Академический Документы
Профессиональный Документы
Культура Документы
Guidelinesonuseofencryptiontoprotectpersonidentifiable andsensitiveinformation
1. Introduction DavidNicholson,NHSChiefExecutive,hasdirectedthatthereshouldbeno transfersofunencryptedpersonidentifiabledataheldinelectronicformat acrosstheNHS.Thisisthedefaultpositiontoensurethatpatientandstaff personaldataareprotected.AnydatastoredonaPCorotherremovable deviceinanonsecureareaoronaportabledevicesuchasalaptop,PDAor mobilephoneshouldalsobeencrypted.Thisisalsonowarequirement acrossallpublicsectororganisationssetbytheCabinetSecretary. ItisrecognisedhoweverthatthismaytakesometimetoachieveintheNHS wherepatientcareisourhighestpriority.NHSbodieswillneedtomakea localjudgementonthebalanceofrisktopatientcareagainstrisktopersonal datasecurityindeterminingwhetheruseofunencrypteddevicesshould continueasaninterimmeasure.Whereitisfeltthatcontinuedrelianceupon unencrypteddataisnecessaryforthebenefitofpatients,theoutcomeofthe riskassessmentmustbereportedtotheorganisationsBoard,sothatthe Boardisappropriatelyaccountableforthedecisiontoacceptdatavulnerability ortocurtailworkingpracticesintheinterestsofdatasecurity.
2. Dataencryptionapplications NHSConnectingforHealthisalreadyimplementingarobustNHSinformation governancearchitecturethatcontainsstronginbuiltencryptionfunctionality forthosecoreservicesitprovides.Securityservicesimplementedwithinthis architectureprotecttheflowsofpatientinformationbetweencomponentparts ofconnectednationalandlocalapplications,andautomaticallyencrypt transmissionofemailedinformationcommunicatedthroughtheNHSmail servicebetweenNHSmailendpoints.Toolsarealsoprovidedwithin applicationsprovidedbyNHSCFHforencryptingremovablemediaas explainedatAnnexA. ForthoseothersystemsunderlocalNHSorganisationcontrol,thereisa requirementthattheownersofthosesystemsshouldconsider,selectand whererelevantimplementsimilarsecurityprotectionsthatcomplywith expectedNHSInformationGovernancepolicy,standardsandlegal 1 requirements . GuidanceonpotentialencryptiontoolsisprovidedatAnnexB.
NHSInformationGovernance
NHSorganisationsshouldadoptastructuredapproachtotheidentification, implementationandmanagementoftheirlocaldataencryptionneeds.This willnormallycomprisefivestages: Performriskassessmentandidentifyoutlinedataencryptionneeds Developalocaldataencryptionpolicy Establishlocalrolesandresponsibilities Definehowdataencryptionwilloperatewithinthelocalinfrastructure andwithbusinesspartnersincludingbusinessimpactanalysis Implementandmonitordeployedsolutioneffectiveness. AnencryptionrequirementscontrolformisprovidedatAnnexCto supplementthisguidanceandwillbehelpfulinlocallydevelopingthese stages. 3.NHSInformationGovernancedataencryptionstandards ForthosesystemsunderlocalNHScontrol,theElectronicGovernment InterfaceFramework(Egif)TechnicalStandardsCatalogueversion6.2 identifiescurrenttechnicalsecuritystandards,includingthosefordata encryptionthatshouldbeapplied.Thiscatalogueisavailabletodownloadat http://www.govtalk.gov.uk/schemasstandards/egif_document.asp?docnum=95 7 Inbriefsummary,theNHSIGdataencryptionalgorithmscurrentlyapplicable are: 3DES(168bit) AES256 Blowfish
Thesealgorithmsshouldbeusedwitharecommendedminimumkeylengthof 256bitswhereavailable.This isthestandardwearemovingtowardsand whilsttacticaldeploymentsoflessrobustencryptionareacceptablefornow thisshouldbekeptunderreviewandstrongerencryptionintroducedwhen practicable. Wheredataistobetransferredacrosstheinternetorbyremovablemediaitis recommendedthatAES256encryptionisemployed.Thisstandardisavailable whenusingapplicationssuchasPGPorWINZIPversion9.Withthese productsthedatacanbeputintoaSelfDecryptingArchive(SDA)asthe softwarethatcreatedthearchivedoesnotneedtobeinstalledonthe recipientscomputer.Thepassphraseforthearchivemustbeofan appropriatelengthandcomplexity.Toensurethesafetyofdataintransitthe passphraseshouldbecommunicatedtotherecipientseparatelyfromthe encrypteddatasothattheintendedrecipientistheonlyoneabletodecrypt thedata.
