Security is a necessary evil like it or love it, it's here to stay! How you deliver security to your business depends on your adversity to risk and the nature of your business. Encryption is ever more on the minds of security officers within most organisations but does not necessarily need to be the mine field vendors make it out to be.
In years gone by strong firewall solutions and anti virus used to suffice for many organisations, but with the threat of confidential data loss distributed through our USB storage devices this is no longer enough to protect a companies IP.
Before choosing any encryption solution, it is essential to clarify exactly what the encryption is needed for to specify and classify the data that needs to be protected.
While it is easy to think that encryption is simply encryption, (after all it is bundled on Vista through Bit Locker so available to the masses), there are big differences in the solutions available on the market; and of course the most suitable method will depend on your requirements. A critical factor for enterprise systems is the ability to encrypt data automatically and seamlessly, without user interaction.
Hard drive encryption
The most type of data encryption is hard drive encryption, with the most common uses applied to notebooks. Examples of this technology are found from McAfee, Sophos and Microsoft. Uses can gain access to the hard drive and ultimately data through a pre boot password (PBA) which can also be integrated with 2 Factor Authentication.
This is the simplest form of data encryption with the laptop rendered useless without the password.
Container encryption
An encrypted container is a virtual drive that automatically encrypts all of the data stored in it. Only the owner of the proper key is able to open the container and decrypt the data. For the authorised user, the virtual drive looks just like a partitioned drive. Technically a contained is an encrypted file for one user, which means that users need to be aware of the file to save their data too - not too much of a concern if you have the right policy lock downs and re directions in place on the notebook
File and folder encryption
These solutions make use of the existing folder structure on file servers or local hard drives, so that the network administration does not have to be interfered with. Also, standard processes such as automated backups are not affected. The only difference is that the files written to backup are encrypted.
So you need encryption - right?
Don't be put off by vendors pushing encryption jargon, algorithms and complex password as this can be very confusing. The most effective way to establish a security policy and ultimately encryption solution is to keep it simple - it effects all users so has to be treated as important as a desktop refresh or application roll out. If it is implemented without planning then it will be removed just as quick as it was implemented.
Key areas to consider when looking at encryption solutions are:
- End user impact
- Simplified administration
- Support for departmentals
- Emergency recovery in case of a key loss
What really matters is the product’s suitability for daily use. It is not just a commodity or cost factor but also a very important aspect of security.
Want to discuss your security concerns, contact Dataplex here