Every company I speak with is throwing the kitchen sink at protecting their network from external attackers, data breaches and mobile device loss. At the heart is the fundamental point that we all must accept: that where once corporate data sat ring-fenced on a server, it is now dispersed geographically, across many different devices, and moving all the time.
As IT and security professionals we keep battling with the need to keep the drawbridge down, but stop the baddies getting in, and ensure soldiers (data) outside the castle walls are safe.
Encryption has played a key role in protecting data for a long time. Thousands of years before the computer appeared there were Hebrew mono-alphabetic substitutions, and of course the use by the Romans of ciphers, being just a couple of examples. Yet despite its clear benefits in protecting against prying eyes, for a long time it fell out of favor.
Certainly, in early computing it was a complete pain to work with, and some might use stronger language than that! Whilst vendors eventually got their heads around making it more usable, the world moved on, and the problem is no longer simply about protecting data at point ‘A’.
Precisely because of the problems we laid out earlier the need to manage encryption across devices, locations and users have become an IT imperative. Any security professional knows that complexity leads to risk, and that spells danger for the enterprise. Not just from invaders, but risks of regulatory non-compliance, accidental data breaches, or simply the loss of a smartphone.
The challenge therefore has become to simplify the security landscape in the organization, without compromising on protection. In the case of encryption, this means being able to manage encryption across on-premise, cloud, hybrid-cloud and a myriad of devices, as well when it is with users who may not belong to your company.
Centralized encryption management solves the problem by ensuring keys are controlled from one…