What to look for in a data encryption product
Computerworld - Data represents the lifeblood of any organization. With the right information, companies can improve customer satisfaction, increase the efficiencies of their supply chain, identify market trends and positively affect their bottom line.
This is not a new concept, it is a commonly understood fact of business.
Data in a corporation can be divided into two categories. First, there is data that a company has about itself, its assets and its operations, such as financial data, physical asset information and inventory balances. The level of security and privacy needed for such data is a function of the company's business interests.
Second, there is other data that is essentially information about entities that are not wholly within its purview, such as employee personal data and customer data. The corporation does not have a choice, but a duty to protect the privacy of its employees and customers by providing the highest security for such data.
For this reason, companies have gone to great lengths to both preserve the privacy of customer, employee and partner data, and to prevent identity theft, by employing sophisticated and generally effective security procedures that control network and database access.
Then what happened in the recent case of the bank that accidentally lost the personal data of 3.9 million U.S. customers after computer tapes were lost in transit to a credit reporting bureau? Or the academic institution that "lost" information on more than 98,000 graduate school students and applicants? Or the medical group, where computers containing personal data on 185,000 patients were stolen? Or the federal contractor that admitted that the personal information of 35,000 shareholders might be in the wrong hands?
How can such highly critical personal data like Social Security numbers, credit card numbers, birth dates, bank account information and patient medical information be so exposed?
When thieves get hold of equipment like laptops, storage devices or backup tapes, they can bypass database access controls with utilities that read physical blocks of data to recover critical information. The result of device violations can be catastrophic. One of the most effective ways to protect your data is to encrypt it before putting it on your media.
Making on-disk encryption work for you
For on-disk encryption to be manageable and still offer a high level of protection, it needs to meet four key criteria:
1. The encryption system should not require application modifications. Most database systems have already grown up with a suite of applications, and modifying applications raises the cost and complexity of implementing the security system.
Instead, you should deploy a product that allows you to add data
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts