Author Archive

February 24th
2012

Reduce the Risk of a Data Breach

We’ve recently added some videos where I cover a number of the key questions we see coming up when we talk to both our current customers and organizations that are starting to think about the best approaches to protecting sensitive information.

So the first question really revolves around the role of encryption in the event of a breach.  As I say in the video it’s an unfortunate fact, but breaches are going to happen to even the best protected organization.  Laptops get stolen, removable media gets lost, and people make mistakes.  So the question then is, what happens next?  And that’s where we see the real value of encryption.  Because even if a breach occurs, encrypted data is still safe data.  Encryption may not stop the breach from occurring, but it will certainly eliminate much of the pain (and cost) when one does.

embedded by Embedded Video

In the second video I address one of the more frequent questions we hear – around the consumerization of IT.   Ultimately what is happening is that the range of devices in the enterprise is growing incredibly rapidly and in a way that is often beyond the control of the IT organization.  As more and more people bring their own devices into the network, so the complexity of keeping it all secure and compliant is growing- and increasing complexity is never a good thing in the case of security.

Part of the problem in keeping data safe is also keeping control over who has access to it.  That’s why CREDANT has adopted an approach to encryption management that is a little different from what you might see normally. Rather than use a single key to encrypt everything on a device, we actually enable the use of multiple keys.  That means that, as an organization, I have much greater flexibility in deciding who can see what data.  For example, I can allow an administrator to work on a system while still keeping the actual user data (say that of my CFO) safely encrypted.  It’s that kind of flexibility that really allows our users to tune their security policies to match their needs – and their risk appetite.

In the last video I talk a little bit about removable media.  This is a huge problem for most organizations (especially those that haven’t thought about it yet.)  Removable media devices, such as flash drives, are everywhere. They are cheap, have very large capacity, and are often used in a way that can compromise data security.  As such, if you want to quickly reduce the risk to your business of a breach occurring, you should start by thinking about removable media – what is being copied on to it, by whom, and most importantly, is it secure?

 

I hope the videos are interesting, and I’d love to get your feedback.   Let me know if there are other topics we should explore on keeping your information safe and secure- we’re all in this together after all!

 

No Comments


Follow Us

Follow us on Twitter Follow us on Facebook Follow us on Youtube