In everyday routine, we exchange information, or data almost everyday in business or in personal transactions. Hence, it is important for us to learn the basic about information nature in order to protect them as we make transactions. Not only it benefits you from self-protecting your own information, it also allows you to sniff out potential scams and threats as well.
This section guides you on the basic of what is information/data nature and how we approach these aspects while performing information/data transactions.
Basic Information Nature Aspects
Before we look at various ways to approach information tranctions, let take a look at the basic data nature aspects.
There are a lot of data nature aspects. However, to keep things simple, ZORALab uses the following basic 2 types of data information nature:
Both Data aspect structures has the following similiarity:
VectorAspect - Is the data at rest or data in transit?
ConfidentialityAspect - Is the data safely obscured from being readable?
IntegrityAspect -Is the data trustworthy?
AvailabilityAspect - How and where can we source this data given a circumstances?
These aspects work hand-in-hand together. This is our ZORALab combined
V-CIA model integrated from the basic
Vector - At Rest or Data In Transit
As we make information transactions, we must consider the travel vector. Different vector travelling across different channels has its own unique ways to protect the information.
The analytics part of vector can be quite complicated since there are a lot of factors to weight in. To keep things simple, we should simplify only 2 main points:
DATA AT REST- means data that are stored in disk, not being read, copy, or move around.
DATA IN TRANSIT- means data being transmitted in a channel from point A to point B.
Confidentiality - Tri-Level Secrecy
Confidentiality is the aspect of keeping the information obscured, making it a secret between the transmitter and the receiver(s). The goal is to hide information.
This is the part where any organizations defines its own level of confidentiality. To keep things simple, ZORALab uses the tri-level secrecy:
RED- top secret. It has the impact of killing, causing national security, or destroy an organization immediately.
ORANGE- restrictive secret. It can cause major damages or losses to the organization but will not destroy it.
BLUE- confidential. It is meant to keep secret for internal use only. Leaking it will cause panics or discomfort but will not create major damages or losses.
In any cases where you are unsure about the level of confidentiality, you
should always assume it to
FOR YOUR INFORMATION: Once an information leaks out to unintended receipient, it is no longer recoverable. Hence, it is always the best practice to counter-leak during unknown situations.
Integrity - Zero Trust Policy
Integrity is the aspect of keeping the information testable and able to prove its origin. The goal is to keep information integrity clean and authentic.
There are various methods and mechanisms to ensure the information is always having its purest integrity. Some relies on secret phrases or pattern in practices to authenticate the information.
In ZORALab, we relies on mathematical and physics approach such as
cryptography signing, upto the point having our receivers not to trust the
messenger but verify on his/her own by her side. This practice is called
Zero Trust Policy.
FOR YOUR INFORMATION: ZORALab uses
Zero Trust Policymainly due to most of our products are open-source software and our practices of open data. We prefer earning trust based on our performance and allow our customers to verify the presented information on their own.
Availability - Decentralized and Backup
Availability is the aspect of making the information source-able using a particular procedures. The goal is to make the information available.
This is mainly about how we make the information available to the right person, at the right time, via which channel, while not compromising its confidentiality and integrity.
In ZORALab, since the team is constantly facing many types of information and
data with different aspects of
Distribution Flexibility Principlebefore anything else.
Backup 1-2-3 Principlefor information retention.
Distribution Flexibility Principle allows us to operate in both
chokepoint access control for sensitive information distribution or large
scale open distribution that requires mass system duplication and redundancy.
Backup 1-2-3 Principle allows us to retain information safely across
punishment of time. We employ different technologies and measures to make sure
we can do achieve the highest possible result from time to time.
When it comes protecting various types of information, ZORALab uses the following measures.
Encrypted Disk Volumes At Rest
For all computing devices used in ZORALab businesses, ZORALab encrypts all long term storage devices by default using detached key or passphrase. This way, should any of the storage devices went missing, we can safely know that it is encrypted in nature and only focus on finding the target individuals.
Among the cryptography module we used is:
- Linux Unified Key Setup
The cryptography choice commonly used is:
Encrypted Communications Channels
When communicating with ZORALab agents, you often will be requested to use certain qualified techologies. This is because it is our policy stricly set us to use encrypted channel to exchange information. That also means:
- Enforced Industrial Standards TLS/SSL encryption for web and port interfaces.
- Secure Shell for internal terminal controls and communications.
- On-site services if required to prevent information from getting out of premise.
Among the encryption modules we use are:
Cryptographic Signature Authentication
In the world today where people are highly equipped with data manipulation technologies such as Gimp image editor, Deepfake AI, etc, there is a need to cryptographically sign the information to ensure its integrity at a particular time, ensuring its authenticity and origin are always verifiable.
This is usually applied to official statements or files that always come with
.asc certificate. This certificate is able to sniff anyone trying temper
with the original file even though it looks untouched.
ZORALab uses single key
GnuPG cryptography identity to manage our
integrity management. The cryptography module ZORALab commonly used are:
Multiple and Proper Storage Locations
ZORALab uses proper storage locations in multiple sites not limited to:
- Cloud storage service - for redundancy and remote connection
- Encrypted cloud storage - for keeping sensitive credentials
- Local offline storage - for local use.
Both local offline and cloud storage are always in-sync with one another while the encrypted cloud storage are handled carefully and manually.
The data, whenever possible are always version controlled in-case of accidental deletion.