CIO Talk

Data Security: Encryption adoption critical for Enterprises

Encryption is one of the fastest emerging data security options today. Organizations are increasingly adopting it to address the growing concerns of data safety, and data privacy for compliance regulations. Despite the recent trends towards encryption, many organizations have not yet adopted encryption in their organizations, or have gaps in their protection coverage.

It has been noted that worldwide the frequency of data records loss adds up to about 35 Every Second, 2,116 Every Minute, 126,936 Every Hour and whopping 3,046,456 Every Day!
(Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The most common sources of these breach incidents:

  • 69% occur through malicious outsiders
  • 18% because of accidental losses
  • 9% by malicious insiders
  • 3% hackivists
  • and the remaining 1% is state sponsored -(Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The types of breach incidents can be broadly categorized into Identity Thefts (accounting for about 64%), Financial Access (18%), Account Access (11%), Existential Data (5%) and Nuisance (4%). (Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The True Cost of Data Breaches

Simply defined, a data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. All of an organization’s files (such as HR documents, financial records, customer information, personally identifiable information, and passwords) are vulnerable to theft or loss, by malice or mistake.

Considering the sheer damage of a data breach, 90% of which could have been easily avoided, according to the Online Trust Alliance1, Organizations can be subject to stolen proprietary documents and data, bad publicity, lost business, and potentially crippling fines.

PROTECTING AGAINST LOSS Adopting Encryption

Data Encryption is a time-tested tool that can effectively protect your data. Encryption is a means of scrambling computer data so it can only be read by the people authorized to access it. Encryption converts data from plaintext to cipher text, through use of an encryption algorithm which creates an encryption key – only this key unlocks the data. The encryption and key storage is straightforward, but the Key and Policy Management, getting the right keys to the authorized users and managing the lifecycle of the keys, is the challenging part.

Data Everywhere

Today, sensitive data resides everywhere, and the definition of “endpoint” has become very broad, spanning from organization-owned assets such as: laptops and desktops, to USB media, through end-user-owned devices, and on to data and VMs in the Cloud. These silos of data make management difficult and therefore enterprises are reluctant to adopt full encryption.” But encryption, and management of it, doesn’t need to be complicated. Most endpoints have some form of native encryption software, or can be secured through a plethora of available data security solutions. This is a great start. Adding in additional encryption capability, and supporting that with a simple and comprehensive unified intelligent key management tool is the basis for a successful solution.

Authored By: Rahul Kumar, Country Manager, WinMagic

Related posts

How Yoga Helps IT Professionals-Setting Healthy Boundaries

enterpriseitworld

Importance of Yoga – Way to Lead Healthy life

enterpriseitworld

Digital Transformation in the Automotive Industry

enterpriseitworld