Which information security objective(s) could be put at risk if the alternative safeguards recommended by the FGDC guidelines are applied? Explain how the objective(s) is put at risk by the mitigation(s).
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
If we are operating on FIPP’s objectives of Confidentiality, Integrity, and Availability, the FGDC could assist as well as hinder security objectives, particularly availability. Availability of data to clients, users, automated systems, employees etc. is a critical function of any organization. The FGDC guidelines regarding this specify that one would have to evaluate the level of modification and restriction placed on the data and resources targeted. While this may secure the data confidentiality and integrity, it can cause an issue for ease of access and privileges for users , as restricting access or elevating required user access can cause issues relating to standard employee workflow and goals. These trade offs can be seen in other areas of FGDC guidelines as well. Modifying restrictions and safeguards to allow for more availability could easily increase the risk to confidentiality if a user was to become compromised, placing the organization at risk from the other way around. With this in mind, it seems clear that the FIPS categories must be well balanced when regarding the application and extent of FGDC in an organization’s security apparatus
The FGDC guidelines recommend two protection measures, changing data and restricting data. Geospatial data isn’t usually changed in the sense that the building moves or even it’s layout, however the risk can be moved to another location. Although, it is possible to tamper with the data, one might think this is rare. Changing the data can lead to the wrong target, What else ccan be considered, getting lost wasting time, etc.
Restricting the sensitive data is part of role-based access controls. What can your role or someone else at your organization see or do with the data. You can redact or mask data when the data is sensitive or just limit as to who has access.
Marc, I agree with your analysis of this. I like your take on how the risk can be moved to another location. I see your point about redacting sensitive data but don’t you think this also affects the integrity of the data?
The FGDC guideline states that alternative safeguards recommended are to change the data and restrict the availability of the data. This would be applicable for geospatial data that is relevant to for example military operations. This data would need to be changed or modified in order to not reveal locations of specific military facilities that need to stay hidden from the general public.
This is a direct contradiction to the integrity of the data because the data has been modified and is no longer accurate and in it’s original form. It would also need to be ensured that the availability of data is as expected for people who are authorized to access this data.
This will also have a high impact on the confidentiality security objective, because this information is considered highly sensitive to the point where it had to be modified. However, considerations for the modified data with respect to confidentiality might have a low security impact.
Hey Unnati, you’ve raised an important point regarding the potential conflict between security objectives when handling geospatial data, particularly in cases where national security or military operations are involved. The guideline’s recommendation are great at maintaining security and national interests however as you pointed out it leads to challenges with integrity and availability. In every situation in regards to security there is almost always a tradeoff with convenience. Ultimately finding that right balance of security and compromising CIA is a complex job that requires multiple viewpoints and series of review.
Hey Unnati,
I like your acknowledgement about alternative safeguards. It’s essential to acknowledge that recommended alternative safeguard does not mean that an organization isn’t able to make modifiers to tailor to their needs. We should always remember that every organizational practice is different and not every security measure will always apply.
Great post Singla. “However, considerations for the modified data with respect to confidentiality might have a low security impact.” I believe it could be high impact depending on the nature of the data modified.
The alternative measures suggested by the FGDC guidelines would jeopardize the “availability” and “Integrity” security objective of the FIPS security objects of Confidentiality, Integrity, and Availability. The FDGC’s step “8” inquires as to whether modifying any sensitive information in the geographical data would reduce the security risk. If this decision is made in a silo or without input from the appropriate people/departments, or the proper steps are taken to preserve the geospatial data. The authenticity of the geographical data may be impacted by modifying it, or data may be lost during the modification. As a result, the “availability” security objective may rise as the original data may not be easily accessible and “Integrity” security objective may rise in some circumstances because of data changes.
If we were to embrace alternative safeguards recommended by the FGDC: Changing the Data and Restricting the data, We’d face risks for every objective, if we were to restrict the data we could face both a risk to availability as well as a risk to confidentiality for example by adding security layers we’d end up having a harder time reaching the information resulting in a loss of availability for all its users. Additionally such restrictions placed could be set improperly or too permissibly and permission/access to the wrong or additional data could be given to the wrong parties which is obviously a risk to confidentiality. If we were to change the data we could face integrity risk as the data set could be harder to maintain as the data would be attempted to be continually updated or edited by legitimate users but changing the data would hinder this objective and prevent latest information from being displayed leading to a loss of integrity in the data system.
I agree with your analysis. I would suggest the controls need to be put in place around the access would solve the problem, while helping to maintain the integrity of the data and the security around it.
Your analysis is insightful, however it isn’t always the latest data. I would suggest we put controls in place to in order to allow who and who couldn’t make the updates, such as a RBAC.
Since the FGDC guideline recommends altering or restricting data availability, it places the security objectives of availability and integrity as risk. Availability is affected because data may become inaccessible due to the restrictions put in place. As for data integrity, alterations can reduce its reliability and trustworthiness.
However, organizations have the flexibility to determine the extent of these safeguards. This means that data remains available to some degree as it is partially accessible to authorized individuals. As for data integrity, despite data being modified, changes can be tracked by maintaining a change log to ensure that the information provided has proper consistency and accuracy to the original. Although alternative safeguards can be implemented and certain security objectives are put at risk, the risk can be mitigated through proactive actions.
