Australian companies have underestimated the advancements in encryption technology - for the protection of sensitive data - and have been slow to adopt the technology, local encryption expert Bob K Adhar told SC today.
President and CEO of Sydney-based company Randtronics, Adhar said his experience in the Australian market has proved that a lot of Australian PCs don’t have encryption.
Eventhough, encryption at the web and application layer can protect data if it falls in the wrong hands, management have historically been afraid to use it, claimed Adhar.
“The market in Australia is not really able to comprehend encryption,” said Adhar. “Historically performance was a problem with encryption, so was flexibility and you needed a person with a PHD to decrypt the system.
“[But] today that’s different, we now have technology that allows encryption for the ordinary user. Encryption is no longer complex,” he said.
Concerned about today’s threat environment, Adhar said relying on perimeter security provides a false sense of security. People are getting through the system via un-patched systems and firewall vulnerabilities, all the time.
In fact, security vendor Proofpoint released a report last month which found that Australian organisations have a problem controlling leaking data.
The report found that companies are frequently disciplining or terminating employees for breaches.
Speaking to SC recently, Privacy Commissioner Karen Curtis said as a general rule, the encryption of personal information on laptops and other storage devices like USBs is good privacy practice and urged organisations to conduct risk assessments to determine whether their stored data requires encryption security.
Move beyond perimeter protection and identify what data is sensitive and encrypt it, said Adhar.
Aussie companies fail to encrypt data
By Negar Salek on Jul 2, 2008 3:14PM