Key management is crucial to cloud computing: Dunkelberger

Key management and cross-application encryption will be the next big thing, according to new research by the Ponemon Institute commissioned by PGP Corporation.

Phil Dunkelberger, president and CEO of PGP Corporation, said that encryption was the only answer to modern security.

“In cloud computing – where there’s a need for federated systems – the only way you can protect this data is to encrypt it. There will be many different types of clouds, which will do many different things. And they’ll be run by big players as well as small, such as eBay, Yahoo! and Google. And because they’re all different, and all vulnerable, the only way to protect data is good encryption.”

Modern attacks are backed by unprecedented power, said Dunkelberger.

“You can now put so much more processing power in to attack encryption. I think you’re going to see processors that simply encrypt or decrypt data.

“There’s no perfect system. Eventually people will find a faster system crack. 128 is fine for now, according to all the people I know. But soon it’ll be cracked and we’ll have to move to 260 and 512.”

This power is directed not at stealing personal data anymore, but stealing corporate data and intellectual property.

Traditional threats, such as corporate espionage, can come from surprising places.

“One of my biggest concerns is the people who service PCs and hardware. Are these people being properly vetted?

“I recently saw a 500gb hard drive the size of a quarter [or a 20c piece]. With one of those, an unauthorised staff member could walk out with literally millions of records.”

PGP Corporation’s core protection software is open source, allowing users – and critics – to see inside the software engine.

“We’re proud that people can look at our security code. Over a million people have. We get tangible business and security benefits from it,” said Dunkelberger.

Copyright © SC Magazine, US edition

cloudcomputingcrucialdunkelbergeriskeymanagementsecurityto