NHSInformationGovernance
AcomprehensivetechnicalgoodpracticeguidelineoverviewofApproved CryptographicAlgorithms,includingSecureSocketsLayer(SSL)and TransportLayerSecurity(TLS)hasbeenproducedbyNHSConnectingfor Healthandisavailablefordownloadat http://nww.connectingforhealth.nhs.uk/infrasec/gpg/acs.pdf NHSConnectingforHealthhascompletedthenationalprocurementofan encryptionsolutionforremovablemediaandfulldiskencryptiononbehalfof theNHS.ForallthelatestinformationrelatingtotheNHSencryptiontool initiativepleaseseetheencryptiontoolwebsite,at: http://www.connectingforhealth.nhs.uk/systemsandservices/infogov/security/e ncryptiontool
Anyfurtherqueriescanbedirectedtocfh.encryptiontool@nhs.net
NHSInformationGovernance AnnexA
CfHprovidedencryptiontechnologies
ThroughouttheNHStechnologiesareavailabletoorganisationswhichmay satisfysomerequirementsfortheencryptionofsensitivedata.Itshouldbe notedthough,thatencryptionproductsdohavesomeinherentrisksandthese shouldbefullyunderstoodbeforeimplementinganysolution.Understanding theserisksisprobablybestachievedbyconductinganappropriaterisk assessment.Thereisalsotheneedtodeterminethatthespecifiedbusiness requirementswillbemetviatheencryptionproduct.
MicrosoftOperatingSystems
MicrosoftWindowsoperatingsystemsincorporatetechnologieswhichenable administratorstoallowsectionsofthefilesystemtobeusedsuchthat documents(files)storedinthoseareasareencrypted.Theimplementationof encryptionwithintheMicrosoftOperatingSystemsuitevariesbetween versionsoftheOS,abriefoverviewisshownbelowandfurtherinformation canbefoundintheforthcomingAdviceandGuidancedocumentpreviously mentioned. EncryptingFileSystem(EFS) MicrosoftoffersatechnologyknownasEncryptingFileSystem(EFS)andthe capabilitiesofthistechnologyhaveimprovedinlaterversionsoftheOperating System.ItshouldbenotedthatwhilsttheDESXalgorithmisnot recommendedasmeetingrequiredencryptionstandards,itmaybesuitablein somecaseswhereashorttermsolutionisrequired. MicrosoftVersion Windows2000 DefaultAlgorithm DESX Notes Deployableonlyin standalone configuration Policybaseddomain integration
Bitlockerfeatures available
NHSInformationGovernance
WhotheDataRecoveryAgents(DRAs)willbe(i.e.thoseuserswho canrecoverencrypteddatawherethecertificateusedforencryption hasbeenlost,deleted,revokedorcorrupted.) WhethercertificatesforusewithEFSwillbeissuedviaacentralised(to thehostorganisation)certificateissuingauthority(preferred)or whetherselfsignedcertificateswillbeused HowcertificateswillbemanagedtoenableEFStobeusedinsucha waythateitherthekeysortheencrypteddatacanberetrievedifthey arelostorcorrupted ProvidingappropriateadviceandguidancetousersonhowtouseEFS Understandthattheinitialencryptionoflargeamountsofdatawhen firstenablingEFSonanexistingoperatingsysteminstallationmaytake sometime.
