How visible is your data? Security is an issue
The need to secure commercial and personal data on your mobile computing devices is growing and encryption isn’t the entire answer. Torbjorn Gudinge, from Eurotempest, looks at how to protect your data when its visible and being worked on.
Written by Torbjorn Gudinge
Managing Director for Eurotempest Secure Systems AB.
How many people could be reading this blog, on your device, at the same time as you? Maybe someone could be looking over your shoulder if you are sitting in an open plan office or scrolling down on your laptop or smartphone while on the commute…but not many people right? Wrong! Data security on any computing device is an issue.
We are all familiar with the tricky espionage techniques we see in the Hollywood movies and how encryption can protect our data when it’s stored. But what about when that information is being read or worked on? Did you know that your PC, laptop, smartphone – and pretty much any other electrical device – could be leaking your data to anyone who knows how to pick it up?
Once unencrypted and visible on our screens, information on these devices is being emitted via leaking electrical transmissions/radio waves. Much like tuning in an old television set, if the listener has the right technology to hand they can tune in live to see what you see or record those emissions to review later. It is estimated that in the typical PC set-up - with a keyboard, monitor, mouse and a printer - there are around 80 vulnerabilities that could be exploited to view data. Vulnerable areas include elements such as the CPU, monitor, graphics card, power line, and network connections like USB ports.
Of course, the military, government departments and international organisations such as NATO are very aware of this threat and use a set of specifications called TEMPEST, originally created by the US National Security Agency (NSA), to protect their devices. I would love to be able to tell you that TEMPEST stands for “Tiny Electro Magnetic Particles Emitting Secret Things” – I’ve always thought it would be the perfect acronym, ever since I heard it for the first time many years ago - but it doesn’t.
However, this type of protection is now increasingly being used on a much wider basis. For example, in the public sector and in corporations to protect sensitive commercial information, such as bid information for large contracts, or personal information, such as private health data.
The good news is that any electrical device can be modified to protect against this type of threat. The TEMPEST level of protection required, depends on the proximity of the threat.
If the attackers could have immediate access, say in the next office or hotel room, then the highest level of protection (Level A) is required. If they could be some 20 metres away, in the building or in the car park outside, then Level B protection is required and if access could be within 100 metres then Level C protection will suffice.
As you would expect, the specifics about how to protect the devices are not divulged but certain components and levels of shielding are used to negate the threat and devices are certified in secure testing facilities.
Our institutions handling Top Secret data will no doubt continue to use Tempest and other techniques to encrypt data but in the future we see the biggest increase in requests for Tempest protected devices coming from the public sector and big business. As we increasingly digitise, personal data and commercially sensitive information has moved out of locked cabinets and onto mobile devices.
At my company, Eurotempest, we have certified expert testers and state-of-the-art laboratories in the Netherlands and Sweden to modify or enhance off-the-shelf IT products and networking solutions to meet these TEMPEST standards.
Some of the TEMPEST-Certified devices we regular provide are Panasonic TOUGHBOOK rugged notebooks and tablets. Historically our everyday customers have been defence and government agencies but I suspect that in the future, TEMPEST-Certified will be a phrase much more familiar to more mobile workers.
Find out more about Tempest certified rugged TOUGHBOOK
Read more insights…
article
PANASONIC CONNECT CERTIFIES TOUGHBOOK DEVICES WITH RED HAT ENTERPRISE LINUX FOR ENHANCED FLEXIBILITY AND SECURITY
New certification accelerates innovation at the edge for mission-critical workers.
blog
AI and Customisation Top-of-Mind for TOUGHBOOK at 2024 Emergency Services Show
As the UK’s leading blue-light forum, the Emergency Services Show exceeded expectations once again for Panasonic TOUGHBOOK, giving it unrivalled access to the full spectrum of blue-light decision makers over two busy days in Birmingham.
blog
TOUGHBOOK and Azumuta Improve Operational Efficiency within Manufacturing
Azumuta’s connected workforce platform in conjunction with Panasonic’s rugged TOUGHBOOK devices provide the manufacturing sector with a powerful, robust solution that enhances productivity, product quality, and workforce management.
blog
Panasonic Powering Digitisation in Utilities
TOUGHBOOK rugged devices are just one of many interconnected Panasonic technologies, showcased at Enlit Europe 2024, that are helping mobile workers to realise value from the surge of big data that is accompanying the digitisation of utilities.
Sorry there was an error...
The files you selected could not be downloaded as they do not exist.
You selected items.
Continue to select additional items or download selected items together as a zip file.
You selected 1 item.
Continue to select additional items or download the selected item directly.
Share page
Share this link via:
Twitter
LinkedIn
Xing
Facebook
Or copy link: