Data Protection & Encryption
What is Data Protection and Encryption?
Data protection and encryption is used to protect information in transit and at rest. The primary function of data encryption is keeping information out of the hands of those who should not be granted access to sensitive information.
Security versus Privacy
Data Security Legislation
Organisations are subject to data protection and data security legislation. For the purposes of global compliance with data protection and security laws, experts recommend organisations implement policies for effective data governance. Sensitive data must be closely guarded, sensitive information such as personally identifiable information (i.e., social security numbers, names, etc) should be kept well-encrypted.
Data Protection Principles
Data Availability
Data availability ensures that those who need access to certain data should be able to use it regardless of if the data is damaged or lost.
Cryptanalysis
Data Management has two key areas when it comes to the protection of data. These are: Lifecycle Management and Information Lifecycle Management.
Data Encryption Challenges
Brute Force
Data encryption uses symmetric and asymmetric keys. Only the correct key can decrypt the data. Brute Force is the process of attackers trying multiple random keys in an attempt to find the correct key.
Side-Channel Attacks
A side-channel attack goes after the implementation of a cipher instead of a cipher itself. This probes weaknesses in system design.
Controlling Keys
Key Management and adequate key security, including the protection of key rotation and key confinement policies (i.e., never allowing key swaps).
Cryptanalysis
Cryptanalysis attacks will exploit potential weaknesses within a cipher. These can include man-in-the-middle attacks along with other methods.
We partner with & resell Gemalto/Safenet products.
These security products provide protection and encryption of data in transit and at rest and are ideal for implementation in physical, virtual or cloud environments.