TheseconsiderationsandothersarevitaltoensurethatEFSuseismanaged andcontrolledinawaythatmeetstheorganisationsandanyregulatory/legal requirements. BitLockerDriveEncryption TheEnterprise(coveredbytheNHSMicrosoftEnterpriseAgreement)and Ultimate(thepremierconsumeredition)versionsofWindowsVistacontaina technologyknownasBitLocker.UnlikeEFSwhichonlyallowsfilesand directoriestobeencrypted,BitLockerprovidesfullvolumeencryptionakinto rd thetypeoffulldiskencryptionpreviouslyonlyprovidedby3 partyproducts. TheEnterpriseeditionofWindowsVistaisavailabletoallNHSorganisations whobuyacopyofMicrosoftWindowsVistaBusinesswithanynewhardware (orwhobuyaboxedversionofMicrosoftWindowsVistaBusinessthrougha resellerinordertoupgradeexistinghardware).BitLockerisnotavailableon MicrosoftWindowsXPorWindowsVistaBusiness.
2
NHSInformationGovernance
AswithEFS,itisnecessarytoensurethatappropriateconsiderationsare takenintoaccountbeforeusingBitLockerandthatitwillmeetthe organisationsbusinessrequirements.Somesuchconsiderationsare: BitLockerrequiresaTrustedPlatformModule(TPM)v1.2chip 3 availableonthesystemitistobeenabledon DeterminewhichsystemswithintheorganisationwilluseBitLocker (generally,thiswouldprobablybelaptopsthoughitcouldbeusedon anysystemrunningVistaEnterprisewhichholdssensitivedatawhich needstobeprotectedatrest.) TheharddiskofthecomputerrunningWindowsVistaEnterprisemust beappropriatelypartitioned AmethodofmanagingtherecoverykeyusedbyBitLockerintheevent oflossordamageofthestartupkeyneedstobeputinplace.Where willsuchkeysbesecurelystoredandhowforexample. DeterminewhetherBitLockerwillbeenabledonsystemsatfirstuseor whetheritisnecessarytoenableitonsystemsthathavealreadybeen deployed. Understandthattheremaybeasmallperformanceimpactonsystems withBitlockerenabled(althoughthisisunlikelytobenoticeableonnew hardware). Understandthatinitialencryptionofthediskcantakesometime 4 dependingonsystemperformanceandsizeofvolume
NHSInformationGovernance AnnexB
InterimEncryptionSolutionsforDataSecurity
Context
Theuseofencryptiontosecuresensitivedatawhichisstoredandtransmitted throughouttheNHSisacrucialrequirementtoensurethattheconfidentiality ofdataismaintained.Thisguidanceprovidesinformationrelatingtoanumber ofproductswhichmaybeusedasinterimmeasurestoprotectdatapriorto theprocurementofsolutionswhichmayprovidegreatermanagement capabilitiesandcontrolofdataencryption.
Guidance
Thefollowingguidanceprovidesdetailedinformationrelatingtoproducts whichcanbeobtainedreadilyontheinternet.Theseproductsinclude freewareandopensourcealternativestocommerciallyavailableproductsby theirnaturetheymaynothavetechnicalsupportavailableandshouldbeused withappropriatecare. Pleasenotethatlistingoftheseoranyproductheredoesnotconstitutea recommendationorendorsementofanyspecificvendororencryptionproduct orarecommendationtodownload,buyorinstallanyspecificproductbyNHS ConnectingforHealth. TrueCrypt(http://www.truecrypt.org/) TrueCryptprovidesencryptedcontainerfileswhichcanbemountedaslogical driveswithintheoperatingsystem.Avarietyofencryptionalgorithmsare availablewithintheproductandcreationofencryptedvolumesisextremely easy.TrueCryptcanbeusedintwowaystoprovidesecurityofdataatreston acomputerandalsotoprotectmobiledataonremovablemedia. TrueCryptdoesnotprovideanycentralisedmanagementfeaturestherefore thebackupofkeysandtheencryptvolumesthemselvesmustbemanagedby theuserorsuitablesupportfunction.Itiscriticalthatthebackupsaremadeof theTrueCryptvolumesthemselves,theheaderfilesofthevolumes,anykey filesusedandthepassphrasetoaccessthevolumeforrecoverypurposes. Guidanceisprovidedbelowtoenableuserstomakeasuitablebackupofthe headerofTrueCryptvolumesforrecoverypurposesandalsohowtoconfigure TrueCryptforremovablemedia. BackinguptheTrueCryptvolumeheader WhencreatingaTrueCryptvolumeforthefirsttime,apassphraseshouldbe chosenwhichcanbestoredwiththevolumeheaderwhichwillnotbeusedfor regularmountingofthevolume.Oncethevolumehasbeencreated,select thevolumefileandutilisetheBackupHeadertoolwithintheToolsmenu.This willcreateabackupfileofthecurrentvolumeheaderwhichshouldbeburntto CDorstoredsecurelyalongwiththepassphrasewhichwasusedtocreate thevolume.
NHSInformationGovernance
Oncetheheaderhasbeenbackedup,thevolumepassphrasemaybe changedtoavaluewhichmeetstherequirementsofthelocalpassword policy.Thevolumemaynowbemountedbysupplyingthepassphraseand selectingthedrivelettertobeassociatedwiththevolume.Oncemounted,the volumeappearssimplyasadriveletterandfilesmaybedraggedand droppedasrequired.Whennolongerrequired,thevolumecanbe dismountedandallthefileswhichhadbeensavedonthemounteddrivewill berenderedinaccessiblewithoutthepassphrase(andkeyfilesifused). UsingTrueCryptinTravellerMode TrueCryptoffersafeaturewhichwillenableuserstosecuredataonrewritable removablemediasuchasUSBmemorysticksandmemorycards.Thismode copiesonlytherequiredfilestotheUSBstickandcreatesanencrypted volumewhichcanbemountedwhentheUSBstickisinsertedintoa computer.Notehowever,AdministratorprivilegesarerequiredtorunaUSB stickinTravellermodeforthefirsttimeonamachineduetotheneedtoinstall adevicedriver. TocreateaTravellerDisk,selectTravellerDiskSetupfrom theToolsmenu withintheTrueCryptmainwindow.SelecttheappropriateUSBdeviceforthe rootfilesanddeterminewhatactionstotakewhenthedeviceisinserted.For deviceswhichwillbeusedfrequently,itisrecommendedthattheAutoMount optionisselectedandthatthepasswordisNOTcachedinmemory.Oncethe setuphascreatedtherelevantfilestheuserwillhavetocreateaTrueCrypt volumeusingthenewvolumeutilityatthelocationwhichwasspecifiedinthe Travellersetup. AswithallTrueCryptvolumes,theguidanceaboveonthebackupofa suitablefileheaderandpassphraseishighlyrecommendedtoensureaccess todataiftheworkingpassphraseislostorforgotten. GnuPrivacyGuard(http://www.gnupg.org/index.en.html) GnuPrivacyGuard(GPG)istheopensourcealternativetothecommercially availablePGPwhichprovidescomprehensiveintegrationandcentralised management.GPGprovidesthecoreencryptioncapabilitiesrequiredto encryptandsignfilesorsignemails.Thealgorithmswhichareavailablewithin thissoftwaremeetorexceedthestandardswhichhavebeenprovidedbythe 5 NHSCFHISTApprovedCryptographicAlgorithmsGoodPracticeGuideline . GPGdoesnotprovideanycentralmanagementfunctionsandshouldbe consideredasastandaloneproductwhichwillrequireadditionallocalsupport toensurethatcriticalfilesarebackedupsecurely. CryptainerLE(http://www.cypherix.co.uk/cryptainerle/index.htm) CryptainerLEisafreeversionofthecommercialCryptainersoftwarewhich offerssimilarcapabilitiestoTrueCryptalthoughthefreeversionhasalimitof
5
http://nww.connectingforhealth.nhs.uk/infrasec/gpg/acs.pdf
NHSInformationGovernance
25MBforsecurecontainers.Thisproductalsooffersencryptionofindividual filesusingtheBlowfishalgorithmandwhenutilisingthisfeature,strong passphrasesshouldbeusedtosecurethedataagainstabruteforceattack. Securingafilefordeliverybyemailoronremovablemedia CryptainerLEprovidestheabilitytoencryptindividualfilesthiscanbe accessedbyclickingontheSecureEmaillinkonthemainCryptainerLE window.Oncetherequiredfilehasbeenselected,apassphraseshouldbe enteredtosecurethefileagainstbruteforceattacks.Itisrecommendedthat anEncryptedSelfExtractorfileiscreatedwhichwillnotrequireanysoftware tobeinstalledonthedestinationmachinethismaycauseproblemswith someemailsystemswhichdonotallowexecutablefilestobetransmittedand maybebestsuitedtotransferonremovablemedia. ThereisnobackdooraccesstothefileswhicharecreatedbyCryptainerLE andthereforethesecurityandavailabilityofthepassphrasearecrucial.Ifan encryptedfilemayberequiredforanextendedperiodoftime,thepassphrase shouldbenotedandstoredsecurelyinaphysicallysecureareasuchasa safewhichhasrestrictedaccess. AxCrypt(http://www.axantum.com/AxCrypt/Features.html) AxCryptisasoftwarepackagewhichallowsuserstoencryptfilesthroughthe standardsWindowsexplorerrightclickmenusandprovidesAES128 encryption.Onceinstalled(requiresAdministratorrights)theusercansimply rightclickonafiletoencryptitbyprovidingapassphrase.Itshouldbenoted thattherecipientofthefilewillrequireeitherthefullversionofAxCryptorthe AxDecryptutilitytodecryptthefilewiththerelevantpassphrase.
