SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Data encryption: Safe even when lost or stolen
Fri, 27th Feb 2015
FYI, this story is more than a year old

Data encryption should be a key component of your client's ‘defence in depth' network security solution set, says Chillisoft New Zealand,  the Oceania distributors for ESET security solutions.

Data encryption is the most effective way to secure data ‘at rest' (ie on disk and removable media) and as it travels through cyberspace (email). Encryption is based on secret keys - one for encryption and the other for decryption - that are virtually impossible to crack.

Encryption can help secure sensitive data in cases of unauthorised access to your client's network or if a laptop or USB thumb drive are lost or stolen.

Data encryption adds another layer of protection for your client's data so that, even in the event of a security breach, your client's data remains out of reach. To ensure the best possible protection, it makes sense for resellers to offer at least one ‘pure play' encryption solution that contains industrial strength protection combined with advanced management and policy controls. Not only does this create another revenue stream but it also provides a safer online environment for your clients.

Not just for spies

To some businesses, encryption may be seen as a ‘black op' - the preserve of spies and government agencies.

Potential users may fear being locked-out of important documents because they can't remember an encryption key, but in a properly implemented solution, this doesn't happen. The individual files and the hard disk drive are encrypted with a key issued to each user by an administrator.

So it is highly unlikely that ‘forgetting the key' would be a problem.

Files, disks and email: Comprehensive protection

Installed correctly, dedicated encryption solutions run in the background, transparent to users.

Resellers can advise their customers which data should be encrypted based on the sensitivity of the data and the risk of loss. Compared to some other components of a layered security strategy, encryption is relatively easy to install, manage and use.

Typically, ‘at rest' encryption is used at both file level, where individual files can be encrypted, and at the disk level where an entire disk is encrypted, such as for laptops holding commercially sensitive or private data.

Encrypting email or email storage can prevent embarrassing disclosures of private commentary. Leaked emails have become a staple for the tabloid press and could easily be avoided.

It's the law

If your clients maintain personal information and it is leaked due to inadequate protection, they could be breaking the law.

Principle five of the New Zealand Privacy Act 1993 mandates that ‘everything reasonably within the power of the agency is done to prevent unauthorised use or unauthorised disclosure of [personal] information'. With its widespread availability, encryption is clearly ‘reasonable' protection. Indeed, in Europe, where they take data privacy very seriously, there are hefty fines for loss of sensitive data.

As more and more organisations turn to mobile devices and remote access to corporate systems, the risk of data leakage will only increase. Encryption is simple to install, cost-effective and easy-to-use. It should be a key solution in your security portfolio.