Page 39 - Cyber Warnings
P. 39
3. Deploy Corporate-wide Encryption
Encryption is one of the most powerful ways to protect personally identifiable information (PII).
There’s encryption for data in transit, encryption for entire hard drives, databases and file
systems. If you have employees who travel frequently, if there were a way to encrypt their
smartphone, tablet, laptop, netbook and notebook hard drives and file systems that would be
the best place to encrypt first – in many cases employee traveling equipment are lost or stolen
and without encryption, whatever corporate records, data, passwords, VPN client or other
confidential information could end up in the hands of criminals or other preying eyes. There are
some excellent encryption technologies on the market – some encrypt chat sessions, instant
messaging and SMS as well as telephone or voip communications. These are great for data in
transit. There are numerous free and open source tools like Stunnel, OpenSSL, OpenSwan and
TrueCrypt (v6 or earlier) that will provide you with a high level of encryption. If there’s ever a
breach either on portable equipment or behind the corporate firewall, you can mitigate data theft
risk, if the data that’s accessible to the hackers and cyber criminals is encrypted and they don’t
have the keys.
Steps involved:
1) Inventory all network attached assets throughout your entire organization – in
particular, the operating systems, file systems and databases you are running.
2) Find encryption solutions that will protect these operating systems, file systems and
databases. You’ll probably end up with multiple solutions from a mix of open
sources or different vendors. So, you won’t end up with a single dashboard to
manage all the encryption but even so, it’s worth the effort.
3) Test and deploy the encryption across your organization. The biggest headache will
be multi-factor authentication and key management so make sure you picked the
most manageable solution with the ability to recover keys or reset passwords without
losing access to the data.
39 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide