Taking the Fear out of Encryption
Today, data protection must address exponential data growth, support big data analysis, reside in shared cloud data warehouses, allow mobile data access, and defend against increasingly sophisticated threats. So we must ask…
- Why are people afraid to protect their information by encrypting their data?
- Why is encryption often the protection mechanism of last resort?
- Why does it take mandatory regulatory compliance, security policy audits, and penalties for non-compliance to ensure that sensitive data is adequately protected with encryption?
Unfortunately, encryption is often perceived as complex, something akin to rocket science. There is the concern that if you lose the encryption keys, you lose the data forever. There are fears that encryption keys are difficult to utilize, update and store securely. There are requirements for high speed data transactions.
However, recent compliance regulations and standards require that sensitive data be encrypted, including Health Insurance Portability and Accountability Act (HIPAA) for healthcare information, Sarbanes-Oxley (SOX) for financial information and Payment Card Industry Data Security Standard (PCI-DSS) for retail payment.
6 Reasons to Encrypt Your Data with Confidence
The good news is that carefully architected and well- implemented data encryption can provide the cornerstone of your data protection security policy. Encryption can protect your data and solve many of your data protection challenges. With that in mind, here are six advances in encryption that make it easier to deploy and take the fear out of encryption:
- Standardized algorithms for industrial strength encryption that are certified by NIST for data protection and secure key exchange such as RSA Public Key Encryption, Advanced Encryption Standard (AES) and Elliptic Curve Cryptology
- Standards-based network communication protocols that protect data in motion such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and virtual private networks (VPNs)
- Self-encrypting tape and disk storage devices that provide high speed data encryption for data at rest protecting removable media and archived backup data
- Database view access controls and field level encryption that protect sensitive pieces of data within large data bases
- New Key Management Interoperability Protocol (KMIP) OASIS standard that allows key lifecycle management solutions to interoperate to manage, securely store and update encryption keys
- Automated encryption key back-up and recovery to help minimize the risk of loss or breach of sensitive information
So now let’s rethink these questions:
- Do you still have to be afraid to encrypt your data?
- Should you still live with risk and non-compliance exceptions related to data encryption?
Security solutions providing these six advances can relieve your fear of encryption. They can provide transparent, automated, high performance, end-to-end protection of data that address compliance regulations. These advances allow you to encrypt data everywhere with confidence!
Mainframe Security Marketing Manager, IBM Security