Encryption is key to better data protection and management
Antoine Harb, Team Leader Middle East and North Africa at Kingston Technology discusses the importance of encryption in securing the data that is the cornerstone of digital transformation. With GDPR and similar regulations in place, the loss of data can be a big implication on businesses in the region.Massive amounts of data are being generated by people and machines all around the world every second of every day, with an earlier forecast suggesting that 44 zettabytes of global data will be churned out by 2020. The figure is seen to only grow exponentially in the midst of the ever-expanding digital economy characterized by the emergence of and increased interest in 5G, edge computing, Internet of Things (IoT) and other innovations across industries.
This scenario of continuous data creation will necessitate innovative thinking and going beyond cloud computing in terms of processing and storing information. Data centers play a crucial role in this regard, and their use will only increase and their numbers will proliferate in the coming years amid today’s unprecedented inter-device connectivity trend.
But apart from data storage and processing, another equally serious issue to be considered in the midst of this data explosion is information security and integrity. The traditional password protection method is no longer sufficient to keep confidential data away from the prying eyes of cybercriminals. Devices such as laptops, USBs and flash cards can easily get lost and be stolen, while hackers are getting bolder in breaching online networks and information technology infrastructures. As such, there is also now a need for a secure and sophisticated environment where machines and devices can interact with one another without compromising the privacy, data security and safety of the user.
This is where encryption comes in. Encryption has been widely effective in ensuring data security and integrity. Without its corresponding decryption key, encrypted data is merely gibberish and, thus considered unusable. Keeping confidential information out of hackers’ reach, it assures that only users with the decryption key can access the shared information.
There are two types of encryption, namely software and hardware encryption. Software encryption encrypts data with other programs on the computer by using the computer’s resources. It uses the user’s password as the encryption key to scramble data. However, this is only as safe as the computer, the host system, making the data still more susceptible to brute force attacks. Hardware encryption, on the other hand, uses a dedicated processor physically located on the encrypted drive. The processor contains a random number generator to generate an encryption key, which the user’s password will unlock. It helps safeguard keys and critical security parameters within crypto-hardware, and it protects against the most common attacks such as cold boot attacks, malicious code and brute force attacks.
Both government and private sector entities have employed encryption to protect their infrastructures and networks. Encryption is not only easy to implement but it also leads to higher consumer trust. For instance, safe online transactions, including those related to bank and communication activities, are made possible through the technology.
Furthermore, organizations encrypt their data as part of their compliance with international regulations such as the General Data Protection Regulation (GDPR), which requires organizations holding personal details of European Union citizens to implement the necessary data security and safety measures. Data encryption is part of their compliance with relevant GDPR provisions.
Virtual Private Network (VPN) encryption is specifically growing in popularity among businesses, especially small and medium enterprises. Many companies deploy VPNs in devices such as notebooks and laptops for use by their remote workers. However, while they help protect data especially when the same is being accessed by employees using public WiFi networks, VPNs are only part of the whole data security solution. The protection can be further amplified by deploying encrypted USBs and equipping notebooks with hardware encrypted solid-state drives (SSDs). By doing so, a business can be confident that no unauthorized personnel can access the encrypted files, especially in case of a device being lost or stolen.
Kingston Encrypted SSDs, self-encrypting drives (SED) and encrypted USB flash drives serve as another layer of data protection. These technologies can help complete an organization’s robust data security strategy along with best practices, standards and policies, in addition to enhancing its regulatory compliance level. As it is, the use of encryption, fast storage and memory are all required to have advanced cybersecurity measures and effective endpoint data loss prevention (DLP) strategies.
Without a doubt, any data breach is costly. In the Middle East, a study by Ponemon Institute in 2019 showed that an average data breach in the region cost a staggering USD 5.97 million, or 50 per cent higher than the global average. To prevent data loss, Middle East organizations can benefit by deploying diverse solutions and measures, including encrypted hardware devices, for stronger data protection and management.
Cyberthreats will only continue to grow simultaneously with great technological advancements. As such, data protection should be a baseline requirement for all entities from the government and private sectors alike. The use of encryption solutions is an effective way that will give a business an upper hand in fighting cyberattacks.