Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Crypto Mulled at Irvine Event

IRVINE, Calif. -- With hardware encryption having become a de facto standard in its own right, vendors debated the pros and cons of crypto at the system, device, and file levels this morning at the Data Protection Summit here.

There were the familiar entreaties to make sure keys are escrowed in a way that makes them easy to access over the long term. There was the call to use standards-based technologies (and the retort: "Standards are wonderful -- every vendor should have one"). And there was a familiar refrain to avoid obsolescence as enterprises add to their storage security arsenal.

One vendor actually took on the challenge implicit in the session title: "Top 10 Things You Need to Know About Drive Encryption Today." Warning he wouldn't be nearly as funny as David Letterman, Chris Burchett, CTO of Credant Technologies Inc., Addison, Texas, nonetheless enumerated some major -- and less obvious -- aspects of contemporary encryption wisdom:

  • No. 10: When your boss says, "Encrypt all endpoints," think "all platforms."
  • No. 9: All endpoints may also include devices you don't own -- partners' devices, USB drives that users may leave behind, and the like.
  • No. 8: Encrypting data is "managed corruption," so keep in mind the managed part. Customers want to avoid decrypting and re-encrypting data, thus exposing it unnecessarily. Treating all enterprise information in a more holistic way is the security industry's biggest challenge.
  • 1