Last week Townsend Security exhibited at the PASS Summit and showed off our new encryption key management appliance. This was our first time attending this show, and if you aren’t familiar with the PASS Summit, it is the world’s largest, most-focused, and most intensive conference for Microsoft SQL Server and BI professionals. This year's show was the biggest conference to date with over 4000 attendees.
This was a good show for us. The SQL Server community really understands the importance of encryption and key management. Microsoft made encryption much easier with the introduction of Transparent Data Encryption (TDE) in SQL Server 2008 and opened the doors for proper encryption key management with Extensible Key Management (EKM). With this combination, it is now easier than ever for organizations to be encrypting their sensitive data with “best practices.”
It was encouraging to see how many people were encrypting their sensitive data using TDE. When we told them about our encryption key management appliance, their eyes lit up and said, “I need that! We need to meet PCI DSS and get our encryption keys off of our SQL Server.” We were more than happy to tell them how easy it is to start properly managing their encryption keys – both technically and financially. Our client installs easily - just like any other application on SQL Server and set up is a breeze. When the average cost of a data breach to an organization is over $7 million dollars, it is getting easier to justify the business case for proper encryption and key management.
Of course not everyone was encrypting. Some people just didn’t need to. Others though, when asked about encryption, hung their head and said “No, but I probably should be.” And these were people in the medical and financial industries! (Note to self: don’t give these organizations my personal information.)
The concept of “leaving your keys under the mat” really resonated with this crowd. If they didn’t know the importance of separating encryption keys from the encrypted data before they visited us, they certainly knew it well by the time they left. We look forward to attending this show again next year and maybe the people who currently aren’t encrypting our private information will be first in line next year telling us about their “nightmare audit.”
For more information on our encryption key management appliance, built specifically for SQL Server, view our webinar “Encryption Key Management with Microsoft SQL Server.” See how easy it can be to implement strong key management and hear what hundreds of attendees learned at PASS last week.