A Cost-Effective Encryption Strategy Starts With Key Management

Companies have a problem with encryption: While many businesses duly encrypt sensitive data, there is no standard strategy for deploying and managing an key-management infrastructure.
Every organization needs to make a large number of decisions in designing a key-management policy that works for their business, Karen Reinhardt, principal engineer for cryptographic services at Home Depot, told attendees at the RSA Conference in San Francisco last week.
Some cloud-native startups can manage much, if not all, of their encryption keys in the cloud, while large enterprises with legacy technology likely need a locally hosted system and hybrid infrastructure.
Such as developers, may be able to manage their own infrastructure, while general employees need their keys managed for them.
Finally, every company needs to take into account the post-quantum future, Reinhardt said.
Encryption is a necessary technology for securing data and systems, but there is more to data security than just encrypting the data.
Perhaps the most complex part of any encryption infrastructure is managing the keys needed to decrypt data.
If the attackers has access to the keys, they have access to the encrypted data; defenders who lose access to the keys lose access to data.
Data Availability Requires Decryption The first lesson for companies is that encryption keys are critical - perhaps more critical than proper encryption.
Data is unusable if you can't decrypt it, so knowing where the decryption keys are is often much more important than knowing the location of the encryption keys, said Reinhardt.
Organizations should always have a controlled archive of decryption keys, she said.
'Encrypt Everything' Might Not Be Worth It Security controls continue to be expensive to implement, and encryption is no exception.
Cloud Changes Everything, But Gives You Options Companies moving more of their infrastructure to cloud services and platform are already trying to control data sprawl - cloud-native key management adding key sprawl to the equation as well.
Companies need to take stock of not only their critical data - what needs to be encrypted - but also how each cloud service manages its keys and other secrets and whether the company can centralize management to increase control.
Legacy Integration Remains a Headache Smaller companies with just starting with key management can create greenfield key management and take advantage of the latest technologies to simplifying their infrastructure and strengthen control over their data.
Large companies who already have a variety of key management technologies in place will have to support legacy applications and databases.
Cloud-based encryption infrastructure, such as hardware security modules - secure storage for key data and operations - can help make implementation simpler and make integration with legacy technology easier.
Post Quantum Means Every Asymmetric Key Must Be Replaced Finally, every company needs to consider the post-quantum future and make sure that their key infrastructure can generate quantum-safe keys.
As quantum-computing technology advances, public-key encryption will need to evolve and use stronger keys generated by more modern algorithms.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 14 May 2024 20:15:09 +0000


Cyber News related to A Cost-Effective Encryption Strategy Starts With Key Management

