A year later what has changed? Gary Clarke VP EMEA, SafeNet comments on the current state of data protection:

“How fast time flies. A year ago Sony was battling with the fall out of the data breach on its entertainment online services. They and organisations as diverse as Epsilon, Steam and even Nasdaq entered the spotlight on a debate about how large organisations offering or relying on digital services needed to totally overhaul their approach to protecting the data entrusted in them by their customers, partners and end users generally.

A year later and how much has changed? One school of thought would be that the scale and frequency of these breaches would be a catalyst for change and lead more organisations to take data protection seriously. Is that really happening?

But so far the evidence is that data breaches resulting in the loss of un-secured information continue to be a problem with competing claims on the volume of reported and unreported incidents.

While it is important to recognise how many of these breaches stem from human error as much as actual hacks, all of them present real risks to any affected organisation and range from reputational damage to fines and financial losses. Breaches are going to happen, but the impact of that breach is significantly lessened if the confidential information that is exposed – whether IP, credit card data, customer data etc - is encrypted and the customer has kept control of the master keys.

Regardless of the good sense of this approach it does seem that organisations aren’t going far enough in their data protection strategies. For example we did some polling on our own and found that the majority of IT manager respondents are not utilizing encryption technology beyond IT systems’ endpoints to encrypt the actual data and information held inside the perimeter walls. This suggests that many IT managers may not fully appreciate the importance of protecting core data itself with encryption protocols. Despite the increase of data breaches in 2011 the UK businesses participating in the survey said they only plan to encrypt end points rather than extend encryption to the core systems. This is surprising when you consider that the latest Verizon Data Breach reports that servers remain the most compromised assets especially for larger organisations and account for 68% of breaches and 97% of data records stolen.

So why the inertia? We have got to make organisations understand that there is no excuse in not extending encryption. The technology is proven and readily available and can be deployed and managed with little difficulty. Best practices around key management and keeping keys in hardware are no longer beyond the grasp of mainstream organisations.

It is incredibly important that we keep on hammering home this message because making data protection ubiquitous will be essential to how our digital economy and society thrives. Only providing security that protects at the perimeter, network layer or endpoint is pointless if you don’t protect the data itself, wherever it is.”

 

ShareThis

Tags: BC/DR

Read more White Papers»

More SNS UK TV»

More Audio»

Read more Web Exclusives»

Read more Magazine Articles»

Read more Supplements »

Keep up to date with the latest industry products, services and technologies from the world's leading IT companies.

• Virtualization Success Depends on Network Automation by Infoblox

• The Infoblox VMware vCenter Orchestrator Plug-in by Infoblox

• Automated Storage Tiering on Infortrend’s ESVA Solution by Infortrend

• Schlumberger usesIBMBNT RackSwitch for HPC by IBM

• Convergence is on the Edge by IBM

Latest IT jobs from leading companies.

Click here for full listings»