- One-third of IT professionals that use cryptography use TrueCrypt in some fashion
- 68% of TrueCrypt users have used the software for business
- One-third of survey respondents use encryption provided by operating system vendors such as Microsoft’s BitLocker or Apple’s FileVault
- One third of survey respondents are using a commercial solution or are not sure what is being used
- The news surrounding TrueCrypt has made 64% of respondents think critically about encryption.
“Many TrueCrypt users appear to have been unaware of its unclear pedigree, and considering that 68% of TrueCrypt users use it in a business environment, it appears this situation has been a bit of a wake-up call, continued Wisniewski. Apple, Microsoft and other commercial players are unlikely to stop supporting integrated encryption moving forward, in fact they will likely double-down on their investment after the allegations being made by Edward Snowden. Thinking critically about not just your laptops, but servers, desktops, cloud and mobile devices could result in organizations making changes that strengthen their security stance resulting in a positive outcome from this whole incident.”
Sophos have put together 5 key recommendations for life after TrueCrypt:
- Use vetted, trusted, operating system-level encryption like Microsoft BitLocker and Mac FileVault. TrueCrypt was not using the latest technology, so now is a great time to move to compliant encryption standards.
- The real issue with business use of encryption has been key management. You need good key management that enables encryption beyond just full-disk on your laptops.
- Data isn't only on your disks. Users are taking it everywhere, especially the cloud. Now's a good time to reevaluate your data protection strategy to make sure you're protecting data everywhere.
- Non-Windows platforms need encryption, including OS X, Android and iOS. And don't forget any systems still running Windows XP, you'll need to protect them too.
- A thumb drive or DVD can hold sensitive records too. You need to encrypt all your storage devices as well.