We’re living in the age of the digital security breach. So far, in 2017, we’ve seen security issues involving as many as 14 million Verizon (News - Alert) subscribers, 77 million accounts connected to edtech platform Edmodo, a serious malware attack on the Mac video program Handbake, and of course the recent high-profile breach at Equifax. What are we doing wrong?
Ultimately, the answer to corporate vulnerability has to do with current encryption capacity and security practices, the high value of business data, and the sheer quantity of data hiding just behind the thin shield the internet. So, while we rely on certain baseline encryption practices to protect that information, it will take a whole new level of security to mitigate business security risks.
One of the main ways that businesses will begin increasing their security in the coming year is with an emphasis on encryption beyond the basic methods currently used to protect their emails. Keep a close eye on these 3 tech trends and remember to ask – where do these tools fit in your company’s security infrastructure?
Before we dig into the more advanced security technology waiting on the horizon, it helps to understand how early web development decisions have come to influence our current precarious state. In particular, we encounter near constant security issues with email because it wasn’t designed to be a primary mode of communication. It was designed for basic transmission and, in fact, could be read by anyone looking at the network.
Obviously, we’ve locked down email transmission since then, but current problems are directly tied to these early design flaws. Now, we bridge the gap using tools like Virtru’s email encryption software, by attaching encrypted files to our emails, and using closed network channels and private servers to perform intra-agency communications. We strategize around the holes in the system.
In 2018, additional cloud-based encryption services will continue to grow towards a 2020 estimate of $4.2 billion in sales, up from just $1.5 billion in 2015. Repeat security breaches has shaken us awake – all of us, across industries – and we’re ready to invest in privacy.
Dig Into Data
It isn’t just email that poses a problem for corporate security, but also business databases – even when they’re inactive. That’s why, just as with email, businesses need to be encrypting our databases. By now, hackers know that databases are where all of the high-value information is, so while email with its many gaps is often the point of entry for malware and other threats, databases are the ultimate destination.
Active Data Issues
Finally, one of the most significant transformations on the horizon for enterprise security is protection for data in-use. Historically it’s been much easier for businesses to protect inactive data, data tucked away in a database but not currently being edited or manipulated, while anything in use was left open to attack. Finally, encrypting in-use data is becoming feasible.
Businesses interested in embracing in-use data security should look into a process known as homomorphic encryption, which was specifically designed for use on data actively being manipulated through queries, analysis, or processing. Keeping this data covered will change how we think about security.
Encryption isn’t a so-called one trick pony, only good for protecting your email or even your internet connection. Rather, with the right tools and greater processing power, it’s possible to encrypt information from the lower level – the smallest data packet all the way up.
Advanced encryption may not shut down all future data breaches, but it can diminish both their reach and frequency. Businesses have a responsibility to embrace new security tech. Those that don’t will find customers voting with their feet and opting for businesses that put their information privacy first.