Two of the three information security objectives (Integrity and Availability) can be put at risk. If a data is restricted, it means it is confidential, but it won’t be available for everyone’s consumption. For example, if a company makes a policy restricting VPN access to only the employees with work phone; the VPN of the company won’t be available to the employees without a work phone. Also, the integrity of data would be questioned if the sensitive part of the data has been edited.
Akintunde,
The company would have to assess whether maintaining the Confidentiality of the data by restricting the VPN to only employees with a work phone outweighs Availability (and the potential security) concerns that could lead to network exposure and security breaches if the company were to provide VPN access to employees without work phones. I think all mobiles devices present a security risk.
Hello Akinmusire,
I appreciate your comment. I agree that confidential information security control can have an impact on at least one security objective. It is important to note that the employees are the ones responsible for implementing this category and should be aware of its consequences.
FGDC advises certain mitigation tactics that could present a security concern to information objectives itself. For example, FGDC advises that
a. If it is your decision to apply the safeguards, document your use of the FGDC guidelines which includes identification of the geospatial data and potential security concerns, and actions taken. This could get compromised putting confidentiality and maybe integrity at risk
b. Also, authorization of implementing safeguards could be placed in the wrong hands which could impact confidentiality and integrity if data is changed and availability if the authorized person(s) decides to restrict the data (and this information is unique to the organization).
3. Which information security objective(s) could be put at risk if the alternative safeguards recommended by the FGDC guidelines are applied? Explain how the objective(s) is put at risk by the mitigation(s).
Already pointed out in question #2 you either restrict the data which establishes restrictions commensurate with assessed risk, on access to, use of, or redistribution of the data. The second is to change the data which means to remove or modify the sensitive information and then make the changed data available without further safeguards. The information security objective could be put at risk if the restriction is too harsh, which means you may not be able to access, see, read etc. the data limiting your ability to mitigate the risk. If you change the data confidentiality could be at risk or may not be able to be completed unless we are assuming that said person has access to such sensitive data.
Implementing alternative safeguards from FGDC guidelines could impact all three security objectives: Confidentiality, Integrity, and Availability. Availability may be delayed by time-consuming redaction and approval processes, potentially conflicting with FIPS 199’s criteria for timely access. Integrity is at risk if redaction alters data to render it ineffective for its intended use. Lastly, human error in executing these safeguards could inadvertently compromise Confidentiality by leaking sensitive information.
I agree with you that implementing the safeguards from FGDC can impact the three security objectives. The example you used regarding human error explained it all. The severity of the error can render data useless and unusable.
All three security objectives – confidentiality, integrity, and availability – can be compromised if alternative safeguards are implemented. Confidentiality aims to protect authorized restrictions on information access and prevent unauthorized disclosure. Integrity involves guarding against improper information modification or destruction. Availability ensures timely and reliable information access. Human errors, such as unintentional disclosure, data destruction, or software damage by employees, can pose risks to all three objectives, highlighting their vulnerability to human nature.
The FGDC guidelines propose alternative safeguards to fortify information security, but it is essential to consider the potential risks they might pose to the security objectives. Such risks could jeopardize the confidentiality, integrity, and availability of the information. For instance, if the recommended mitigation measures are not implemented effectively, the confidentiality of sensitive data could be compromised by unauthorized access or leakage. Similarly, the integrity of the information could be at risk due to incomplete or inaccurate transmission, storage, or processing of data. Moreover, the availability objective could be undermined if the alternative safeguards result in excessive restrictions or cumbersome processes that hinder timely access to information. Thus, a thorough evaluation of the proposed safeguards should be conducted to ensure they do not inadvertently compromise the crucial security objectives of information confidentiality, integrity, and availability.
The possible impact on the objectives of information security should the Federal Geographic Data Committee’s (FGDC) suggested alternative protocols be employed, brings forth key considerations. To comprehend the potential hazard, we must analyze the objectives at stake perpetuated by proposed mitigation tactics.
Information security fundamentally rests upon confidentiality, integrity and availability; and the adoption of alternate safeguards might imperil these essential tenets. Confidentiality ensures that information is accessed solely by authorized entities. Hence, if the FGDC’s alternative measures weaken the protection shield, unauthorized access could be a looming threat. Similarly, integrity assures the data’s accuracy and consistency. Any measures compromising system robustness could raise significant integrity concerns. Last but not least, the availability of data, reflecting the timely access to information, could be compromised if the proposed safety nets do not carry robust contingency or disaster management provisions.
In essence, analyzing the potential influence of the FGDC’s recommended safeguards on these pivotal objectives becomes imperative. As such, it provides an incisive lens through which to assess whether these recommended alternatives bolster or undermine vital information security objectives.
The FGDC guideline recommended alternative safeguards in place to protect certain types of data. This can have an impact data integrity as well as data availability. Some would see this as an inconvenience as this may compromise the data integrity. Others may see the extra security layer a hindrance to business processes while others have come to appreciate the measures taken to secure the data.
I agree Erskine, FIPS 199 provides a strong foundation for evaluating security risks, while the CIA triad helps prioritize threats and vulnerabilities. The FGDC guidelines complement these with a practical approach for continuous security assessment during data mining. Combining these frameworks ensures comprehensive data security by addressing both high-level standards and specific implementation details.