A Strategic View For Small & Medium Sized Companies PART 2

With the event of self-encrypting drives

(SED’s) manufacturers have not only removed the performance penalty but also made the devices extremely secure, not least because the encryption keys for the devices are stored on the physical drive itself. The encryption function is also implemented in silicon rather than software, making it more secure and just as importantly keep the encryption overhead down. Due to the way the self-encrypting drives are designed, the key never leaves the device, making key extraction virtually impossible.

“Implementing self-encrypting drives that provide hardware-based AES 256-bit encryption has fast become an easy to manage and cost-effective solution to stop data breaches through the theft or loss of computers, laptops and tablets containing confidential company, customer and client information.” – Pasi Siukonen, Team Leader Technical Resources Group at Kingston Technology.

Now that we have discussed the why, it is time to turn attention to a high level “how”. As part of those business requirements, a forward- looking company will design and develop processes to deliver the needs and the processes required to manage the encryption related calls that will come in.

One of the most important things to consider is the management of a chosen encryption system. There are several practicalities that must be considered when looking at the “how” of setting up encryption for mobile devices within a business.

The business must be able to manage the encryption and the devices in question centrally. Administrators need to be able to manage not only the encryption but also access to the management platform. Good security and auditing of the critical cryptographic platform are key. It should also go without saying that the cryptographic management platform should be redundant. Avoid putting all the eggs in one basket (server).

Conversely, the encryption and security must be as clear as possible to the end-users. End-user downtime causes lost productivity and therefore directly impacts costs as well as creating non-positive perceptions of the IT department.

At the same time, any data on the drive must remain accessible. Frequently, employees leave and the data must be available even after its owner may have left but also remain secure against loss or theft at the same time.

For this reason, solutions such as BitLocker and VeraCrypt while robust secure, can be more complex to manage and usually miss the key feature, an agnostic management framework that provides the full range of requirements for deployment at scale or are restricted to a single operating system. A solid framework is both agnostic and easy to consume. Amongst the most well-recognised frameworks is TCG (Trusted Computing Group) Opal.

+ posts


Related articles

How the cloud could hold the answers to the world’s biggest questions

Considering the cloud is already doing its part to solve the huge problems of climate change and cybersecurity, its functionality holds enormous promise to contribute further and solve even more of the world’s most pressing issues. 

Clarifying UK cloud adoption patterns

There is no doubting the shift towards cloud adoption. What is far more unclear is the exact path this is taking, and what ‘cloud adoption’ really means in terms of the IT choices made by UK companies.

SMEs: The Move from Legacy to the Cloud

Digital transformation is clearly a mainstream strategy, and the cloud has certainly shown its value in recent times more than ever before.

Don’t lose sight of SAP on Cloud operational excellence

Digital transformation projects can often become complex with twists and turns, which can lead organisations to focus solely on the migration itself.

Need to reduce software TCO? Focus on people

Investing in software is undoubtedly important for enterprises to stay ahead. However, the process is rarely a simple task for CIOs and IT leaders.

Subscribe to our Newsletter