What I’d like touch on today with this post is a common misconception about data encryption and security. When I tell people who I work for and what we do, many people assume what we do is protect people from hackers. If people use our software the various security breaches people hear about would be prevented. I’d like to say that we could prevent any kind of hacks etc. but it simply isn’t true.
Even if we were the data encryption solution of choice for companies like Sony, LinkedIn and others, we couldn’t have stopped the ‘hackers’ that breached their systems. What we do is protect data at rest, information that resides on a hard drive or other storage media. We prevent bad guys from accessing the information on these devices if they’re ever lost or stolen by ensuring they can’t log on to the system and any other attempts to access the data is unsuccessful because well… it’s encrypted.
If a hacker (in the sense that they breach a secure network to gain access to devices) accesses a live server or device via the network there’s nothing that can be done from an encryption standpoint. Once a device has been logged-in to, it’s open. All information is visible because the proverbial keys to the front door have been used and it’s unlocked.
Stopping hackers from those types of breaches is about network and OS security. Ensuring there aren’t loopholes in your network infrastructure that can allow them to gain access through backdoors and other exploits that take advantage of OS vulnerabilities.
However, if bad guys were to steal an encrypted laptop from the back of your car, there’s a lot we could do to prevent them from reading any of the data on that device. That device is turned off and has to be booted and someone has to provide credentials to authenticate themselves to gain access to the information on it. A bad guy isn’t going to have that information. If encryption is used and the added layer of pre-boot authentication is added to the boot process, it’s nearly impossible for that hacker to gain access to the data.
If the hard drive is removed and put in a different computer, it’s still encrypted. It still needs user authentication to gain access. With an encryption solution in place with pre-boot authentication, a stolen laptop becomes a very large door stop for the bad guy that stole it. There are also other technologies that can enable us to remotely wipe the device and track it.
With that in mind, the most common issue when devices are lost or stolen is that the device isn’t encrypted. We recently commissioned a study by the Ponemon Institute where companies reported that 33% of lost laptops have unencrypted information. If it’s not encrypted, it’s not secure. If it’s not secure, your business, customers, reputation and integrity are at risk.