Security Management Strategies for the CIOAccess "Truth, lies and fiction about encryption"
This article is part of the September 2009 issue of 2009 Security Readers' Choice Awards
It's a security practitioners dream to deploy a technology that ensures perfect data protection 100 percent of the time. Short of unplugging a computer and locking it in a vault, few technologies come as close as encryption to nearly unbreakable data security; take the data, run it through an encryption algorithm, and it's unreadable to anyone who doesn't possess the right key to reverse the process. It can be mathematically demonstrated that retrieval of encrypted data without the encryption keys is computationally impossible within the expected lifetime of the universe. And while many strive for this level of certainty, practical issues in the use and deployment of encryption often limit benefits and negatively impact business operations. Reality has a very rude habit of shattering our security dreams. Encryption is everywhere in IT, from network communications and stored data, all the way down to smartphones and thumb drives. When applied correctly, it's incredibly effective at preserving data privacy and integrity. When misapplied, either because it was ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
2009 Information Security magazine Readers' Choice Awards
For the fourth consecutive year, Information Security readers voted to determine the best security products. A record 1721 voters participated this year, rating products in 17 different categories.
-
Truth, lies and fiction about encryption
by Adrian Lane, Contributor
Encryption solves some very straight-forward problems but implementation isn't always easy. We'll explain some of the common misperceptions so you'll understand your options.
-
2009 Information Security magazine Readers' Choice Awards
-
-
Security threats to virtual environments less theoretical, more practical
The demonstration of a hacking tool at Black Hat that allows attackers to escape from virtual machines to attack their guest OS elevates the seriousness of security threats to virtualization.
-
Security threats to virtual environments less theoretical, more practical
-
Columns
-
Security best practices in hotels
Accountability for Internet security should be placed on users, not service providers such as hotels.
-
Schneier-Ranum Face-Off: Is Perfect Access Control Possible?
Security experts Bruce Schneier and Marcus Ranum debate whether perfect access control is possible.
-
What does PCI compliance really mean?
Passing an audit can lull an organization into a false sense of security.
-
Security best practices in hotels
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...