How visible is your data? Security is an issue
The need to secure commercial and personal data on your mobile computing devices is growing and encryption isn’t the entire answer. Torbjorn Gudinge, from Eurotempest, looks at how to protect your data when its visible and being worked on.
Written by Torbjorn Gudinge
Managing Director for Eurotempest Secure Systems AB.
How many people could be reading this blog, on your device, at the same time as you? Maybe someone could be looking over your shoulder if you are sitting in an open plan office or scrolling down on your laptop or smartphone while on the commute…but not many people right? Wrong! Data security on any computing device is an issue.
We are all familiar with the tricky espionage techniques we see in the Hollywood movies and how encryption can protect our data when it’s stored. But what about when that information is being read or worked on? Did you know that your PC, laptop, smartphone – and pretty much any other electrical device – could be leaking your data to anyone who knows how to pick it up?
Once unencrypted and visible on our screens, information on these devices is being emitted via leaking electrical transmissions/radio waves. Much like tuning in an old television set, if the listener has the right technology to hand they can tune in live to see what you see or record those emissions to review later. It is estimated that in the typical PC set-up - with a keyboard, monitor, mouse and a printer - there are around 80 vulnerabilities that could be exploited to view data. Vulnerable areas include elements such as the CPU, monitor, graphics card, power line, and network connections like USB ports.
Of course, the military, government departments and international organisations such as NATO are very aware of this threat and use a set of specifications called TEMPEST, originally created by the US National Security Agency (NSA), to protect their devices. I would love to be able to tell you that TEMPEST stands for “Tiny Electro Magnetic Particles Emitting Secret Things” – I’ve always thought it would be the perfect acronym, ever since I heard it for the first time many years ago - but it doesn’t.
However, this type of protection is now increasingly being used on a much wider basis. For example, in the public sector and in corporations to protect sensitive commercial information, such as bid information for large contracts, or personal information, such as private health data.
The good news is that any electrical device can be modified to protect against this type of threat. The TEMPEST level of protection required, depends on the proximity of the threat.
If the attackers could have immediate access, say in the next office or hotel room, then the highest level of protection (Level A) is required. If they could be some 20 metres away, in the building or in the car park outside, then Level B protection is required and if access could be within 100 metres then Level C protection will suffice.
As you would expect, the specifics about how to protect the devices are not divulged but certain components and levels of shielding are used to negate the threat and devices are certified in secure testing facilities.
Our institutions handling Top Secret data will no doubt continue to use Tempest and other techniques to encrypt data but in the future we see the biggest increase in requests for Tempest protected devices coming from the public sector and big business. As we increasingly digitise, personal data and commercially sensitive information has moved out of locked cabinets and onto mobile devices.
At my company, Eurotempest, we have certified expert testers and state-of-the-art laboratories in the Netherlands and Sweden to modify or enhance off-the-shelf IT products and networking solutions to meet these TEMPEST standards.
Some of the TEMPEST-Certified devices we regular provide are Panasonic TOUGHBOOK rugged notebooks and tablets. Historically our everyday customers have been defence and government agencies but I suspect that in the future, TEMPEST-Certified will be a phrase much more familiar to more mobile workers.
Find out more about Tempest certified rugged TOUGHBOOK
Read more insights…
article
PANASONIC GETS TOUGH WITH AVIATION SERVICE & MAINTENANCE AT MRO EUROPE 2024
The full range of Panasonic TOUGHBOOK devices and private 5G network capabilities will be on-show at Aviation Week’s annual event.
blog
Revolutionise Rugged Mobile Computing with the latest AI-enabled TOUGHBOOK G2
The new TOUGHBOOK G2mk3 offers everything the modern mobile workers needs from a rugged computing device – including advanced edge-AI technology that vastly increases accuracy and efficiency, regardless of the industry.
Case Study
World-first hydrogen-powered traverse of the North Sea with TOUGHBOOK
Historic journey highlights the urgent need for the maritime sector to adopt clean, sustainable fuels.
blog
62 million tonnes of electronic waste in a year: Companies hold the key to solving enormous environmental issue
Most companies replace computers, tablets and phones after fixed cycles, despite the fact that the products in many cases have a significantly longer lifespan.
Sorry there was an error...
The files you selected could not be downloaded as they do not exist.
You selected items.
Continue to select additional items or download selected items together as a zip file.
You selected 1 item.
Continue to select additional items or download the selected item directly.
Share page
Share this link via:
Twitter
LinkedIn
Xing
Facebook
Or copy link: