Enterprise Encryption and Key Management Strategy | Vormetric
Upcoming SlideShare
Loading in...5
×
 

Enterprise Encryption and Key Management Strategy | Vormetric

on

  • 926 views

http://enterprise-encryption.vormetric.com/EMAILPTNRESGWhitepaper.html ...

http://enterprise-encryption.vormetric.com/EMAILPTNRESGWhitepaper.html

Understand the importance of a long term enterprise encryption and key management strategy over the short term fix of an ad hoc encryption to address any data security concerns.

This presentation is based on the whitepaper - Enterprise Encryption from Vormetric and ESG.
Register to download the whitepaper:
http://enterprise-encryption.vormetric.com/EMAILPTNRESGWhitepaper.html .

CISOs and their peers realize that ad hoc encryption is no longer adequate: It leads to higher costs and increased risk. So, what's needed? An enterprise encryption and key management strategy that can extend across all sensitive data, in all formats, across the entire organization.

Statistics

Views

Total Views
926
Views on SlideShare
882
Embed Views
44

Actions

Likes
2
Downloads
15
Comments
2

1 Embed 44

http://pinterest.com 44

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Nice article :)
    Are you sure you want to
    Your message goes here
    Processing…
  • Very informative
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Enterprise Encryption and Key Management Strategy | Vormetric Enterprise Encryption and Key Management Strategy | Vormetric Document Transcript

  • Enterprise Encryption and Key Management StrategyEnterprise Strategy Group Enterprise Encryption and Key Management Strategy THE TIME IS NOW Download ESG Whitepaper Brief: Enterprise Encryption and Key Management Strategy from Vormetric and ESG
  • Enterprise Encryption and Key Management StrategyEnterprise Strategy GroupIn the current data security environment, encryption is often touted as the grand cure-all. Simplyimplement an encryption solution and your data security woes will be behind you. While encryption canbe a powerful tool in the data protection arsenal, assisting companies in achieving regulatory complianceas well as offering a high degree of protection to sensitive data, it must be done in a strategic manner.Encryption as it’s been adopted today is more often implemented as a point solution, rather than as afoundational component of a strong risk management and data protection strategy.This argument is the basis for a new whitepaper published by ESG.The paper, which is entitledEnterprise Encryption and Key Management Strategy: The Time is Now, addresses the common failings ofencryption when used as a point solution rather than as a strategic component within a cohesive securitymanagement program.ESG analyst Jon Oltsik proposes that addressing encryption on an ad hoc basis can introduce significantrisk. Oltsik identifies a number of factors that can prevent organizations from maximizing the benefits ofencryption and key management.Ad hoc Encryption:Ad hoc implementations create a number of challenges that can dilute the benefit of encryption andmake key management quite difficult. For instance, ad hoc implementations can introduce encryptionbased on competing standards.These heterogeneous ad hoc encryption and key managementimplementations are difficult to manage and can increase the overhead involved in managing the varyingsolutions and introduce a greater likelihood of data breach. In a similar vein, having numerous encryptionsolutions means that the keys for each solution must each be managed within its native tool. In such aninstance, the increased likelihood of breach is accompanied by the increased likelihood of unrecoverable data.Enterprise Encryption:In response to these threats, Oltsik identifies a number of steps that organizations can take to ensuremaximum effectiveness from their encryption deployments. For instance, Olstik observes that encryptionis often deployed according to the needs and judgments of functional IT groups, rather than a centraldata security organization. The result is often that encryption keys are available to many members ofthe IT staff, which, of course, violates one of the central tenets of strong encryption – separation of duties.Other requirements of a successful enterprise encryption strategy include: • Tiered Administration – This allows organizations to set policies at both an organizational and a departmental level. • Distributed Policy Enforcement – Enforcing policies across distributed, heterogeneous systems throughout the organization is paramount to the successful implementation of enterprise encryption and key management. Brief: Enterprise Encryption and Key Management Strategy from Vormetric and ESG
  • Enterprise Encryption and Key Management StrategyEnterprise Strategy Group • Enterprise-level key management – Key management must become a central service for all activities, including key creation, storage, rotation, and revocation. • Central Command and Control – Consolidation of policy management, configuration management, and reporting and auditing functions helps to ensure appropriate management of encryption solutions across the enterprise.The message of the paper is that encryption is not effective, and should not be implemented, as a tacticalresponse to a departmental need. Just as one wouldn’t build a house without a blueprint, organizationsshould develop an enterprise encryption and key management plan to address their data securityrequirements. Keeping the big picture in mind, and understanding how all of the parts will work together,is central to establishing a solid data security foundation that will limit the risk of vulnerabilities and beeasier and more cost effective to manage. Register to Download the Complete Whitepaper! Click-to-Tweet Brief: Enterprise Encryption and Key Management Strategy from Vormetric and ESG