7 Encryption Myths

Organisations are under increasing regulatory pressure to keep sensitive data secure. If you were to ask CISOs about encryption there is a distinct possibility that they could recall a tale of horror involving an encryption solution. Encryption technology has moved on, yet a growing number of data breaches still get reported in the media.

Encryption should be seen as a de-facto solution in any organisation wanting to avoid a data breach and potentially large financial penalties. Encryption prevents the leap from data loss to data breach, and, in the presence of the proposed EU legislation, encryption has the potential to save organisations millions.

I am no stranger to tales of encryption that would make your hair stand on end. Here I dispel 7 myths of encryption that highlight why encryption should no longer be viewed as a monster of the deep.

Myth 1: Costs to encrypt data are high

Fact: A data loss costs more. On average it costs $7.2m (£4.5m) per organisation per data breach

Myth 2: An Operating System password is enough security

Fact: Operating System passwords are easily cracked leaving sensitive data exposed

Myth 3: We don’t need encryption to be compliant

Fact: Data encryption is a key requirement for many regulations

Myth 4: Using Self Encrypting Drives means more headaches

Fact: Self Encrypting Drives speed up the process and enhance security overall

Myth 5: Data Encryption slows down the devices and the network

Fact: Data encryption causes minimal impact to functionality

Myth 6: Encryption is difficult to manage in a large office environment

Fact: A single management console can support multiple users and devices

Myth 7: Encryption solutions can’t be managed in mixed environments

Fact: There are encryption solutions available that are more than capable to support multiple Operating Systems e.g. Windows, Mac and Linux.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Garry McCracken has more than 25 years of experience in data communications and information security. He has been responsible for the development of WinMagic's full-disk encryption solutions for desktops, laptops, and PDAs. Prior to working at WinMagic, McCracken was vice President at Kasten Chase, a publicly traded technology company, where he played a key role in assuring the company's compliance with strict security standards imposed by the Canadian and International Industrial Security Directorate. Garry holds an Honours, Co-op, Bachelor of Mathematics degree in Computer Science from the University of Waterloo. He furthered his education by successfully completing CATA's Certified Advanced Technology Manager program, writing the BS 7799-2 Information Security Management System Auditor exam, and obtaining the Certified Information Systems Security Professional (CISSP) designation from (ISC)2.