Encryption Works Wonders, But Causes Its Own IT Headaches

Encrypt everything! Unfortunately, that's become the knee jerk policy for some organizations that handle sensitive data, despite encryption's well deserved reputation for adding cost, complexity, and latency to IT environments. More organizations need to encrypt more of their data the Veterans Affairs fiasco shined the klieg lights on that fact but blanket encryption policies still are a bad idea.

The most aggressive users of encryption for PCs, databases, and networks can spend hundreds of thousands of dollars on product licenses, training, and support. The added software and hardware layers can slow systems performance, particularly when data packets must be decrypted to be examined by firewalls and intrusion-prevention systems. The alternative is to assume that all encrypted data is coming from a trusted source and let those packets through without inspection. Encryption handled poorly--when decryption keys are lost or stolen or become predictable because they're used too long--is the kiss of death for sensitive data. Encryption Works Wonders, But Causes Its Own IT Headaches - News by InformationWeek

Linked by shanmuga Monday, 25th September 2006 11:46PM