Blog | Townsend Security

Affordable Encryption Key Management?

Written by Liz Townsend | Aug 23, 2013 3:47:00 PM

“Encryption and key management can’t become endemic the way it needs to be without being easy and affordable. That’s a fundamental fact.” - Patrick Townsend, Founder & CEO of Townsend Security

Every day securing sensitive data becomes more and more important. With sensitive information being entered into databases, and many databases moving to the cloud, the risks associated with unprotected data increase exponentially. Data such as credit card information, social security numbers, financial information, and protected health information (PHI) gets dumped into internal IT networks as well as the the stratosphere of the cloud. Without adequate data security tools, businesses are sitting ducks when it comes to data loss.

Unfortunately for a lot of organizations, the security tools their IT departments have deemed “adequate” are mostly firewalls and other access prevention mechanisms. Today, however, it is widely acknowledged by security professionals that these mechanisms are easily breached by hackers. In fact, many data breaches are simply caused by employees mishandling data. Because firewalls don’t keep data secure, industry regulators such as the Payment Card Industry Security Standards Council and HIPAA/HITECH Act mandate or strongly recommended organizations use strong encryption and encryption key management to secure the data itself. If encrypted data is compromised, but the encryption keys are securely protected, then the data remains unreadable.

Recently Joan Ross, security expert, published a White Paper outlining critical encryption key management principles that will help organizations overcome one of the biggest barriers to implementing a strong encryption key management solution: The need for a solution that is affordable and quick to deploy.

Time, money, compatibility, and hidden costs are issues every business struggles with. Almost every single successful, new innovative technology these days is designed to help individuals or businesses reduce time, save money, and increase compatibility between devices--unfortunately, the hidden costs sometimes persist. You see simplification driving down costs with tools such as virtualization and cloud computing, for example. These technologies are so effective at helping businesses reduce costs that more and more people are using them every day.

However, as businesses move more and more data into virtualized and cloud platforms, securing that data becomes even more difficult due to the inherent complexities of these environments. As this happens it’s important to remember that data security shouldn’t fall to the wayside.

With over 25 years in the data security industry, Ross addresses in her White Paper the issues of affordability and hidden costs in effective encryption key management systems. When choosing a key management vendor, Ross reiterates that hidden costs can quickly add up, resulting in a solution that that becomes too exorbitant to execute. Transparency, she urges, is critical to a successful relationship with a key management vendor. Achieving affordability and transparency is possible today because there are vendors today who want to work with customers--and who believe that cost should not be a barrier to good data security.

In Joan’s words: “Data security has come a long way within just the past few years.  Organizations no longer have to continue to maintain current patchwork methods because there are no available, cost-effective, or interoperable solutions that easily solve their problems.  Encryption and encryption key management are now industry standards and work across both legacy and newer business systems, multi-platform and multi-tenant networks, remote access workstations, geographical offices, data centers, and third-party business partners.”

Download the White Paper "Industry Must Haves for Effective Encryption Key Management" to learn more about must-haves in an encryption key manager and how to ensure your data is fully protected.