Eliminate blind spots in your SSL/TLS encrypted traffic.

Learn More

    Common Encryption Challenges

    27 Oct 2018

    Common Encryption Challenges

    Data protection is now one of the most critical and perhaps number one priority for organizations. With data breaches at an all-time high and new regulations such as GDPR and likes of it coming into force, organizations are now focusing on Data Centric Security approach. As such Encryption is one of the oldest yet one of the most effective technology solutions that can enable organizations to achieve Data Centric Security.

    The two main drivers for encryption are.


    • EU GDPR
    • PCI-DSS
    • NYDFS

    Risk Reduction

    • Big Data Lakes
    • Cloud Platforms
    • Analytics involving sensitive data

    The journey of encrypting data follows a thorough process which consists of:

    • Classification
    • Discovery
    • Protection
    • Enforcement
    • Monitoring

    While Encryption has been in use for centuries, its application depends on the context of information being processed and the relevant business requirement. As such while it may sound easy Encryption has its own set of challenges that should be taken care of while designing an Encryption solution. At Encryption Consulting we understand these challenges

    1. Data Discovery:

    The first and foremost action for an organization is to locate their sensitive and critical data that requires Encryption which is achieved through means of data discovery and assessment.

    Manual Approach

    • Discussing with business stakeholders and Data custodians

    Tool Based

    • Selecting and deploying Data discovery tools for structured, unstructured and semi-structured data stores

    2. Key Management: Cloud or On-Premise

    Key management is one of the most critical component for Encryption. It is very important to carefully identify and design best appproach suited for your needs

    Key Security

    • Ensuring Secure keys with constant protection
    • Not allowing access of keys to cloud administrators

    Controlling keys as the Customer

    • If a customer deletes its key, then data will be removed as well
    • Maintaining on-premise control of key

    Confinement of Key

    • Utmost dedication to the key management platform
    • Never allowing key swaps

    Key Rotation

    • Avoid over-use of key which permits vulnerability
    • Re-keying data with a new key to create a new key

    3. Querying Encrypted Data:

    Quite often is required to search and index encrypted data stored on-premise or onto the cloud. This is a big concern for organizations since this might involve decrypting data many often and thus increasing the opportunity for a hacker to get access to decrypted data. Additionally, frequent decryption can increase the demand for system resource requirement and time.

    4. Performance Overhead

    Whenever Data is encrypted, a performance overhead is associated with encryption. The amount of data encrypted may cause a slowdown for systems.

    5. Encryption algorithm and Key Length

    Another important aspect of Encryption is the selection of the Encryption algorithm & Key Length. While selecting a higher key length can enhance Security and reduce risks of Key compromise it can cause performance impact as higher key length will consume more resource and time. Thus a careful understanding of throughput and business needs should be evaluated for selection of Encryption algorithm and Key length

    6. Challenges of Encryption Program Management:

    When deciding on which type of encryption is best for your organization, the challenges organizations face with encryption program management are:


    • Meeting set requirements and compliances
    • Assess products/vendors available
    • Confirmation of product/vendor


    • Creating and tuning a secure environment
    • Plan for system integration


    • Set Formal Policies
    • Formatting of Data
    • Conduct Performance Test
    • Launch Application

    We at Encryption Consulting can help our customers plan and design the most suitable Encryption option for securing your data irrespective of where they are stored and without compromise on business performance or user experience.

    Contact us at info@encryptionconsulting.com

    Want to learn from HSM Experts

    We train some of the biggest names in the industry through virtual & Live Classes

    Get a Free Quote for your HSM training

    Free Downloads for Encryption consulting Advisory