It’s Cinco de Mayo, a bicultural celebration that has become synonymous with margaritas and cervezas. The significance of the day however is that it represents Mexican resistance to foreign intervention – when Mexico rallied to defend itself. More than 150 years later what most people are looking to defend today is data – personal private information, intellectual property or payment data. So on Cinco de Mayo here are my top 5 (cinco!) pervasive encryption techniques to help maximize data protection:
- Encrypt everything, all the time: Encrypt everything, or at least encrypt everything that would be considered sensitive. And ensure your encrypting it in all phases of its life cycle -- at rest, in use and in transit.
- Create and execute a strategy: Make sure you have a comprehensive encryption strategy that allows you to understand what data you are encrypting, how you are managing your keys and the underlying policy controls for user access
- Leverage a hardware security module: If data is sensitive, the highest level of assurance is through a hardware security module that keeps your most important keys inside a secure hardware boundary.
- Separate the duties: Implement policy controls to make sure you have separation of duties between network personnel and security professionals. Separating out the security components and the network management components or the application user components is critical to ensuring that only the people who need to access the different systems are able to access them.
- Monitor and evolve your strategy: Continually monitor your people, processes and security posture to protect yourself as vulnerabilities evolve. You need to look at your people processes as well to make sure you have some kind of checks and balances in your technology strategy and continue to evolve it to see vulnerabilities.
Want to find out more about encryption techniques and trends? Why not download our Global Encryption Trends Study?