GeneralGuidanceontheuseofencryptionproducts
Theuseofencryptionproductscanprovideanorganisationwitha measurableincreaseinoverallsecurityalthoughthereareanumberofareas whichmustbetakenintoconsiderationwithproductssimilartotheones mentionedwithinthisguidance.Noncommercial(andsomecommercial) productsmaynotprovidetherelevantmanagementfunctionalitywhichwillbe requiredbylargerorganisationstosupportlargeuserbases.Thetypesof productswhichareavailabletoindividualsmayonlymeetinterim needswhilst otherproductsareprocured.
NHSInformationGovernance AnnexC
Requirementsforthelocaluseofdataencryptionproducts(page1of3) ThefollowingrecordwillassistNHSorganisationstoidentifylocalrequirementsfordata encryptionandhowtheywilladdressthem.Theformmaybeusedinconjunctionwithcentrally procuredNHSencryptiontools,orwherethisisnotpossibleforthoseencryptiontoolsprocured locally.Arecordshouldbeprovidedforeachuseofencryptionintheorganisation. Nameofindividualcompleting questionnaire: Title: Date: Businessarea:
Signature:
Nameofcryptographicproduct:
Nameofbusinesssystem:
Provideanoverviewofwhattheproductisusedforandthescaleofusage:
Rationaleforuse
Whatarethevulnerabilitiesbeingaddressed?
Providedetailsofanyformalriskanalysiscarriedoutandofthebusinesscasemade:
Individualresponsibleforauthorisingusage:
Isthisatacticalorastrategicsolution?
Providedetailsofanyknownplansforchangesorextentofusageforthisproduct:
Operationalmanagementarrangements
Whoisresponsibleforoperationalmanagement?
Providedetails/referencesforanydocumentedoperatingstandardsandprocedures:
NHSInformationGovernance
Providedetailsoftheextentofusage,forexample,numberoflicensesforsoftwareproductsor numberofunitsforhardwareproducts:
Forphysicaldevicesprovidedetailsoftheirphysicallocation:
Detailsofphysicalprotectionmechanismstopreventtampering/misuse:
Technicalaspects
Productnameandversion Supplier/source Algorithmsused Keylengthsused
Keymanagementarrangements
Whohasresponsibilityforthefollowingandtheirassociatedprocedures: keygeneration keyissue keyrevocation keyrenewal keystorage Providedetails/referencesforanydocumentedkeymanagementstandardsandprocedures:
Areanykeymanagementproducts,trustedagentsorservicesused?Pleasespecify
NHSInformationGovernance
Arecertificationauthorityproductsorservicesused?Pleasespecify
Howarekeysstored?
Whatarethemechanismsforrecoveringlostkeys?
Howarekeysforbackupsandarchiveshandledandhowisbusinesscontinuityplanning addressed?
Detailtheproceduresusedtoverifythetrustworthinessofstaffinvolvedinkeymanagement:
Providedetailsofanyguidancetoendusersregardingkeymanagement:
Regulatoryaspects
Providedetailsofanyregulatoryrequirements:
Contractualmeasures
Providedetailsofanycontractualmeasurestakentosupporttheuseofcryptography(forexample, tosupporttheuseofdigitalsignaturestoresolvedisputes):
Providedetailsofanyothercontractualarrangementswiththirdparties: