The Future of Encryption
by Richard Moulds - nCipher - Monday, 18 February 2008.
In today’s world the protection of sensitive data is one of the most critical concerns for organizations and their customers. This, coupled with growing regulatory pressures, is forcing businesses to protect the integrity, privacy and security of critical information. As a result cryptography is emerging as the foundation for enterprise data security and compliance, and quickly becoming the foundation of security best practice. Cryptography, once seen as a specialized, esoteric discipline of information security, is finally coming of age.

No one would argue that cryptography and encryption are new technologies. It was true decades ago and it is still true today – encryption is the most reliable way to secure data. National security agencies and major financial institutions have long protected their sensitive data using cryptography and encryption. Today the use of encryption is growing rapidly, being deployed in a much wider set of industry sectors and across an increasing range of applications and platforms. Put simply, cryptography and encryption have become one of the hottest technologies in the IT security industry – the challenge now is to ensure that IT organizations are equipped to handle this shift and are laying the groundwork today to satisfy their future needs.

Last line of defense for personal data

As many merchants and retailers take action in order to meet the stringent Payment Card Industry Data Security Standard (PCI DSS), the need to protect sensitive credit card data is first and foremost on their minds. This is highlighted in the recent finding by the Canadian government that the lack of proper encryption was to blame for the TJX breach that exposed at least 45 million customers' credit and debit card records. But looking more broadly the issue isn’t limited to just credit card data. In September, more than 800,000 people who applied for jobs at clothing retailer the Gap Inc. were alerted to the fact that a laptop containing personal information such as social security numbers was stolen, exposing the applicants to potential identity theft.

It is clear that the protection of personal or private data is critical to the well being of any company that stores or processes this information. Encryption has become a last line of defense for data protection because, once data is encrypted, if stolen or even simply misplaced, it is rendered unreadable without the keys to decrypt that data.

Survey says

A recent independent survey conducted by industry analyst firm Aberdeen Group shows an increasing use of encryption and a growing need for centralized and automated key management.

The survey, ”Encryption and Key Management” which was co-sponsored by encryption management vendor, nCipher, found that Best-in-Class organizations (a category that Aberdeen defined as including organizations that have seen the most improvement in their IT security effectiveness over the past 12 months) demonstrated a tremendous increase in the number of applications and locations deploying cryptography in order to protect sensitive data compared with one year ago and, consequently, an increase in the number of encryption keys they have to manage.

Eighty-one percent of respondents had increased the number of applications using encryption, 50 percent had increased the number of locations implementing encryption and 71 percent had increased the number of encryption keys under management compared with one year ago.


Most IT pros have seen potentially embarrassing information about their colleagues

More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th