Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized...

ITBriefcase.net Membership!

ITBriefcase.net Membership!

Tweet Register as an ITBriefcase.net member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

If Your Perimeter’s Not Secure, Neither is Your Data

June 2, 2016 No Comments

Featured article by Peter Galvin, vice president of strategy, Thales e-Security

The last several years have shown us that, despite our best efforts to secure our networks, the bad guys are still getting in. Perimeter defenses continue to fail, and data continues to be stolen. What’s more, the perimeter isn’t as clear a notion as it once was. Consequently, IT security teams are beginning to change their thinking and focusing on data security. A key aspect of data security is encryption, but it must be implemented in a comprehensive manner. If not, data may not be secured in all locations, leading to a false notion of security that can end in theft.

The Shifting Perimeter

The primary impetus for the change in security focus is the proliferation of connected devices in organizations today, from smart phones, tablets and the IoT. Just a few years ago the network perimeter was much more static and limited but today, the perimeter is everywhere – and constantly moving.

We live in an increasingly distributed world, in terms of where people work and the devices and applications they use. As such, the focus has changed to protecting the data and not just the perimeter. Perimeter security is no longer sufficient to protecting sensitive or confidential data – especially in light of hackers’ demonstrated ability to breach network security.

Securing Data Today

What does it take to protect data today? A comprehensive strategy involves looking at not just financial data or payment information but also personally identifiable information (PII) that has become so valuable to criminals. This data demands the utmost protection, because while someone stealing your credit card is a problem, you can always cancel your card – you can’t cancel your identity, or change your date of birth.

As mentioned above, encryption is part of a solid data protection strategy. Every organization needs an encryption plan, starting with the protection of an organization’s most confidential or sensitive information. When encrypting this data, it is compulsory that key management is simple and easy. This way, no matter where your data is located, it’s encrypted and it’s secure.

You can’t protect data if you don’t know all instances of where it resides, and in this age of Cloud storage services, your data could be almost anywhere. The 2016 Global Encryption Trends study found that over half of businesses (57 percent) do not know where their sensitive data resides. Many organizations fall into the trap of protecting data only when it exists in a particular area, but that same set of data exists in potentially many other places. If it’s not protected everywhere, it is then vulnerable. Organizations need to understand, discover and know where all their sensitive data is located and ensure data is encrypted at rest, in use and in transit.

Once relegated to the data center, data protection has become a boardroom discussion due to the slew of hacks on high-profile organizations – and we’ve seen what happens to senior executives who haven’t properly protected their sensitive data. In addition, customers are becoming more concerned about the safety of their data.

It’s clear that what’s worked in the past isn’t working anymore, and that encryption is a necessary element of a robust data protection strategy. Yet many still hesitate because it can get challenging – but it doesn’t have to be. Here are five key pervasive encryption techniques to help maximize data protection:

1. Become strategic: Before taking action, take the time to create a comprehensive encryption strategy that allows you to understand what data you are encrypting, how you are managing your keys and the underlying policy controls for user access.

2. If it’s valuable, encrypt it: Anything that would be considered sensitive must be encrypted.       And ensure you’re encrypting it in all phases of its life cycle – at rest, in use and in transit.

3. Employ an HSM: Because it’s your goal to protect sensitive data, use a hardware security module (HSM). It’s a best-practice tool that has the highest level of assurance to keep your most important keys inside a secure hardware boundary.

4. Re-evaluate your strategy: As vulnerabilities evolve, protect yourself by continually monitoring your people, processes and security posture. You need to look at your people processes as well to make sure you have some kind of checks and balances in your technology strategy and continue to evolve it to see vulnerabilities.

5. Control the access: It’s important to clearly delineate duties between network personnel and security professionals by implementing policy controls. Separating out the security components and the network management components or the application user components is critical to ensuring that only the people who need to access the different systems are able to access them.

About the author:

Peter is a product and marketing strategist for Thales e-Security with over two decades of experience in the high tech industry. He has worked for Oracle, Inktomi, Openwave, Proofpoint, and SOASTA.

 

Leave a Reply

(required)

(required)


ADVERTISEMENT

Gartner

WomeninTech