Data are the crown jewels of your IT system. It’s what your hardware and software stores, serves and manipulates. Most often, that is what the bad guys are after when they get into your systems.
The National Institute of Standards and Technology (NIST) is launching a data integrity project to provide real-world help for organizations in recovering from events that alter or destroy data. It is asking for technology vendors to provide technology and expertise in developing an example solution composed of open source and commercially available components that can help identify corrupted data and automate its restoration. This solution would help prevent, detect, notify about and recover from events that can corrupt data.
The project is being conducted at NIST’s National Cybersecurity Center of Excellence (NCCoE), which released a Federal Register notice June 1 seeking industry partners. Collaboration will begin as soon after July 1 as possible.
“The goal of this project is to mitigate the impacts of data corruption when recovering systems from backup storage,” the Federal Register notice says. “The solution will provide guidance for incorporating post-attack data corruption detection and recovery strategies into a corporate IT architecture.”
The selected participants will sign a Cooperative Research and Development Agreement with NIST and will be expected to work collaboratively with NIST staff and other project participants.
Data integrity, along with availability and confidentiality, is a foundational element of IT security. Integrity by itself cannot ensure that your systems are working as expected or that someone else has not seen or copied your data, but it means that you will still be able to use it with the assurance that it has not been changed.
NCCoE provides a venue for NIST to work with industry, academia and other government experts to address pressing, real-world cybersecurity challenges, focusing on standards-based solutions from commercial technology. The data integrity effort will address challenges created by malware and other malicious activity, as well as by technical failures and human error so that data owners can be confident that recovered data is accurate and safe. Automating this process requires multiple systems working together to detect problems, notify appropriate stakeholders and recover and vet affected data. The project will create an example solution to address these challenges for both commodity components in the IT system and custom applications. The solution also will support auditing and investigation of incidents.
“Ultimately, this project will result in a publicly available NIST Cybersecurity Practice Guide—a description of the solution and practical steps needed to implement an example solution that addresses these existing challenges,” the project description says.
NIST will support development of interfaces to allow participants’ products to work together and will provide IT infrastructure; laboratory office and collaboration facilities; and staff support.
The solution being developed would include:
• file integrity monitors
• file versioning
• file integrity testing
• user activity monitoring
• configuration management
• database rollbacks
• virtual machine integrity/snapshots/versioning
• versioning file systems
• journaling file systems
See the Federal Register for more information about participating in the data integrity program.