The results of a study which investigated the trends in the use of encryption to help protect data have been released and show that the use of encryption is on the increase.
The 2013 Global Encryption Trends Study which was conducted by Ponemon Institute and sponsored by Thales involved more than 4,800 business and IT managers in the UK, US, Germany, France, Australia, Japan, Brazil and Russia.
The results of the study revealed that there has been an increase in number of companies using encryption solutions over the last 9 years. 35% of organisations involved in the study revealed that they have an encryption strategy across the whole enterprise. This is an increase of 6% from last year where the reported figure was 29%. The number of companies involved in the study who didn’t have any kind of encryption strategy in place has also dropped to 14% from 22% last year.
The main reason for the increase of implementing an encryption strategy was to help reduce the impact of a data breach. The main reason for these concerns is because of the ever increasing threat of cyber thieves and cyber hackers which resulted in a record number of data breaches in 2013. This shows a shift in the thinking of business and IT managers as their main reason for implementing an encryption strategy was to help protect the company’s reputation.
The companies who believed that they had an obligation to report any data breaches, nearly half of the companies involved believed that they wouldn’t need to disclose any details that they had actually suffered a data breach if the data was encrypted.
One of the major issues that the business and IT managers find with utilising encryption strategies is key management. More than half of the respondents rated the difficulties of key management more than seven out of ten whilst 30% of respondents ranked it as nine or ten out of ten.
The chairman and founder of The Ponemon Institute, Dr Larry Ponemon, stated, “Encryption usage continues to be a clear indicator of a strong security posture but there appears to be emerging evidence that concerns over key management are becoming a barrier to its more widespread adoption.
Ponemon added, “For the first time in this study we drilled down into the issue of key management and found it emerging as a huge operational challenge. But questions are and should be asked about the broader topics of policy issues and choice of encryption algorithms – especially in the light of recent concerns over back doors, poorly implemented crypto systems and weak key management systems.”
By ensuring that data is encrypted can go a long way in ensuring the security of the data if it falls into the wrong hands. However, there is no guarantee that just because the data is encrypted, that the data is safe as there have been instances where the encryption keys have been successfully hacked resulting in the data being unencrypted. Encryption should be the last line of defense in data protection as the best way to ensure that it remains safe is to ensure that a strong security plan is in place and that security software is kept up to date. This will help to prevent the data from falling into the wrong hands to start with.
Education in data security can also go a long way in helping to reduce the risk of data falling into the wrong hands and by no means, should be overlooked.
In order to support a security plan, a robust backup solution should be in place to ensure that data can be recovered if it is lost, deleted or modified by staff, cyber hackers or thieves.