Even unregulated organizations need to protect data on portable devices. There is also the issue of’ ‘safe harbor,’ under which organizations do not have to notify individuals in the event of a security breach, provided data was encrypted.
Data Losses Increasing
The proliferation of mobile devices has resulted in significant losses of data through either carelessness or theft. These devices also get lost or become categorized as missing, putting large amounts of data at risk of being stolen and compromised. One data protection technique which is being applied to mobile devices and is gaining momentum from user organizations, is encryption. Full-disk encryption is an encryption technique which adds value to an organization’s product or service offerings, since it ensures that shared data is secure.
Two types of encryption are currently available to user organizations: self-encrypting hard drives and software-based full-disk encryption. Together, these two techniques can provide a high level of protection by ensuring that there will be no loss of data can occur if a third party retrieves a mobile device. Useful information and access to it should not be restricted by the selected encryption technique. With encryption, mobile operations can be expanded and authenticated users can more easily and securely share information.
Encryption can aid organizations to in achieve regulatory compliance objectives with reduced risk. The best encryption products are those which are integrated into existing technologies and systems, cannot be bypassed, and are transparent to users. Existing security technologies, for example, firewalls and threat management systems, as well as operating systems and all hardware devices, need to be integrated with the selected encryption technology.
Layers of Protection
Supporting hardware and software technologies, such as self-encrypting hard drives and trusted erasable hardware devices, can add additional benefits to the encryption process and add an additional layer of protection, as well as reducing the cost of re-vamping or adapting older hardware devices. In particular, full-disk encryption ensure that confidential information such as file names are not visible, reducing costs and preventing the loss of personal, identifiable information.
Productivity gains will be accomplished through ease of deployment, management and use, provided the right solution is implemented. This implementation requires centralized management capabilities, encryption software, cryptographic keys and security policies, that are readily deployable and easily managed, while not placing additional demands on IT resources. The complexities and cost of using encryption systems bring other benefits to an organization and its user base, including a robust self-service capability and provisions for changing encryption keys and replacing forgotten passwords.