What to look for in a data encryption product

Computerworld - Data represents the lifeblood of any organization. With the right information, companies can improve customer satisfaction, increase the efficiencies of their supply chain, identify market trends and positively affect their bottom line.
This is not a new concept, it is a commonly understood fact of business.
Data in a corporation can be divided into two categories. First, there is data that a company has about itself, its assets and its operations, such as financial data, physical asset information and inventory balances. The level of security and privacy needed for such data is a function of the company's business interests.
Second, there is other data that is essentially information about entities that are not wholly within its purview, such as employee personal data and customer data. The corporation does not have a choice, but a duty to protect the privacy of its employees and customers by providing the highest security for such data.
For this reason, companies have gone to great lengths to both preserve the privacy of customer, employee and partner data, and to prevent identity theft, by employing sophisticated and generally effective security procedures that control network and database access.
Then what happened in the recent case of the bank that accidentally lost the personal data of 3.9 million U.S. customers after computer tapes were lost in transit to a credit reporting bureau? Or the academic institution that "lost" information on more than 98,000 graduate school students and applicants? Or the medical group, where computers containing personal data on 185,000 patients were stolen? Or the federal contractor that admitted that the personal information of 35,000 shareholders might be in the wrong hands?
How can such highly critical personal data like Social Security numbers, credit card numbers, birth dates, bank account information and patient medical information be so exposed?
When thieves get hold of equipment like laptops, storage devices or backup tapes, they can bypass database access controls with utilities that read physical blocks of data to recover critical information. The result of device violations can be catastrophic. One of the most effective ways to protect your data is to encrypt it before putting it on your media.
Making on-disk encryption work for you
For on-disk encryption to be manageable and still offer a high level of protection, it needs to meet four key criteria:
1. The encryption system should not require application modifications. Most database systems have already grown up with a suite of applications, and modifying applications raises the cost and complexity of implementing the security system.
Instead,