Data Security: Encryption adoption critical for Enterprises

Authored Article by Rahul Kumar, Country Manager,WinMagic

Encryption is one of the fastest emerging data security options today. Organizations are increasingly adopting it to address the rahul-kumar-country-manager-winmagic-india-1growing concerns of data safety, and data privacy for compliance regulations. Despite the recent trends towards encryption, many organizations have not yet adopted encryption in their organizations, or have gaps in their protection coverage.

It has been noted that worldwide the frequency of data records loss adds up to about 35Every Second, 2,116 Every Minute, 126,936 Every Hour and whopping 3,046,456 Every Day!

(Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The most common sources of these breach incidents:
• 69% occur through malicious outsiders
• 18% because of accidental losses
• 9% by malicious insiders
• 3% hackivists
• and the remaining 1% is state sponsored -(Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The types of breach incidents can be broadly categorized into Identity Thefts (accounting for about 64%), Financial Access (18%), Account Access (11%), Existential Data (5%) and Nuisance (4%).(Source: BREACHLEVELINDEX.COM January 2016 to June 2016)

The True Cost of Data Breaches
Simply defined, a data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. All of an organization’s files (such as HR documents, financial records, customer information, personally identifiable information, and passwords) are vulnerable to theft or loss, by malice or mistake.

Considering the sheer damage of a data breach, 90% of which could have been easily avoided, according to the Online Trust Alliance1,Organizations can be subject to stolen proprietary documents and data, bad publicity, lost business, and potentially crippling fines.

PROTECTING AGAINST LOSS
Adopting Encryption
Data Encryption is a time-tested tool that can effectively protect your data. Encryption is a meansof scrambling computer data so it can only be read by the people authorized to access it. Encryption converts data from plaintext to ciphertext, through use of an encryption algorithm which creates an encryption key – only this key unlocks the data. The encryption and key storage is straightforward, but theKey and Policy Management, getting the right keys to the authorized users and managing the lifecycle of the keys, is the challenging part.

Data Everywhere
Today, sensitive data resides everywhere, and the definition of “endpoint” has become very broad, spanning from organization-owned assets such as: laptops and desktops, to USB media, through end-user-owned devices, and on to data and VMs in the Cloud.These silos of data make management difficult and therefore enterprises are reluctant to adopt full encryption.” But encryption, and management of it, doesn’t need to be complicated. Most endpoints have some form of native encryption software, or can be secured through a plethora of available data security solutions. This is a great start. Adding in additional encryption capability, and supporting that with a simple and comprehensive unified intelligent key management tool is the basis for a successful solution.

WinMagic’s SecureDoc Solution: The Power of Unified Key Management
WinMagic’s SecureDoc secures data at rest by managing how it is encrypted, regardless of where it resides, or on what operating system. SecureDoc provides enterprises a comprehensive data security solution that supports compliance with security and privacy regulations, without increasing IT costs significantly, or compromising end user productivity.

WinMagic’s SecureDoc Enterprise Server (SES) provides organizations total control over their data security environment, ensuring maximum security and transparency in the regular work flow. WinMagic’s application-aware key management or IntelligentKey Management, not only manages the keys, but the related policy and configuration for the end point encryption.