Created by: Benjamin Chambers
November 14, 2016
November 14, 2016
Privacy - It's not just a feature
About 9 months ago, we started to conceptualise a new cybersecurity and network traffic service - what has today been launched in beta as Netify.
From the outset, we realised that in order to provide meaningful data to our customers, it would require storing confidential customer information. True, lots of companies know quite a bit about traffic on your network - network administrators, Internet Service Providers, DNS provider, Google - and I suppose you'd have to include the potential for government agencies like the NSA in that list as well. Sad, but true.
While these companies or organisations may know something about the traffic originating from your network, they aren't typically in the business of displaying this information back to you - unless it's being presented as evidence, in which case, you have a whole other set of problems to deal with.
Netify seeks to do exactly this - give you clear visibility into what's happening on your network. In our early development conversations, we termed the idea of seeing what's on your network - and questioning who else might be able to as well, as "the creep factor".
We knew we needed a way to mitigate the creep factor if customers were to feel comfortable bringing Netify into their infrastructure.
We love the concept of 'zero knowledge'. The team at SpiderOak (a cloud-based, backup SAAS comany) eloquently describe its importance in their products. In fact, before SpiderOak came along, we asked Darryl to develop a similar offsite-backup solution for a Linux distribution, now marketed as ClearOS. We are no strangers to privacy requirements or encryption best-practices. But Netify is somewhat different from backups. In order to role out compelling features like real-time alerts, malware detection, executive reports and active firewall control, we need to analyse the data coming in. To analyze data, you need to be able to read it.
Given these design requirements, our task - as it related to privacy - could be broken down into two parts.
- The association between a user's account (eg. our CRM database) and any of the flow data coming from Netify site feeders must require a private key that only the user had access to.
- Any metadata our users provided that could potentially reveal their identify or account must not be readable by anyone but themselves. Zero-knowledge.
To accomplish the first task, we placed network flow data and customer CRM data in two disparate containers. The relationship between a user account and the data from an active Netify site feeder requires a key known only to the account holder. This key is never transmitted to either Netify server node (Netify API or the Netify portal). Without the key, it's impossible to associate network traffic data to an Netify account.
To accomplish the second part, we couldn't encrypt the flow data, however, we could encrypt the metadata users of Netify provided to use the service. For example, getting an alert that a device with a MAC address of 00:13:2v:02:89:bf is pretty useless, however, associating that MAC with a user like "Ben", belonging to a group "Development team" using a device like "Fujitsu S710 Laptop" is useful. We multi-purposed the private key described above to encrypt all metadata provided by users so that their privacy and identity could not be compromised.
Privacy is not a feature...nor is is something that can be bolted on as an afterthought. As a team, we're very proud of the efforts placed on privacy, security and identity protection and the outcome that those efforts have resulted in.
Data encryption really is a case of "win-win", both for the customer and vendor. We hope eGloo customers feel comfortable using a service like Netify and benefit from the transparency it provides. As a vendor, we'll sleep better knowing that no one (not even in the event of a data breach that seems all too commonplace these days) could associate an individual or organisation to the data flow analysis Netify provides.
If you have any questions, our team is here to answer them without drowning you in marketing drivel or technical jargon. Privacy, security and data integrity is, after all, not just a feature!