GISuser.com

GIS and Technology news for mapping professionals

  • PRESS
    • Submit PR
    • Top Press
    • Business
    • GIS, Geo Tech Software
    • Hardware
    • UAV News
    • Mobile Technology
    • Editor’s Top Picks
    • Get TOP Listing!
  • FEATURES
    • GeoGeeksinCars
    • 10 Question Q&A
    • FROM THE EDITOR
    • SPATIAL MEDIA AUTHORS
    • Social Media Features
    • EXPERTS & Guests
    • Listicles and Top 10 Lists
    • Infographics
    • VIDEOS
  • Events
    • Webinars
    • Submit event
    • Event Media Partner
  • CAREERS
    • Career Help Articles
    • People and Career News
    • Work from Home
    • About GeoJobs.BIZ
  • About
    • Advertise
      • Advertise wth GISuser
      • Media Kit Request Form
      • Directory
      • Submit Press
    • Contact GISuser
    • Meet the Editor
    • Social Media
      • AnyGeo Blog
      • GeoGeeks Podcast
      • Social Media Features
      • Like Us
    • SpatialMedia
      • LBSzone
      • LiDAR Magazine
      • Amerisurv
      • SymbianOne
    • RSS feed
  • Blog
  • Shop
  • Cloud Hosting
    • Amazon Cloud Hosting
    • WordPress cloud hosting
    • Dedicated servers USA
    • Linux Shared Hosting
    • Windows Shared Hosting
    • Web Development
    • SSL Certificate
  • Tradepubs
You are here: Home / *BLOG / Around the Web / Vault 7: Security and Location Data

Vault 7: Security and Location Data

March 15, 2017 By Troy Lambert

Not long ago, I talked here about UAV Cloud Data: we are generating a ton of location data, and need some effective way to store it on the cloud. Two things have to be considered: it needs to be secure, so it cannot be accessed by just anyone, but it also needs to be available to those who are authorized to view and use it.

Security and Location DataPhoto Credit: Maxpixel

While this is a matter of transmitting large amounts of data to the cloud, it is also a matter of cybersecurity, and the subject has once again been highlighted by recent events. Not only do we, as GIS technicians, need to help make businesses ready for the next natural disaster, but we need to help them prepare for the next man made disaster as well. So what is Vault 7, and what does it mean for securing location data?

It’s not My Vault

Vault 7 is the “accidental” release by the CIA of thousands of pages and therefore lines of hacking code to several “freelance” hackers. One of them shared the data with Wikileaks.

While we don’t know everything that is in the dataset, we do know that as it is revealed, software engineers and manufacturers can patch the vulnerabilities. The bad news is that this stuff has been out there, and available to hackers for awhile. It can be used to breach everything from home computers and phones to connected cars.

So what do we, as GIS Technicians, do about it? Well, here are some quick tips to help encrypt your life and (hopefully) prevent you from being hacked.

Use Strong Passwords

You hear this one all the time, and it is first in the list because it is the most basic. However, the worst passwords of the year (1234, your birthday, abcdef) are nearly the same every year, and they continue to be used in some of the most secure environments.

Set password requirements for access to GIS, and insist that they be changed regularly. It is becoming more common to set up security and log-ins using biometrics like fingerprints and retina scans, however, most of these still have a password as a backup. Passwords are still the spare keys to your kingdom. Guard them closely.

2017-03-15 09_10_22-Vault7SecurityandLocationData.docx - Google DocsPhoto Credit: Wikimedia Commons

Use Two Step Authentication on Your Emails–All of Them

This should be true for your work email as well as your personal email. All this does is add an extra step, like receiving a code via text message or sent to an alternate email address every time you log in to your email.

This way, a hacker has a more difficult time hacking into your email on a device or computer you have not authorized. With your email, a savvy hacker can reset your passwords on everything from banking sites to your ArcGIS account. If they can’t hack the password you have now, it is much easier to reset it via a link sent to your email.

Two step authentication is the first step in a number of processes to keep location data secure.

Request and Configure Your Own Server Certificate

ArcGIS Servers come with a self-signed security certificate designed to help you set it up quickly and make sure your installation was correct. However, leaving this self-signed certificate in place is a common and preventable security mistake.

In the healthcare industry, servers containing the latest digital imaging technology along with large amounts of patient data, similar in nature to GIS images and the accompanying data sets, come pre configured the same way. However, the first step once imaging or GIS software is installed should be to request a certificate from a trusted certificate authority (CA) and configure your server to use it.

Properly encrypted servers are nearly impossible to crack unless there is an inherent flaw in the security itself.

Restrict File Permissions

Even with the best passwords, restricting access to files is essential. The risk of a data breach, even an accidental one, increases dramatically with each additional person who has permission to edit files. The risk of errors like data deletion also increase.

From the start, restrict access to files to only essential personnel. Only grant editing and editorial permissions to those who must have that access to perform essential duties. Once a team member is no longer on a project, remove their permissions. Reduce the the risk of a security compromise by keeping files and sets of data carefully locked down.

Disable the Primary Site Administrator Account

User accounts in GIS are managed in your identity store. The primary site administrator account is separate from this, and is the account specified when you first create a site in ArcGIS Server Manager.

Once you have created user accounts and assigned them roles, it is recommended that you disable the primary site administrator account, so there is no way to manage ArcGIS Server outside of your group and the roles you have assigned. If you have not done this, or simply do not know how, you can find instructions here.

Define the Shared Key to Generate a GIS Token

The shared key is the encryption you use to create GIS Tokens. ArcGIS tokens can be shared to give permissions to those who are not authorized users like clients to consume data from the ArcGIS Server.

