How visible is your data? Security is an issue
The need to secure commercial and personal data on your mobile computing devices is growing and encryption isn’t the entire answer. Torbjorn Gudinge, from Eurotempest, looks at how to protect your data when its visible and being worked on.
How visible is your data? Security is an issue
How visible is your data? Security is an issue
How many people could be reading this blog, on your device, at the same time as you? Maybe someone could be looking over your shoulder if you are sitting in an open plan office or scrolling down on your laptop or smartphone while on the commute…but not many people right? Wrong! Data security on any computing device is an issue.
We are all familiar with the tricky espionage techniques we see in the Hollywood movies and how encryption can protect our data when it’s stored. But what about when that information is being read or worked on? Did you know that your PC, laptop, smartphone – and pretty much any other electrical device – could be leaking your data to anyone who knows how to pick it up?
Once unencrypted and visible on our screens, information on these devices is being emitted via leaking electrical transmissions/radio waves. Much like tuning in an old television set, if the listener has the right technology to hand they can tune in live to see what you see or record those emissions to review later. It is estimated that in the typical PC set-up - with a keyboard, monitor, mouse and a printer - there are around 80 vulnerabilities that could be exploited to view data. Vulnerable areas include elements such as the CPU, monitor, graphics card, power line, and network connections like USB ports.
Of course, the military, government departments and international organisations such as NATO are very aware of this threat and use a set of specifications called TEMPEST, originally created by the US National Security Agency (NSA), to protect their devices. I would love to be able to tell you that TEMPEST stands for “Tiny Electro Magnetic Particles Emitting Secret Things” – I’ve always thought it would be the perfect acronym, ever since I heard it for the first time many years ago - but it doesn’t.
However, this type of protection is now increasingly being used on a much wider basis. For example, in the public sector and in corporations to protect sensitive commercial information, such as bid information for large contracts, or personal information, such as private health data.
The good news is that any electrical device can be modified to protect against this type of threat. The TEMPEST level of protection required, depends on the proximity of the threat.
If the attackers could have immediate access, say in the next office or hotel room, then the highest level of protection (Level A) is required. If they could be some 20 metres away, in the building or in the car park outside, then Level B protection is required and if access could be within 100 metres then Level C protection will suffice.
As you would expect, the specifics about how to protect the devices are not divulged but certain components and levels of shielding are used to negate the threat and devices are certified in secure testing facilities.
Our institutions handling Top Secret data will no doubt continue to use Tempest and other techniques to encrypt data but in the future we see the biggest increase in requests for Tempest protected devices coming from the public sector and big business. As we increasingly digitise, personal data and commercially sensitive information has moved out of locked cabinets and onto mobile devices.
At my company, Eurotempest, we have certified expert testers and state-of-the-art laboratories in the Netherlands and Sweden to modify or enhance off-the-shelf IT products and networking solutions to meet these TEMPEST standards.
Some of the TEMPEST-Certified devices we regular provide are Panasonic TOUGHBOOK rugged notebooks and tablets. Historically our everyday customers have been defence and government agencies but I suspect that in the future, TEMPEST-Certified will be a phrase much more familiar to more mobile workers.
Find out more about Tempest certified rugged TOUGHBOOK
Read more insights…
blog
Navigating Together Towards a Brighter Future: Our Commitment to Recognition2024
As businesses embark on a new financial year, now is a great time to reflect on the resilience and innovation that European organisations have shown over the past 12 months - in the face of unparalleled challenges - and to move forward with optimism.
blog
Why Endurance is Critical for Policing Mobile Technology
Police IT systems and mobile devices need to keep up with the demands of modern policing. Advances in mobile, cloud, AI, and analytics give police procurement departments the unenviable task of deciding what technology the Force needs to invest in now and in the future.
blog
Is your data safe? It can be stolen without you even noticing it!
We all know about hackers intercepting computers, phones and other smart devices through the Internet or apps. However, have you heard about a way to eavesdrop all your communications as well as your computer or printer without you knowing it and without leaving any trace on your device?
Case Study
Axira's Resilient Journey with Panasonic TOUGHBOOK: A Testament to Innovation and Trust
We're diving into a remarkable story that epitomizes resilience, innovation, and unwavering trust – the journey of Axira with our beloved TOUGHBOOK tablets. Buckle up because this one's a real game-changer!
Sorry there was an error...
The files you selected could not be downloaded as they do not exist.
You selected items.
Continue to select additional items or download selected items together as a zip file.
You selected 1 item.
Continue to select additional items or download the selected item directly.
Share page
Share this link via:
Twitter
LinkedIn
Xing
Facebook
Or copy link: