Encryption is for data at rest, not just in transit

Monday, 16 June 2003, 5:22 PM EST

Everybody knows that it is easier to hit a stationary target than a fast-moving target. Yet an enormous amount of resources are being used to encrypt data in motion, while the bigger risk is in data at rest.

One reason for the focus on data transfer rather than storage dates back to pre-1994 days. At this time, ethernet broadcast all communications between two computers to all of the nearby computers, thus allowing a hacker with a sniffer (a piece of software that captures network traffic) to see other users' data.

But in most companies today, data is almost always transferred on switched networks and thus is transferred from point to point - with no visibility of that data by other network-attached devices. The only way to circumvent this is for the hacker to load his sniffer program onto the actual server itself, but even in this scenario, there are simpler ways to access the data directly.

Given this fact, the enormous amount of resources put into encrypting data in flight, travelling over the network, seems disproportionate.

[ Read more ]




Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //