With information security systems increasingly being attacked, any IT leader who thinks there is no way a hacker – or a disgruntled employee – can access sensitive information is being naïve. Adding an extra layer of security to your sensitive data in the form of encryption is always a good idea.
I remember a quote from Netsurfer in 1998: “The only safe computer is a dead computer. Or at least a disconnected one.” Well, I think a dead computer is not safe if the hard drive was used to store confidential data, even if it was erased. A disconnected computer clearly has no use to us today.
Encryption: Not Just for Computers Anymore
Nowadays, computers are hardly our only concern. With data increasingly stored in mobile devices, the chances of data loss – and potential access by third parties — are growing exponentially. An encryption solution can ensure that sensitive information can’t be accessed in the event that mobile devices such as laptops, smartphones, or tablets are compromised. Modern encryption algorithms, when implemented in a Federal Information Processing Standard (FIPS) 140 compliant manner, make it almost impossible for anyone without the key to decrypt data on a drive using full disk encryption.
The latest operating systems for tablets and smartphones make encryption easier. Some websites claim that the encryption systems used on those are so strong that not even the US National Security Agency can hack them. I’m not so sure.
What about encryption for the cloud? Absolutely. Not only can your data on a public cloud be spread all over the world, as your cloud provider escalates server space, but it can be intercepted by government agencies and hackers while your employees upload/download content. Having strong encryption in place can substantially decrease the chances of your data being accessed.
Also, according to data security studies conducted by service providers and government agencies, internal employees are responsible for almost 20 percent of documented data breaches. Dishonest and disgruntled employees can inflict a serious blow to the organization if data is easy to obtain and not encrypted. Data encryption – making sure only authorized personnel can access the necessary part for their jobs – can help to avoid internal breaches and secure your sensitive information.
There is no doubt that scrambling your data is a good idea. How to implement a strong, easy-to-use, encryption system is a difficult task. CIOs need to evaluate several options present on the market, and explore different solutions for different systems: datacenter, workstations, tablets, laptops, etc. The time and effort you invest now will pay off in the long run by minimizing the risk of data breaches.
About the Author
Pablo Valerio is a writer for EnterpriseEfficiency.com, a UBM Tech Community.