Corporate Encrypt-Everything Policies Gain Interest

With tale after tale of data breaches and cyber-espionage making its way into the headlines, encryption by default has been a hot topic of late—and enterprises are beginning to respond. A large majority (84%) of respondents in a recent survey said that they had considered a security strategy of encrypting all sensitive data.

In the survey, from Vormetric and IANS, top reasons for encrypting data included; preventing data breaches (66%), fulfilling compliance or audit mandates (54%) and protection of financial and other assets (53%).

"Could encrypting everything result in a more simplified strategy for security technology, saving costs and improving security posture now and in the future? The idea is compelling, and the majority of security leaders we questioned felt that this could be a good idea,” the report noted. “Currently, IANS recommends that organizations look at encryption more strategically, potentially exploring an ‘encrypt everything’ approach now or in the near future.”

Understandably given the current threat landscape, security professionals are increasingly concerned with protecting sensitive data within their organization and elsewhere. Overwhelmingly, respondents said that they’re contending with moving into cloud and outsourced service models, while simultaneously combating resourceful attackers looking to compromise data from core systems.

With these realities in mind, respondents are implementing encryption to solve tough problems, including securing data within: Databases (62%); laptops (52%); emails (48%); private clouds (46%); and big data environments (37%).

“Many organizations we work with are seeing shifts in drivers for encryption overall, as well—encryption is rapidly going from a ‘security checkbox’ to a technology that can address specific and advanced security threats, as well as help to reduce compliance scope for many businesses, which turns encryption into an immediate business advantage,” the report continued.

Over half (54%) responded that their top challenge when implementing encryption is legacy technology and support for encryption. Other roadblocks include the cost of encryption technology (52%) and worries about performance impacts (44%). But interestingly, and in spite of these pain points, a whopping 84% of respondents have considered a security strategy of “encrypt everything,” i.e. encrypting all sensitive data.

“Not only are perceptions of difficult and expensive implementations outdated, but encryption now also enables business velocity and advantage,” said Vormetric VP of global marketing, Tina Stewart. “Modern encryption solutions enable organizations to not only safeguard traditional applications, but also to take advantage of cloud, SaaS services, IoT and big data without incurring new risks to data. As a result, encryption is now a critical driver of lower operational costs as well as the rapid development of new services and offerings for competitive advantage and market expansion.”

What’s Hot on Infosecurity Magazine?