Every company I speak with is throwing the kitchen sink at protecting their network from external attackers, data breaches and mobile device loss. At the heart is the fundamental point that we all must accept: that where once corporate data sat ring-fenced on a server, it is now dispersed geographically, across many different devices, and moving all the time.
As IT and security professionals we keep battling with the need to keep the drawbridge down, but stop the baddies getting in, and ensure soldiers (data) outside the castle walls are safe.
Encryption has played a key role in protecting data for a long time. Thousands of years before the computer appeared there were Hebrew mono-alphabetic substitutions, and of course the use by the Romans of ciphers, being just a couple of examples. Yet despite its clear benefits in protecting against prying eyes, for a long time it fell out of favor.
Certainly, in early computing it was a complete pain to work with, and some might use stronger language than that! Whilst vendors eventually got their heads around making it more usable, the world moved on, and the problem is no longer simply about protecting data at point ‘A’.
Precisely because of the problems we laid out earlier the need to manage encryption across devices, locations and users have become an IT imperative. Any security professional knows that complexity leads to risk, and that spells danger for the enterprise. Not just from invaders, but risks of regulatory non-compliance, accidental data breaches, or simply the loss of a smartphone.
The challenge therefore has become to simplify the security landscape in the organization, without compromising on protection. In the case of encryption, this means being able to manage encryption across on-premise, cloud, hybrid-cloud and a myriad of devices, as well when it is with users who may not belong to your company.
Centralized encryption management solves the problem by ensuring keys are controlled from one point, and more importantly the keys themselves are stored outside the organization: after all there is no point locking your data in a box, but leaving the key in the lock!
This alone is not enough in the modern enterprise, you need to be able to manage that same encryption across cloud services, virtual machines and resources that you do not own. It’s important to ensure that when you look at choosing an encryption provider that you consider this reality, otherwise you leave yourself greatly exposed.
Encryption is here to stay, it is the last line of defense when a breach occurs, whatever action caused it, invader or accident. With so much at stake for a business in terms of reputation damage, regulatory fines, and ultimately the bottom line, centralized encryption management is the route to bringing clarity to effective encryption. Remember, nobody ever got fired for implementing encryption, but they probably did for mismanaging it.