RSS Alerts

Share

More services

Related Links

  • Thales Group
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Microsoft IIS security flaws cause a stir
    A steady stream of security flaws in the Microsoft Internet Information Services (IIS) software is causing a stir in security researcher circles, with hackers reportedly issuing details of the flaws faster than Microsoft's R&D staff can patch them.
  • Storage Expo event gearing up for cloud security advice
    Storage Expo - the IT data storage event that takes place at London Olympia between October 14/15 - has ramped up its education programme this year.Cloud security appears high on the agenda at this year's show and conference
  • Hackers steal unpublished Leona Lewis songs
    Hackers have broken into the IT system at Simon Cowell’s record label, Syco Records, stolen three unreleased Leona Lewis songs, and leaked them online.
  • 19% of online attacks targetting social networking sites
    Research just released says that 19% of all hacking incidents centered on social networking sites during the first half of 2009. The study, from Nebulas Solutions Group, noted a 30% rise in the percentage of online attacks compared with the first half of 2008.
  • Big phish-hunters make small tank vulnerable
    PhishTank, a mass-participation website used to track phishing sites, is susceptible to voting fraud by criminals, according to researchers at Cambridge University’s Computer Laboratory.

Top 5 Stories

News

RSA Europe: Card and healthcare protection driving encryption

23 October 2009

Research released at this week's RSA Europe conference in London claims to show that credit card and healthcare data protection are driving encryption security projects in the public and private sector.

But say researchers, who conducted this, the second annual survey on behalf of Thales, the data security specialist, lost encryption keys can also cause problems for organisations.

The central driver on the card front, said Thales, is the introduction of the Payment Card Industry Data Security Standard (PCI DSS) and, on the healthcare front, the US Health Information Portability and Accountability Act (HIPAA).

The international 2009 Encryption and Key Management Benchmark Survey was carried out by Trust Catalyst on behalf of Thales and found that 52% of European organisations are planning encryption projects to comply with PCI DSS.

In the US, 53% of organisations are also planning similar projects, but this time driven by HIPAA.

Interestingly, researchers also found significant IT security concerns related to cloud computing, with 52% of respondent firms saying that data security is the chief concern preventing their organisation from adopting the technology.

In addition, when asked about their own firm's plans for cloud computing, 47% said they would not move to the cloud unless data was encrypted and another 43% said that at this time they have no plans to move to the cloud environment.

59% of the 655 respondents to the survey, meanwhile, said they would not allow encryption keys to be managed by a cloud service and just 15% would allow a cloud service to manage their keys.

Frank Greverie, Thales' vice president, said the results show clearly that two of the most important pieces of data - person's card details and their health records - are the main drivers on encryption.

Coupled with regulations designed to safeguard this data, he added that he impact of a data breach is one of the main security headaches for CEOs and IT specialists alike.

"Regulation is already playing a role in terms of tightening data security. The very nature of encryption means that data is secure even if many of the other enterprise security mechanisms fail," he said.

Greverie went on to say that, against this backdrop, both regulators and industry will therefore grow to depend on encryption.

"At the same time, key management and the ability to demonstrate encryption key custody and control will become increasingly important as auditors and regulators look to validate safe harbour," he explained.

"The good news is that encryption is now significantly easier to implement and manage than in the past."

"The security industry and standards bodies have reacted quickly to the increased demand for encryption technologies over the last few years and today there are numerous examples of IT products and systems that include embedded or native encryption capabilities."

A copy of the report can be downloaded from the Thales website.

 

This article is featured in:
Compliance and Policy  • Data Loss  • Encryption

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012