Encryption Isn't Enough: Five Vital Protection Steps

Encryption is a powerful weapon in the CIO's data protection arsenal. But the multi faceted threats abound today reveal that it is not the only way to reliably protect your data.

"Encryption is the best way to secure data against eavesdropping," says Bruce Schneier, founder of Counterpane Systems and one of the world’s authorities in cryptology and security. But encryption can't help if you want to protect your valuable business data against other threats, he warns.

According to the Computer Security Institute (CSI) and the FBI 2005 Computer Crime and Security Survey, the number of security incidents reported by respondents as originating inside business networks has increased nine percent since 1999. Ultimately, the strongest cipher is useless if a cyber-criminal is able to whisk away encryption keys from insiders.

The security chain is only as strong as its weakest link, so relying on a single technology doesn’t make much sense, cautions Schneier. Other options are needed to ensure a well-rounded security system. IT Compliance Institute - Encryption Isn’t Enough: Five Vital Protection Steps

Linked by shanmuga Saturday, 13th May 2006 2:14AM