Unlocking encryption management

As encryption technology becomes more user-friendly and manageable, more businesses are adding standalone encryption platforms to their IT security

Someday, encryption features built into a wide range of IT products -- from operating systems and messaging gateways to hard drives and storage systems -- may work in concert to offer central policy enforcement across different types of network assets and devices.

Until that day arrives, however, companies embracing the tools have become dependent on standalone encryption platforms to give them distributed control and policy enforcement across their IT systems.

Long known as much for their complexity and demand for hands-on care and feeding as they have been valued for their protective qualities, encryption platforms are finally finding their way into a number of large businesses.

This growth in adoption has been driven by the proliferation of data protection regulations and based on the availability of products that address the hardest elements of encryption technology -- policy enforcement and key management, industry watchers contend.

"The performing of the encryption itself is something that generally belongs close to whatever type of data you are trying to encrypt, whether that is e-mail, network traffic, or a database, but companies are buying into technologies today that allow them to do centralized policy enforcement and key management," said Paul Stamp, analyst with Forrester Research.

"It's great in theory to say that all of this activity needs to happen in the infrastructure components themselves," he said. "But that's not a reality yet in terms of allowing for centralized management, so customers are turning to these platforms in the meantime."

End-users agree that encryption has long been a security process they desired to implement but couldn't stomach based on issues of complexity.

The arrival of more usable encryption technology over the last few years has helped eliminate some of the traditional roadblocks, according to some corporate users.

"From my previous experience with e-mail encryption, I had two major concerns with using the tools: Key management and any dependence on the end-user to make the systems work right," said Michael Gabriel, corporate information security officer for Career Education Corporation (CEC) a higher-education provider that operates more than 75 colleges, schools, and universities.

"I haven't ever seen an encryption project where management wasn't a major sticking point, that has been the history of the technology, but it seems that the vendors are finally getting it right," Gabriel said. "Compared to mapping the business process, putting the technology in place was a breeze. The only real sticking point was getting the data flow."

CEC is using encryption tools made by PGP in cooperation with its data leakage prevention and e-mail filtering systems to protect sensitive information being passed among its employees.

Gabriel said that PGP's embedded key management capabilities may be the most valuable aspect of the system -- a feature that simply didn't exist in the past.

Other PGP users echoed those sentiments, saying that encryption tools have advanced significantly over the past several years in terms of eliminating the management headaches that have made it challenging to deploy the systems on a wider basis.

At American National Insurance Company, IT leaders said that the financial services company had been considering broader use of encryption for several years before the combination of more streamlined technologies and increasing pressure in the form of compliance regulations encouraged the firm to dive in.

Today, the company is using PGP tools to both obscure sensitive e-mails and provide whole disk encryption to protect data stored on its desktop and laptop computers.

"We'd been looking at encryption closely since at least 2005, driven largely by the laws and compliance regulations that were being passed; we needed better e-mail security because we realized after sampling that we had a problem, and knew that we wanted to better protect sensitive information on our computers," said Ken Juneau assistant vice president of Information Technology Services at ANICO.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?