

Do you have a proper enterprise data encryption and protection solution? Years ago, only companies handling the most sensitive data, such as patient records, bothered with extensive encryption.
Times have changed, however. GDPR and CCPA have tightened privacy laws in Europe and California – and thanks to the global nature of the internet, these regulations can affect every company, regardless of where they are located.
This simple guide will help you understand which data encryption processes are most useful to you and your company.
You need to "protect data wherever it pools or flows," according to Binghamton University's CIO, Sharon Pitt. This becomes truer as more data and systems move to the cloud, the Internet of Things matures and technology spreads; your data likely resides in many different places during its life cycle, and each requires its own approach.
There are 3 broad areas of data to be considered:
Let's take a deeper look!
Inactive data is stored physically – on a computer hard drive, on a USB stick, or on a server in the cloud. This type of data is kept inactive until it is needed. There are several methods to protect data at rest. Use all of them to enable many layers of security.
While encryption of data-at-rest is a critical last line of defense, it’s not enough. Data must still be delivered to those who need it. Be aware, your data could easily pass through a compromised server, with the data being checked and potentially copied. To keep others away from your sensitive data in transit, encryption is necessary to protect not just text, but also voice, video and metadata.
Unlike data at rest or in transit, data in use must be accessible by users and apps. So, how to keep data protected while still allowing it to be modified?
For right now, access control is the general rule. Authenticate who (user or process) accesses the data and for what purpose (read, write, copy, rename). Don't allow access to users or processes when they don't need it. This type of control can reduce the risk of ransomware reading or modifying your files.
In order to implement an effective enterprise data encryption and protection solution, you must follow these 5 steps:
Make sure you know which data is sensitive and needs the most protection. Ask yourself, "which data would cause the most harm if compromised?". Read through relevant regulations, which generally provide a list of what type data must be protected.
Common categories of protected data:
Where is your sensitive data stored? Build a map of your data flows so you know where your data is, where it’s going, and who it’s going to.
Which encryption tools are best suited for your organization's needs? Consider these factors:
Before implementing your solutions, prepare for what could go wrong.
After some time, review your solutions. Are they performing as expected? Are there technical issues? Are there holes that might expose your data?
Ask yourselves these questions and see if you need to tweak or alter anything. Use logging tools to evaluate your encryption and to provide details on who is accessing what data, and when. Finally, keep an active dialogue with your colleagues. They will have insights into what is working and what is not.
Having a solid enterprise data encryption and protection solution helps protect your company from data breaches and their impact – as well as ensuring you comply with the law.
Happy Encrypting!
The Guide to Encrypting Data in the Cloud
Commercial or Open-Source Encryption Software – Whose Side Are You On?
Michael Waksman has been serving as CEO of Jetico since 2011, more than doubling the size of the company during his tenure. He brings more than 20 years of communications, technology and leadership experience.
At Jetico, Waksman has lead creation of the corporate identity, raising global brand awareness, building a more commercially-driven team and initiating enterprise customer relations. Jetico has maintained a wide user base throughout the U.S. Defense community, in the global compliance market and for personal privacy.
Waksman served as vice-chairman of the Cyber Group for the Association of Finnish Defense and Aerospace Industries. Recognized as a security and privacy advocate, he is a frequent speaker at international events, occasionally on behalf of the Finnish cyber security industry. In 2012, Waksman was honored with The Security Network's Chairman's Award for fostering collaboration between the United States and Finland. As dual citizen, he is a native New Yorker and has been living in the Helsinki region for over 15 years.