Strong Encryption Explained: 6 Encryption Best Practices - Strong encryption protects data securely from unauthorized access, but the specific algorithms that qualify as strong encryption change over time as computing power increases and researchers develop new ways to break encryption. Even the strongest ...
10 months ago Esecurityplanet.com
What Is Encryption? Definition, How it Works, & Examples - To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security. Symmetric encryption will typically be ...
11 months ago Esecurityplanet.com
Types of Encryption, Methods & Use Cases - Encryption category types will explain the overarching and basic categories of classification for encryption, including the two most important: symmetric and asymmetric encryption. Encryption tool types will discuss the major classifications of ...
11 months ago Esecurityplanet.com
Business Data Encryption: Protecting Sensitive Information - In addition to implementing encryption technologies and policies, organizations should prioritize employee training on data encryption. By selecting the appropriate encryption technologies, implementing strong encryption policies, and training ...
9 months ago Securityzap.com
Symmetric vs. Asymmetric Encryption in the Cloud: Choosing the Right Approach - Asymmetric and symmetric encryptions are the modes of encryption typically used in cryptography. There is a single key involved with symmetric encryption used both for encryption and decryption. Symmetric and asymmetric encryption as ways of ...
4 months ago Cybersecurity-insiders.com
Encrypting Data Using Asymmetric Encryption - Asymmetric encryption, commonly known as public-key encryption, is an important technique for safeguarding data transport and storage. Asymmetric encryption's multi-step process involving key generation, encryption, transmission, decryption, and key ...
10 months ago Feeds.dzone.com
The Kubernetes Cost Features You Need in 2024 - In the rapidly evolving Kubernetes ecosystem, managing costs effectively is as critical as ensuring operational efficiency. To make the most of your shift to cloud native technologies in 2024, you need a roadmap to Kubernetes cost optimization, ...
10 months ago Securityboulevard.com
An overview of storage encryption for enterprises - Storage encryption is a key element in keeping enterprise data safe. Most enterprises use a combination of encryption methods to protect their data on premises, in motion and in the cloud, so it's important to understand the different types and best ...
6 months ago Techtarget.com
The 6 Best Encryption Software - Though encryption could still be broken or cracked, strong encryption is nearly impenetrable. Top encryption software: Comparison table Top encryption software BitLocker: Best for Windows environments. It's an excellent choice for encryption software ...
6 months ago Techrepublic.com
A Cost-Effective Encryption Strategy Starts With Key Management - Companies have a problem with encryption: While many businesses duly encrypt sensitive data, there is no standard strategy for deploying and managing an key-management infrastructure. Every organization needs to make a large number of decisions in ...
6 months ago Darkreading.com
How secure is the "Password Protection" on your files and drives? - People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. Protecting files with passwords without encrypting ...
6 months ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Behind EB Control's Revolutionary Patented Key Management System - If you're knee-deep in the world of data security, you'd agree that the key to unlocking superior protection lies, quite literally, in the keys- the encryption keys, to be precise. When it comes to managing these critical elements to safeguard your ...
11 months ago Securityboulevard.com
A Solution to Discover and Remediate Data Security Risks in Hybrid Multicloud Environments - PRESS RELEASE. SANTA CLARA, Calif., Nov. 27, 2023 - Fortanix® Inc., a leader in data security and pioneer of Confidential Computing, today announced Key Insight, a new industry-first capability in the Fortanix Data Security Manager TM platform ...
11 months ago Darkreading.com
Sensitive data loss is due to lack of encryption - In an era where data is the lifeblood of businesses, safeguarding sensitive information has become paramount. Cybersecurity lapses have historically been a cause of data breaches, but a recent study sheds light on a new dimension of vulnerability - ...
11 months ago Cybersecurity-insiders.com
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
11 months ago Securityboulevard.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
1 month ago Aws.amazon.com
A Comprehensive Overview of Encryption as a Service - Encryption as a Service (EaaS) is a way for companies to protect their sensitive data, both at rest and in transit. It is a subscription model that allows customers to outsource the complexity of data encryption to a team of experts. Encryption is ...
1 year ago Heimdalsecurity.com
Internet Security: Ensuring Safe Online Experiences - Cybercriminals are constantly evolving their tactics, from sophisticated cyber attacks to insidious data breaches, putting your virtual safety at risk. Protecting your data isn't the only concern; safeguarding your identity, finances, and peace of ...
8 months ago Securityzap.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
10 months ago Techrepublic.com
Top 10 NinjaOne Alternatives to Consider in 2024 - Atera: Best for IT teams needing a unified platform for network and device management, including patch management and automation. Kaseya VSA: Best for IT operations looking for comprehensive IT management including remote control, patch management, ...
4 months ago Heimdalsecurity.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
1 month ago Cyberdefensemagazine.com
Tuta Mail adds new quantum-resistant encryption to protect email - Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks. Tuta Mail is an open-source end-to-end encrypted email service with ten million users. Its creator, ...
8 months ago Bleepingcomputer.com
4 key steps to building an incident response plan - In this Help Net Security interview, Mike Toole, head of security and IT at Blumira, discusses the components of an effective security incident response strategy and how they work together to ensure organizations can address cybersecurity issues. An ...
4 months ago Helpnetsecurity.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
10 months ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)