• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Data encryption best practices

August 3, 2014 by Secure360 and UMSA

Date-EncryptionAccording to a recent survey of ID theft victims by the National Consumer League and Javelin Strategy & Research, your chances of suffering from a data breach today are one in three. This is up from a one in nine chance just four years ago. Not only has the likelihood of a breach increased, but the financial stakes have risen as well. Hacking into computers and grabbing data to sell on the black market has become common practice for cyber criminals, yet one third of the victims have taken no steps to prevent data fraud.

It’s time to get serious about data encryption. You may not be able to prevent data from being stolen, and if you can’t you’d better protect it against being usable to fraudsters.

Start with a policy

Your organization needs to decide what data needs to be encrypted and how that encryption will work. Kaspersky labs suggests asking yourself the following questions:

  • Will we encrypt entire disk drives?
  • Will we encrypt removable storage devices?
  • Will we encrypt certain data files and folders, which ones?
  • Will data be unreadable for some users and not others?

When deciding what to encrypt, include all the relevant stakeholders in the process: IT management, operations, finance, etc. These stakeholders will help you understand what data is potentially harmful in the hands of criminals and what needs extra protection.

When you’ve established your policy, put it in writing and communicate about it.

Understand the cloud

Storing data in the cloud has become common practice for many organizations. It offers convenient and affordable data storage solutions. However, cloud environments can also introduce complexities you need to consider before creating your encryption strategy. With cloud computing, you no longer control all the physical aspects of your data. In a cloud environment, only the data owner should have access to encryption keys. 

Understand your vendors’ encryption process

Third-party vendors have been known to unwittingly give up important data. It’s important to ensure your vendors are properly protecting your data too. Ask vendors about the specific modules they use for encryption and check that their practices meet industry standards as well as your own. While there are international encryption standards in place, companies can take liberties with how they apply the standards. Don’t be afraid to ask the right questions and hold vendors to your standards.

Encryption is for your organization. It’s not just the government and large companies that suffer from breaches. Any organization storing sensitive data should be taking every precaution to protect that data from theft and use by fraudsters. Don’t make it even easier for cybercriminals to use your data once they steal it, encrypt it.

Filed Under: Business Continuity Management, Cybersecurity

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 6 days ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 1 week ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.