Rather than trying to decode thousands of network packets from many different sources, it is a much easier course for the hacker to get to the data where it is resting in a easy to read format on the edge device such as a server. Hacking a standard server is much simpler to do. Locating the data and uploading it to a secondary location is much simpler than trying to decode network traffic packet by packet. Given this, the lack of focus on encrypting data while at rest is surprising.

In fact, California has recently passed legislation to force companies to encrypt certain types of data, such as credit card numbers, Social Security Numbers, etc. However, even encryption on disk is only going to prevent the data from being read if somebody were to steal the hard disk, an unlikely event. A clever hacker with a hijacked user account can still log onto the server and read the data as the file system will decrypt the data as it is read from disk and transfer it in its decoded state.


With all the attention being paid to encryption of data in motion, we need new software that introduces keys on both workstations and servers to ensure only trusted users can access the data from trusted workstations. This would raise the security bar and foil remote hacking attempts. In the majority of cases, a continued stream of additional encryption schemes are unlikely to help.