Organisations must balance digital innovation with the need to minimise security risks – and the use of encryption is a way to do that.
That’s the view of Erick Reyes, regional sales manager for Thales, who says encryption should be treated as a mechanism for enabling digital innovation at speed.
“It's like a high-performance car – you wouldn't feel comfortable driving it fast safely unless you knew that there's something you can leverage to stop you,” Reyes says.
In the last 18 months, some organisations may have cast aside digital security mechanisms to keep their operations functioning.
“Organisations that we speak to today face previously unseen challenges brought on by disruptions in their markets and supply chains. Most of the time, these organisations have had to revisit and recalibrate some of their fundamental processes.”
For example, companies may have moved data outside their existing security perimeter, such as to the cloud.
“When organisations review what they're responsible for in the cloud shared security model, they find that they're ultimately responsible for the security of their data,” Reyes says. Encryption can protect that data.
But Reyes says that this can get overly complicated when organisations use the encryption mechanisms that come with IT systems.
That was the scenario Thales encountered at one of its customers, an Australian financial institution. The use of multiple encryption tools caused problems for end-users, developers and old applications, Reyes said. Native encryption tools in the customer’s databases did not meet the compliance requirements.
“Organisations typically employ five to 10 different management solutions. This leads to technical debt, as organisations, typically, if they want to do this, probably will need to employ five to 10 different management solutions,” Reyes explains.
“They need to work out how to best protect this data, whilst ensuring that they maintain the performance needed by their organisation.”
