With so many ‘mega breaches’ happening around the world companies are beginning to turn to encryption as a means to prevent the loss of data. Securing a network against intrusion seems to be next to impossible these days with the proliferation of internet connected devices and phishing attacks. Encrypting sensitive data allows companies to worry less about breaches since the data will be useless to the attacker if it is properly encrypted.
“Encryption, in some ways, is the antidote to bad security,” said Richard Moulds, vice president for strategy for Thales E-Security. “If you believe there’s a risk that data will be lost from your business, then encryption is your backstop. If you lose encrypted data, then the impact is minimized and may even be zero.”
Encrypting data also exempts companies from reporting the breach which helps preserve the company image and save profits. Of course with any silver bullet solution there are always complications. Encrypting data requires key management and protection which can be cumbersome and dangerous in its own right. If the keys to your encrypted data are stolen then your encryption becomes worthless. Or worse if you lose your keys then the data is lost forever which could be the end of your company. Unfortunately very few companies have the tech savvy capabilities to manage encryption on a large scale and engage in very unsafe practices, such as storing keys in text files. There is great opportunity to mitigate the loss through data breaches using encryption, but currently only the elite have the skills to employ the strategy properly.