Light Dark
October 30, 2013 By Anne Lescher 2 min read
Data Protection

Taking the Fear out of Encryption

Today, data protection must address exponential data growth, support big data analysis, reside in shared cloud data warehouses, allow mobile data access, and defend against increasingly sophisticated threats. So we must ask…

  • Why are people afraid to protect their information by encrypting their data?
  • Why is encryption often the protection mechanism of last resort?
  • Why does it take mandatory regulatory compliance, security policy audits, and penalties for non-compliance to ensure that sensitive data is adequately protected with encryption?

Unfortunately, encryption is often perceived as complex, something akin to rocket science. There is the concern that if you lose the encryption keys, you lose the data forever. There are fears that encryption keys are difficult to utilize, update and store securely. There are requirements for high speed data transactions.

However, recent compliance regulations and standards require that sensitive data be encrypted, including Health Insurance Portability and Accountability Act (HIPAA) for healthcare information, Sarbanes-Oxley (SOX) for financial information and Payment Card Industry Data Security Standard (PCI-DSS) for retail payment.

6 Reasons to Encrypt Your Data with Confidence

The good news is that carefully architected and well- implemented data encryption can provide the cornerstone of your data protection security policy. Encryption can protect your data and solve many of your data protection challenges. With that in mind, here are six advances in encryption that make it easier to deploy and take the fear out of encryption:

  1. Standardized algorithms for industrial strength encryption that are certified by NIST for data protection and secure key exchange such as RSA Public Key Encryption, Advanced Encryption Standard (AES) and Elliptic Curve Cryptology
  2. Standards-based network communication protocols that protect data in motion such as  Secure Sockets Layer (SSL), Transport Layer Security (TLS) and virtual private networks (VPNs)
  3. Self-encrypting tape and disk storage devices that provide high speed data encryption for data at rest protecting removable media and archived backup data
  4. Database view access controls and field level encryption that protect sensitive pieces of data within large data bases
  5. New Key Management Interoperability Protocol (KMIP) OASIS standard that allows key lifecycle management solutions to interoperate to manage, securely store and update encryption keys
  6. Automated encryption key back-up and recovery to help minimize the risk of loss or breach of sensitive information

So now let’s rethink these questions:

  • Do you still have to be afraid to encrypt your data?
  • Should you still live with risk and non-compliance exceptions related to data encryption?

Security solutions providing these six advances can relieve your fear of encryption. They can provide transparent, automated, high performance, end-to-end protection of data that address compliance regulations.  These advances allow you to encrypt data everywhere with confidence!

 

 |  |  |  | 
Anne Lescher
Mainframe Security Marketing Manager, IBM Security

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature