A Strategic View For Small & Medium Sized Companies PART 2

With the event of self-encrypting drives

(SED’s) manufacturers have not only removed the performance penalty but also made the devices extremely secure, not least because the encryption keys for the devices are stored on the physical drive itself. The encryption function is also implemented in silicon rather than software, making it more secure and just as importantly keep the encryption overhead down. Due to the way the self-encrypting drives are designed, the key never leaves the device, making key extraction virtually impossible.

“Implementing self-encrypting drives that provide hardware-based AES 256-bit encryption has fast become an easy to manage and cost-effective solution to stop data breaches through the theft or loss of computers, laptops and tablets containing confidential company, customer and client information.” – Pasi Siukonen, Team Leader Technical Resources Group at Kingston Technology.

Now that we have discussed the why, it is time to turn attention to a high level “how”. As part of those business requirements, a forward- looking company will design and develop processes to deliver the needs and the processes required to manage the encryption related calls that will come in.

One of the most important things to consider is the management of a chosen encryption system. There are several practicalities that must be considered when looking at the “how” of setting up encryption for mobile devices within a business.

The business must be able to manage the encryption and the devices in question centrally. Administrators need to be able to manage not only the encryption but also access to the management platform. Good security and auditing of the critical cryptographic platform are key. It should also go without saying that the cryptographic management platform should be redundant. Avoid putting all the eggs in one basket (server).

Conversely, the encryption and security must be as clear as possible to the end-users. End-user downtime causes lost productivity and therefore directly impacts costs as well as creating non-positive perceptions of the IT department.

At the same time, any data on the drive must remain accessible. Frequently, employees leave and the data must be available even after its owner may have left but also remain secure against loss or theft at the same time.

For this reason, solutions such as BitLocker and VeraCrypt while robust secure, can be more complex to manage and usually miss the key feature, an agnostic management framework that provides the full range of requirements for deployment at scale or are restricted to a single operating system. A solid framework is both agnostic and easy to consume. Amongst the most well-recognised frameworks is TCG (Trusted Computing Group) Opal.

+ posts

Meet Stella

Newsletter

Related articles

The value of colocation data centres in IoT

IoT data processing is increasingly being pushed out to the network edge to get as close as possible to the source sensors and end-users of the resulting data analytics

Strategy and anticipation are key to securing against cyber threats

With technological progress comes increased security risks. Sophisticated and co-ordinated cyber groups are working every day to find potential entry points into organisations’ networks.

Raising talent attraction and retention with IT investment

To be at the centre of talent attraction and retention, businesses should make use of workplace technology that enables them to integrate collaborative, secure and sustainable measures into their operations.

How NIST started the countdown on the long journey to quantum safety

Leading the charge to develop a post-quantum cryptographic standard for organisations is the US government’s National Institute of Standards and Technology (NIST).

Overcoming economic uncertainty with cloud flexibility

Particularly for companies that jumped into the cloud headfirst, taking the time to optimise existing processes is a remarkable way to reduce infrastructure costs and free up OPEX for delivering business value.

Subscribe to our Newsletter