Data Protection and Encryption
Data protection and encryption is used to protect information in transit and at rest. The primary function of data encryption is keeping information out of the hands of those who should not be granted access to sensitive information.
Security versus Privacy
Data Security Legislation
Organisations are subject to data protection and data security legislation. For the purposes of global compliance with data protection and security laws, experts recommend organisations implement policies for effective data governance. Sensitive data must be closely guarded, sensitive information such as personally identifiable information (i.e., social security numbers, names, etc) should be kept well-encrypted.
Data Protection Principles
Data availability ensures that those who need access to certain data should be able to use it regardless of if the data is damaged or lost.
Data Management has two key areas when it comes to the protection of data. These are: Lifecycle Management and Information Lifecycle Management.
Data Encryption Challenges
Data encryption uses symmetric and asymmetric keys. Only the correct key can decrypt the data. Brute Force is the process of attackers trying multiple random keys in an attempt to find the correct key.
A side-channel attack goes after the implementation of a cipher instead of a cipher itself. This probes weaknesses in system design.
Key Management and adequate key security, including the protection of key rotation and key confinement policies (i.e., never allowing key swaps).
Cryptanalysis attacks will exploit potential weaknesses within a cipher. These can include man-in-the-middle attacks along with other methods.
We partner with & resell Gemalto/Safenet products.
These security products provide protection and encryption of data in transit and at rest and are ideal for implementation in physical, virtual or cloud environments.