Unlocking encryption—A key to data security

Encryption is an increasingly important set of technologies that enables customers to safeguard private data in computers, across public or private networks, or in other machine-readable forms.

There is much more data at risk of being compromised than ever before. This, in conjunction with the increasing cost of a data breach, measured in both “hard” dollar terms like legal settlements, and “soft” costs such as loss of customer loyalty, makes the intelligent use of encryption and other data-protection technologies increasingly necessary for organisations of all sizes.

For the small- and medium-sized market, the ideal data encryption approach would be both affordable and easily integrated into a comprehensive data backup and business systems continuity solution. It would include powerful, standards-based encryption, and offer a robust key management function.

Imagine a bank with 20,000 customers, most with multiple accounts and bank cards. Every night, the bank makes a complete tape backup of its core information servers. The tapes are then placed in a storage box. Sometime during the day, a van driver from the tape storage firm drops off an older set of tapes (no longer needed), and picks up the box of new tapes.

Any such practice could lead to tapes being mislaid or stolen from loading docks, being accidentally dropped off at the wrong sites, or being lost or stolen from the delivery van, among other things. Once the tapes are in the wrong hands unencrypted data is easily compromised.

Fortunately, encryption functionality can be easily integrated into an organisation's backup processes, protecting all data on the company's servers and backup devices, and all data taken off site for archiving.

Keys and key management

A key is a piece of information, or parameter, that controls the operation of a cryptography algorithm. Modern encryption algorithms typically use either symmetric or asymmetric keys. Asymmetric key encryption uses a pair of keys, called a public key and a private key, and is best suited for protecting data that has a wide audience -- such as web sites with secure access established for many users.

Symmetric key methods use the same key for both encryption and decryption. Symmetric keys are excellent for use with devices and appliances in which the need to share keys is very limited. This is typically the case with data backup devices, for which one specifically does not need to allow many parties access to the key.

dataencryptionsecurity