Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Insider: Encryption Means Planning

Encryption is vital to protecting a company against data loss, theft, and malicious activity. But many IT pros could be facing a crisis when it comes to encryption for storage networks.

According to the latest report from Byte and Switch Insider, this publication's subscription research service, storage networking increases the vulnerability of stored enterprise data to both external and internal attacks. Storage networks foster multiple entry points from multiple hosts with different operating systems.

Encryption, while not a complete security solution by itself, goes a long way toward ensuring data safety. But the report, "Storage Encryption: State of the Art," notes that problems surrounding the enforcement of encryption could, ironically, threaten the security of many organizations.

For one thing, deciding what to encrypt can be a major stumbling block. Unless an IT manager can identify the data that really needs to be encrypted, when it needs to be encrypted, and who should have access to it, encryption can quickly become unmanageable.

The reason for this is simple: More data means more encryption keys need to be issued to protect it. These keys are the digital signals needed to ensure data can be turned into unreadable code and then translated at the right time by the right folks. Thus, involving more users requires more keys. Provisioning all of this can become an administrative nightmare. If keys wind up being manually managed, which the report notes is increasingly common, gaps can arise that expose data to security holes and errors.

  • 1