The role of encryption, a long standing tool in the security arsenal, is back in the spotlight. The recent spate of high-profile security breaches among public and private organisations have only served as a reminder of the wider business implications of a security failure. At the same time the amount of information being moved across the network and traversing vast distances – from metro, regional and long-haul networks - is growing with more than a trillion gigabytes expected to be transmitted online this year, taking us into the zettabyte era.
With huge amounts of mission-critical data being moved into cloud environments and data centres, it’s vital that protection does not stop with perimeter detection and defences. Protecting data in-flight, regardless of where in the network it is – is central to any integrated, end-to-end security strategy. In addition, a businesses’ security strategy needs to comply with new and changing regulations, while also being simple to deploy and manage.
Beyond the perimeter
Protecting data at rest, within the perimeter of an organisation is important. But as an organisations’ network becomes more complex – with information hosted in disparate cloud environments, data centres and even different countries, all with varying security levels and requirements – there are more opportunities to gain access, making encrypting data throughout the only way to ensure it is fully protected from unauthorised interception.
Traditional in-flight data encryption has primarily focused on the application or IP layers making it a useful option for some IT applications but not optimizing those which can be data-intensive or time-sensitive. Furthermore these solutions are often not fully implemented on an enterprise wide basis and in many cases can be complicated and costly to deploy. As such these higher layer encryption solutions can leave a gap in an organisation’s security strategy as they only protect a portion of the overall traffic. Only true transport-layer encryption can ensure total protection to all in-flight data, all of the time.
Security today, and tomorrow
Legislation and regulation are also playing a part. Service providers and companies the world over need to comply with new and changing regulations to mitigate the growing threat to sensitive digital information.
Europe is preparing for the formal adoption of the General Data Protection Regulation (GDPR) later this year, which aims to harmonise data security legislation as well as the penalty fines across the EU and ensure compliance with strict rules and duty of care relating to data retention and transmission. The Netherlands has already implemented the Data Breach Notification Law that went into effect from January 1st 2016 – with the obligation to report any breaches not only to the authorities, but to all involved.
These new rules require not only the disclosure of data thefts, if not encrypted, but also hefty fines - up to 10 per cent of turnover. These changes, while necessary, also make it an imperative that organisations implement appropriate measures to protect their data, regardless of where it is in the network.
Simple security
As the IT infrastructure becomes increasingly complicated - with ever growing reliance on cloud services and data centres - the network must be viewed as the foundation on which all of this depends. Being able to fully integrate low latency, multi-protocol encryption ensures that every byte is protected and the organization is secured.
New encryption solutions available today not only leverage the highest security cryptography algorithms available, they also have external third-party certification, two independent sets of keys for authentication and data encryption and end-user portals that allow the end-customer full control of security key management for their network. This allows enterprise end-customers to take advantage of compliant encryption solutions that can be packaged as a service.
Encrypting with confidence
The entire IT ecosystem, from service providers to cloud services, data centres to enterprises – effectively anyone transferring sensitive data - has a responsibility to ensure complete, end-to-end security – from the perimeter to the core of the network, whether data is traveling across a country’s borders, across a given city or even simply across the street. By encrypting data both in-flight and at-rest, organisations can ensure the best possible security strategy for virtually all data, all of the time – instilling confidence for themselves, their customers and their shareholders.
