Solving Enterprise Data Encryption Issues

by Daniel Gail IT Consultant IT departments struggle with issues involving storing and securing enterprise data. Some of the biggest problems include: balancing the need for tight security with access; dealing with the exponential growth of data; and protecting data outside of the enterprise. Data encryption solves some problems and introduces others.

For example, equipping desktops and laptop computers with encrypted hard drives or encryption software often introduces more work – and more hassles – for users. These systems can also adversely affect performance, further burdening users.  It's not unusual for frustrated users to bypass these systems, rendering them useless at least some of the time.

When sensitive data is encrypted, as it should be, access to that data is limited only to those who hold the "keys." What happens when another user has a legitimate need to access the data? IT may need to get involved, which introduces delays and more frustrations into the workflow. Collaborating with others also brings problems with encrypted data. When users are either uninformed, untrained, or in a hurry, they may devise their own workarounds in an effort to share data quickly. Even when the receiving party is fully authorized to receive this data, these workarounds make the data vulnerable and likely violate policies and applicable regulations.   

Data securely stored inside a secure corporate complex is also at risk from hackers, nosy employees, and even dumpster divers when servers and computers are eventually disposed of. For example, did you know that hackers have a window of opportunity where they can bypass authentication routines while the operating system boots up? Hard disks are also vulnerable if they are not wiped clean or smashed to pieces before disposal. Data recovery software, which is readily available and inexpensive, is powerful enough to recover data from disks that have been reformatted.

Managing the data security and storage needs of mobile workers brings its own challenges. While your company may have centralized storage or use a cloud-based system in an attempt to better manage and secure data, cloud-based storage and virtual storage systems require an active network connection. These are useful solutions when a connection is available. What about when one is not? Users rely on their hard drives. Some may even anticipate connectivity problems and send unencrypted emails to themselves containing sensitive data or copy files from the LAN to their hard disks before leaving the office. Not only is the data vulnerable during transmission, it's vulnerable the entire time the laptop is not under lock and key. In fact, it could be vulnerable even if it is locked indoors due to hackers and spyware.

Similarly, USB flash drives are commonly used by workers who want to work remotely. Whether working from home, on a business trip, or in the field, USB drives are convenient, portable storage devices. They're also easy to lose and hard for IT to manage. The "bring your own device" trend includes USB drives.

These problems, though common, are solvable. For example, WinMagic's SecureDoc Enterprise Server is a centrally managed encryption and data security solution that extends its protections to mobile devices. Full disk encryption, self-encrypting hard drives, removable media encryption, port control (which locks access to USB devices), key management tools, pre-boot authentication, and transparent operations for end-users make this solution well worth exploring.

Daniel Gail is an author and recognized authority on enterprise data encryption software, currently working with WinMagic. Daniel specializes in file encryption software and full disk encryption for companies around the world, and you can connect with him over on Google+.

Sponsor Ads

• Ad Space Available - Rent it Now!

Created on Dec 31st 1969 18:00. Viewed 0 times.

Comments