Solution Providers Increasingly Focusing on Encryption

Solution providers are starting to focus more on encryption to keep their data secure, particularly as more data enters the cloud.

The CEO of HighCloud Security, a Mountain View, California-based security vendor, said: “It's like a light switch was turned on within the last six months. The debate about putting mission-critical information in the cloud is over. We've seen a much bigger uptake and interest in encryption. It's going into the places where you would expect - industries like financial services and healthcare - but the general level of interest is increasing too.”

Channel partners are keen to differentiate themselves more from their competitors, and it appears that the ability to offer encryption technologies to people is one increasingly popular solution. Industries that deal with a high volume of data (who thereby have high levels of attention from hackers and other cyber-criminals) are becoming more interested in this movement.

Jeremy Przygode, CEO of Stratalux (a Los Angeles-based solution provider) said: “Yes, encryption is definitely a good thing, but whether or not it's practical depends on your specific needs. It's a great idea to encrypt your data, but it adds a layer of complexity and computing overhead that may or may not be appropriate for specific types of applications. And there's a definite impact in terms of CPU overhead. Databases are especially difficult to encrypt, as well. But basically, if you have specific concerns about specific data, you should encrypt it.”

Management is important to encryption; service providers can manage encryption for convenience, or channel partners or customers can, for additional security.

Hackenberger noted: “It's always good practice to make sure that you have the keys separate from your data, and you, the customer, want have that control. Key management is often very confusing to people. The language is kind of arcane, and it's counterintuitive to a lot of folks, so we put a lot of energy into maintaining a policy-based management model to keep everything as streamlined as possible.”

Hackenberger adds that anything going into the cloud that is not meant to be seen by the public, should be encrypted. He added: “Many breaches are a result of simple mistakes and errors, and that exposure can happen in a lot of ways. No matter what your provider does and how good their intent is, you, the data owner, have legal responsibility for that data. And in a lot of cases, you have regulatory issues with which to contend. Encryption is substantially less costly than it used to be. It runs on pretty much any commercial-grade server that is running virtualization, and there's really no reason to avoid it.”

Security measures can never be 100% effective, and the presence of cryptography means that cybercriminals will be more prone to attacking less-protected infrastructure instead.

The CEO of Westboro, Massachusetts-based solution provider Cumulus Global, Allen Falcon, says that choosing an encryption provider is key to the continued success of a company. He stated: “Most of the companies in that space are fairly new, and you have to wonder which ones will survive, and what happens down the road if you need support. Plus, you don't know that the encryption tool you're using is actually something that [cybercriminals] could not crack.” (CY) Link