The shared key is another common way for malicious users to gain entry to your server. Here are some quick guidelines for your shared key:

  • It should be 16 characters long
  • You can use any characters, and it should be as random as possible
  • Change the key often, especially in high security environments.
  • When you change the shared key, update all applications. Old tokens will become invalid once it is changed.

Think of your shared key as a security system on top of the locks and deadbolt on your door. It is another layer of security that is really challenging to disable for any hacker who wants access to your system.

Securely Transmit Tokens

It goes without saying, but always use https to transmit tokens to clients, and if doing so via email, this is yet another reason to use two step authentication. Anyone with a valid token has access to your server. Be sure to keep tokens just as secure as the shared key you use to produce them.

If you find a token has been compromised, change the shared key immediately. This will ensure that access remains restricted and data remains secure.

Restrict Cross Domain Requests

Cross domain requests are a common tactic used by hackers. Cross Domain requests are also known as “Cross Origin Resource Sharing,” or “CORS,” a request that allows one domain to request use of the data created on another.

You can prevent this in ArcGIS by restricting these requests to only websites that you trust: any domain not on the list would have their request denied. If you need instructions on restricting cross domain requests, you can find it by clicking on the link here.

Vault 7 is frightening simply because it highlights an ongoing issue: cybersecurity threats are on the rise, and anything from ransomware to major security breaches can shut down a business in a matter of days. Protect yourself and your GIS data by following the steps above.


Author:

Troy Lambert is a freelance writer, editor, and non-profit consultant by day, and a suspense thriller author by night. He learned about the power of GIS while working as a researcher at a museum, and is always looking for ways to apply this technology and big data in new and innovative ways. Troy is an avid cyclist, skier, and hiker. He lives, works, and plays in Boise, Idaho. His work can be found at troylambertwrites.com, and you can connect with him on Twitter @tlambertwrites.

Related Articles on GISuser:

  • Why is TheWiSpy The Best Android Spy App? Let’s DiscussWhy is TheWiSpy The Best Android Spy App? Let’s Discuss
  • How to Find out Who Owns a BusinessHow to Find out Who Owns a Business
  • How to Stop People from Randomly Calling YouHow to Stop People from Randomly Calling You
  • Locus Charter launched to promote responsible use of location dataLocus Charter launched to promote responsible use of location data
  • 5 tips for successful implementation of smartphone surveillance at work5 tips for successful implementation of smartphone surveillance at work
  • 5 Simple Ways to Secure Online Business Transactions5 Simple Ways to Secure Online Business Transactions

Filed Under: Around the Web, Business, EXPERTS, Features of the Month, FrontPage Leader, Top Text Lead Story Tagged With: location data, Security






Editor’s Picks

sustainable tourism map

Is Sustainable Tourism Sustainable? Mapping Outcomes Using GIS

10 Years of Images from ESRIUC and An All-Time Favorite Pic #esriuc

CoreLogic Data Reveals Wildfires Pose Big Risk to Nearly 900,000 Western US Homes in 2015

Boulder County Launches New Geospatial Open Data Platform

See More Editor's Picks...

Connect with GISuser

  • Facebook
  • Google+
  • LinkedIn
  • RSS
  • Twitter


GIS jobs

Recent Features

Digitalization and Simulation at the North Pole

Natural Gas District & GIS-Centric Asset Management

5 Ways Technology Is Affecting The Sharing Economy

Spotlight – Township Canada: Explore Canadian Legal Land Descriptions on a Map

GeoGeeksinCars – The one in “Tippy” the right-hand drive Mitsubishi, at DevSummit

More Posts from this Category

Categories


geoignite 2021

Recent Posts

  • Followers Gallery – A Reliable Instagram Followers App
  • The Top Jobs in 2021 Will all Be Related to Big Data
  • Why You Should Work with an Architect on Your Home
  • Event / Webinar Tip – The Avenza User Conference #AvenzaUC2021
  • Parrot and High Lander enhance drone fleet automation

RSS Career Tips

  • Four Characteristics of the Best Virtual Employees
  • Jobcase Launches Free Unemployment Resource Center for Workers Impacted by COVID-19
  • 8 Questions Employers Should Ask About Coronavirus
  • Must-Have Gadgets and Technology for the Remote Office Worker
  • Must-Have Gadgets and Technology for the Remote Office Worker


shop for geogeek swag

RSS Tech pubs

  • Utilizing a Digital Platform to Drive Operational Improvements
  • Human Resources FrontRunners Report
  • Applicant Tracking FrontRunners Report

RSS Computers

  • The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook
  • iPad CTO Kit - including the iPad Tips and Tricks Guide for IT Executives and Managers
  • Windows... On Speed

RSS HR Tips

  • Applicant Tracking FrontRunners Report
  • Human Resources FrontRunners Report
  • How Diversity, Equity & Inclusion can Take Credit Unions into the Future

RSS Gov Tech

  • Am Law 100: Trends, Insights & How Firms Plan to Move Past the Pandemic
  • Hidden Risks to Patient Data Security
  • What Covid-19 Safety Expenses Can Public Entities Cover With Federal Funds?

RSS UAV news

  • Parrot and High Lander enhance drone fleet automation
  • NASA’s Mars Helicopter to Make First Flight Attempt Sunday
  • Rhode Island Signs Participating Addendum with DroneUp

RSS Geojobs

  • Help Desk Technician
Copyright Spatial Media LLC 2003 - 2015