Need-to-Know Only: Use Encryption to Make Data Meaningless to … – Security Intelligence (blog)

Organizations continue to be plagued by data breaches, and data is leaking from our enterprises in large quantities. However, data leakage is not the only issue. The problems namely, regulatory fines, brand damage and lost revenue begin when sensitive data that is readable and accessible falls into the wrong hands. Despite these concerns, security professionals can rest assured that there is a way to immediately stop the madness: Use data encryption.

Data encryption has existed for thousands of years. During all those centuries, the use of encryption has adapted and grown to meet various needs. Back in the day, simple substitution ciphers or scytales worked great, but todays environment demands methods more rigorous than block encryption.

Just as wizards of technology do not rest on their laurels with a single spell or potion, is it not a good idea to only have one type of encryption in your tool set. Those wizards excel by having a rich set of technologies to choose from, and the skills to use them in a dynamic and challenging world.

There is no doubt that encryption and key management algorithms must be publicly vetted to ensure their strength. However, the application of those algorithms must also be flexible enough to meet organizations needs. For example, we all know what a Social Security number (SSN) looks like: It consists of three numeric digits, followed by two digits, and then another four (i.e., 111-22-3333). If we were to encrypt that data, we might end up with a string of numbers, letters and special characters that would prevent an intruder from recovering the SSN, but it could break many applications and databases that process data without maintaining the well-defined format of an SSN. This principle also applies to encrypting names, phone numbers and email addresses.

If we cannot encrypt this data, how can we keep it secure? With the right set of capabilities, you can protect specific types of data using the same cryptographic principles in a way that does not interfere with business applications. This enables you to employ one of the following three fundamental encryption techniques.

Encryption, tokenization and redaction are just three options for obfuscating data. Remember that any good encipherment or encoding approach must follow the basic tenants of cryptography. That means knowing the algorithm should offer no advantage in decoding or deciphering data. The only way you should be able to decipher the data is by having access to the decryption key.

While its crucial for data in new sources and technology platforms to be protected and encrypted, legacy systems frequently contain large quantities of important, valuable data that still need protection. Using cryptographic tools, including file and database encryption, tokenization and Teradata encryption, allows organizations to protect data flexibly while supporting the full technology environment.

Think of data encryption as an easy way to protect data from misuse. By using it, you can get terrific results without having to work as hard as those technology wizards.

IBM Announces New Guardium Data Encryption v3.0 Portfolio

Original post:
Need-to-Know Only: Use Encryption to Make Data Meaningless to ... - Security Intelligence (blog)

Related Posts

Comments are closed.