When DEEP was first created in 2016, it was initially designed to host publicly available information from sources such as ReliefWeb and other online repositories. As the platform and community has grown over the years, so too have the technical requirements for securing information on the platform. Organizations are beginning to upload sensitive and personally identifiable information to the platform, and as such the requirements for ensuring data safety have changed in DEEP.
Through a recent grant from the Office of the United Nations High Commissioner for Human Rights, we have implemented a suite of new data encryption and protection technologies into the DEEP architecture. While the work is technical in nature, a non-technical explanation is provided below. If you have any questions or comments, please contact firstname.lastname@example.org.
DEEP stores users’ data in a number of different systems and transmits information in a number of different ways. All data that is stored by DEEP or transmitted by DEEP is now encrypted, meaning that if it is somehow intercepted or otherwise maliciously obtained the outside party would not know the contents of the information.
During an audit, auditors use industry best practices to validate how DEEP operates and to ensure that there are no inadequate configurations. Based on the results, any deficiencies noted are mediated by the development team.
Before jumping into the specifics of how information in DEEP is stored and encrypted, it’s important to first get a lay of the land of how the backend of DEEP is structured. When you access a website on the internet, such as DEEP, you are sending and receiving information from its servers. DEEP happens to be hosted by infrastructure from Amazon Web Services in the US.
DEEP uses a number of different types of servers and databases, as is outlined in the diagram above. The three main ones in discussion in this article are:
- DEEP’s servers
- DEEP’s servers do not actually store data for extended periods of time, but rather handle requests from users’ browsers and communicate with the rest of the DEEP system
- DEEP’s database
- The database contains information such as entries, project members and analytical frameworks
- DEEP’s file storage
- Files such as Word documents and PDFs are best stored in a file storage system similar to how your computer stores information as opposed to a more structured database
In an applied example, the following occurs:
- You request to view a set of entries in DEEP
- Your browser sends a request to DEEP’s servers saying that you are requesting to view this particular information
- Technical things happen including verifying that your username is able to access this information and that your login is properly verified
- Once verified, the server sends a request to the database to retrieve your entries
- Information for these entries are returned to the server, appropriately collated, and then returned to your browser
- Note that if you are accessing documents themselves (such as a Word file you’ve uploaded), the file comes directly from the file storage environment, and does not go through DEEP’s server
- You see the information decrypted on your computer
How Information is Encrypted
When looking at DEEP’s architecture and data transfer process, there are a number of dimensions where data encryption must occur. When data is being sent from one location to another (such as from your browser to DEEP’s servers) it is called data in transit. When data is stored in DEEP’s database or file storage, it is called data at rest.
What is Encryption?
Before jumping in to the technicalities, it would be helpful to know what exactly it means to encrypt data. There is a helpful video hosted by Khan Academy that details this process and is very similar to how DEEP encrypts its data. In short, for the context of DEEP, encryption means that when data is stored or sent it is done so in a way that data is only available to the sending and receiving parties. You as a user are able to see information normally, but whenever it is sent or stored it is jumbled in such a way that it is meaningless to unauthorized users if intercepted.
Encrypting Data in Transit
Data in transit encryption occurs in a number of different ways, as is outlined below:
Between your browser and DEEP’s servers and file storage environment
The first way that data is secured while it is sent in transit is when your browser is sending and receiving information from DEEP’s servers, or from DEEP’s file storage (remember, your browser doesn’t directly communicate with DEEP’s database). In order to safeguard this information, it is encrypted using Hypertext Transfer Protocol Secure, or HTTPS. This means that if someone were to intercept data being sent between your computer and DEEP, it would be meaningless unless they had the key needed to “unlock” the information which only DEEP’s internal systems posses.
In general, you know that this encryption is in place when you browse the web as you can look in your address bar and you will see a padlock or similar next to your URL:
Between DEEP’s servers and its database
Much like how information is transferred between your browser and DEEP’s servers, so too is information sent between DEEP’s servers and its database. This information is encrypted using Transportation Layer Security (TLS) which functions in a similar manner to HTTPS in that it encrypts information sent between these environments.
If information in transit is intercepted at some point in the cycle of DEEP’s data transfer, it is indecipherable to any unauthorized person.
Encrypting Data at Rest
This is where the bulk of the work from OHCHR funding has gone into place and is applied in two main areas:
When information is stored in DEEP’s database, it is encrypted using an algorithm called AES-256, which is an industry standard encryption algorithm and similar to what your bank may use to secure its data.
DEEP’s File System
In a similar manner to data stored and encrypted in DEEP’s database, so too is data stored in its file system. This means that when any document in DEEP is uploaded, it is encrypted using the same AES-256 security protocol.
When data is stored in DEEP’s environment, it is done in such a way that any unauthorized person with access to it will be unable to read it.