply with the applicable laws and regulations of the countries involved, including those countries represented by foreign nationals affiliated with the university. The United States Department of Commerce provides additional guidance specific to such encryption export controls, http://www.bis.doc.gov/encryption/.
- Office of Information Security Responsibilities
- Development and maintenance of the university Data Encryption Guidelines.
- Assess the secure installation and maintenance of all equipment supporting encryption controls at the university.
- Assess the performance and security monitoring for all elements of the encryption control processes.
- Assess all related key management processes.
- The Office of Information Security, acting on behalf of the university, reserves the right to refuse any encryption request that may compromise the security of the university’s networks or sensitive data.
- Key Manager Responsibilities
- Adherence to the university Data Encryption Guidelines and related policies established by the university.
- Ensure secure installation and maintenance of all respective equipment supporting encryption controls.
- Ensure performance and security monitoring for all respective elements of the encryption control process.
- Ensure all related key management processes can be accounted for in detail and, if possible, that no single key management supporting staff member can individually obtain full access to master keys or CA encryption keys (e.g., separation of duties, dual control, etc).
- Undergo a background check and complete the Position of Special Trust form.
- User Responsibilities
- All users shall adhere to the university’s Data Encryption Guidelines and related policies established by the university.
- All users shall be familiar with the university’s Minimum Security Standards for Data Stewardship.
- All users shall acknowledge a key escrow agreement, which will identify the required escrow of the subscriber’s private key. This requirement will be established for the benefit of the user, the university, and to comply with state and federal law.
- All users must manage the storage and transmission of data files in a manner which safeguards and protects the confidentiality, integrity, and availability of such files.
- Questions about the classification of a specific piece of data should be addressed to the local supervisor or respective IT Owner. Questions about these guidelines should be addressed to the Office of Information Security.
Information Resources Use and Security Policy
Data Classification Standard
Minimum Security Standards for Systems
Minimum Security Standards for Data Stewardship
NIST Special Publication 800-57:
Recommendation for Key Management, Part 1 and Recommendation for Key Management, Part 2
Portions adapted from "University of Pittsburgh: Security Guidelines for Encryption," http://technology.pitt.edu/documentation/Security_Guidelines/Encryption_Guideline-vs-2.0.pdf, with permission from the University of Pittsburgh, Pittsburgh, Pennsylvania 15260-3332. No longer available online.
Portions adapted from Encryption at the University of California: Overview and Recommendations, with permission from the University of California Office of the President, Oakland, California 94607-5200.
APPENDIX A: Application of Encryption for Data Transmission
- File Transfers
Encryption of Category A file transfers can be achieved via the use of an encrypted transmission protocol or network service (e.g., scp, sftp, etc) or by transferring an Category A file that has been encrypted prior to the transmission.
Category A content transmitted in e-mail messages shall be encrypted prior to the transmission, presented via a secure web application, or encrypted in a secure message format, given e-mail is exposed to the possibility of unauthorized access at a number of points throughout the delivery process.
- Interactive Sessions
Encryption of Category A data, including login passwords, transmitted during remote login sessions (e.g., Telnet, TN3270, and remote control software for PCs) shall be provided through the use of secure applications or protocols.
- Web-Based Applications
Encryption of Category A data communicated between a user's browser and a web-based application shall be provided through the use of secure protocols (e.g., HTTPS, TLS/SSL, etc.) The display of Category A data shall be limited to only what is required by the user’s authorized use of the application.
- Network Printer Communications
Encryption of Category A data that is output to a printer connected to a network shall be provided through the use of secure printing applications (e.g., JetDirect) or protocols (e.g., IPP) to prevent unauthorized network interception.
- Remote File Services
Encryption of Category A data transmitted by remote files services shall be provided through the use of encrypted transmission protocols (e.g., IPSec, ISAKMP/IKE, SSL/TLS) to prevent unauthorized interception.
- Database Access
Encryption of Category A data transmitted between an application server and a database shall be implemented to prevent unauthorized interception. Such encryption capabilities are generally provided as part of, or an option to, the database server software.
- Application-to-Application Communications
Encryption of Category A data transmitted between cooperating applications shall be provided through the use of commonly available encrypted protocols (e.g., SOAP with HTTPS) to prevent unauthorized interception.
- Virtual Private Network (VPN)
A VPN connection offers an additional option to protecting Category A data transmitted via the network when other alternatives are not feasible. The use of VPNs should be carefully considered so that all security and networking issues are understood. ITS-Telecommunications and Networking staff should be consulted prior to any VPN implementations.
APPENDIX B: Applications of Encryption for Data Storage
- Whole Disk Encryption
Encryption of Category A data stored on portable computing devices (e.g., PDAs, tablet PCs, laptops, and smart phones), as well as storage media, (e.g., CDs, DVDs, and USB drives) shall be provided through the use of a whole disk encryption tool or one that can at least be configured to encrypt all Category I data.
- File Encryption
Encryption of Category A data shall be provided to facilitate the secure transport of individual files over a network without transmission encryption or to off-line storage devices (e.g., CDs, DVDs, or USB drives.)
- Database Storage
Encryption of Category A data contained in a database server shall be provided through the use of whole disk encryption or through features native to the database server software. Encryption capabilities native to database server software may allow for encryption of specific tables or columns of a database and may also be required to segregate access rights among multiple applications that utilize a single database server.
- IT Owners and IT Custodians should understand that database server encryption does not imply that data in the database server is encrypted when transmitted over a network. In general, the database server decrypts data before it is transmitted, therefore encryption for data transmission shall also be implemented for database servers processing Category I data.
- IT Owners and IT Custodians should consider a number of factors when making decisions on database server encryption (e.g., data classification, need for confidentiality, number of associated applications, system administration, performance, cost, and backup requirements.)
- Backup and Archiving
Encryption of Category A data contained in backups and/or archives copies shall be provided to prevent unauthorized access.
APPENDIX C: Examples of Potential Mitigating Factors
- Firewall Restricting Capabilities
- Detailed Audit Logging
- Detailed Process Logging
- Intrusion Detection Capabilities
- Intrusion Prevention Capabilities
- Integrity Checking Capabilities
- Separation of Sensitive Duties
- Physical Security Capabilities
APPENDIX D: Symmetric Algorithms
- AES (128, 192, or 256 bit)
- RC6 (256 bit)
- Blowfish (128 or 448 bit)
- Triple DES (112 or 168 bit)
- RC5 (128 bit only)
- SAFER (128 bit)
APPENDIX E: Public Key Asymmetric Algorithms
- RSA (minimum 1024 bit)
- ECC (minimum 384 bit)
APPENDIX F: Digital Signature Algorithms
- RSA (minimum 1024 bit) with SHA-1
- DSA (minimum 1024 bit) with SHA-1
- ECDSA (minimum 384 bit) with SHA-1
APPENDIX G: Industry Standards For Symmetric Key Generation
- FIPS 186-2
- ANSI X9.31
- ANSI X9.62
- ANSI X9.82