Common Encryption Challenges

Data protection is now one of the most critical and perhaps number one priorities for organizations. With data breaches at an all-time high and new regulations such as GDPR and likes of it coming into force, organizations are now focusing on the Data-Centric Security approach. As such Encryption is one of the oldest yet one of the most effective technology solutions that can enable organizations to achieve Data-Centric Security.

The two main drivers for encryption are.

Compliance

• EU GDPR
• PCI-DSS
• HIPPA/HIPPA HITECH
• NYDFS

Risk Reduction

• Big Data Lakes
• Cloud Platforms
• Analytics involving sensitive data

The journey of encrypting data follows a thorough process that consists of:

• Classification
• Discovery
• Protection
• Enforcement
• Monitoring

While Encryption has been in use for centuries, its application depends on the context of information being processed and the relevant business requirement. As such while it may sound easy Encryption has its own set of challenges that should be taken care of while designing an Encryption solution. At Encryption Consulting we understand these challenges

1. Data Discovery:

The first and foremost action for an organization is to locate their sensitive and critical data that requires Encryption which is achieved through means of data discovery and assessment.

Manual Approach

• Discussing with business stakeholders and Data custodians

Tool Based

• Selecting and deploying Data discovery tools for structured, unstructured, and semi-structured data stores

2. Key Management: Cloud or On-Premise

Key management is one of the most critical components of Encryption. It is very important to carefully identify and design best approach suited for your needs

Key Security

• Ensuring Secure keys with constant protection
• Not allowing access of keys to cloud administrators

Controlling keys as the Customer

• If a customer deletes its key, then data will be removed as well
• Maintaining on-premise control of key

Confinement of Key

• Utmost dedication to the key management platform
• Never allowing key swaps

Key Rotation

• Avoid over-use of the key which permits vulnerability
• Re-keying data with a new key to creating a new key

3. Querying Encrypted Data:

Quite often is required to search and index encrypted data stored on-premise or in the cloud. This is a big concern for organizations since this might involve decrypting data many often and thus increasing the opportunity for a hacker to get access to decrypted data. Additionally, frequent decryption can increase the demand for system resource requirements and time.

4. Performance Overhead

Whenever data is encrypted, a performance overhead is associated with encryption. The amount of data encrypted may cause a slowdown for systems.

5. Encryption Algorithm and Key Length

Another important aspect of Encryption is the selection of the Encryption algorithm & Key Length. While selecting a higher key length can enhance security and reduce risks of key compromise, it can also cause performance impact as a higher key length will consume more resources and time. Thus, a careful understanding of throughput and business needs should be evaluated for the selection of the Encryption algorithm and Key length

6. Challenges of Encryption Program Management:

When deciding on which type of encryption is best for your organization, the challenges organizations face with encryption program management are:

Planning

• Meeting set requirements and compliances
• Assess products/vendors available
• Confirmation of product/vendor

Building

• Creating and tuning a secure environment
• Plan for system integration

Integrating

• Set Formal Policies
• Formatting of Data
• Conduct Performance Test
• Launch Application

We at Encryption Consulting can help our customers plan and design the most suitable Encryption option for securing your data irrespective of where they are stored and without compromising business performance or user experience.

Contact us at [email protected]