Encryption: The First Line of Defense against Cyber Attacks
As businesses begin moving more of their data into the cloud, the risks of a data breach become more prominent. The first line of defense that organizations can implement against data theft is encryption.
A recent study conducted by Thales E-Security entitled 2016 Global Encryption Trends Study shows that compliance regulations are driving more businesses to use encryption when storing data in the public cloud.
One of the first applications that businesses offload into the cloud are their HR related apps. Consequently, HR handles heaps of personal data including name, address, social security numbers, etc. That being said, one of the most interesting findings in the study suggests that HR data is more commonly encrypted than payment data, intellectual property or internal financial documents.
Another astounding fact is the perceived risk around data security. On the surface, you’d think that many organizations are worried about a technical breach or a malicious exploit being the reason their data becomes exposed. Contrary to that belief, more respondents suggested that employee mistakes, or an employee mishandling privileges assigned to them is more worrisome than an actual cyber-attack that results in a data breach.
“The findings of this year’s study demonstrate the importance of both encryption and key management across a wide range of core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing and more,” mentions Larry Ponemon, founder of The Ponemon Institute. The Ponemon Institute contributed to Thales E-Security’s report.
More than 84% of the organizations polled said that they planned on moving data into the cloud over the next two years. The survey didn’t ask whether or not this data was considered sensitive, nor did the survey ask whether or not the data would be transferred while being encrypted first or transferred using data masking techniques.
Thales E-Security suggests that you encrypt all of your data using the most simple and manageable means possible.
