Encryption of sensitive data: why it matters

Christoph Bader, strategic marketing manager at Kingston, talks about why data encryption is no longer an option that can be ignored by businesses.

Being concerned about security and encryption nowadays is mandatory. Encrypting confidential data that can be moved is a substantial way to limit potential damage to a business.

The need for encryption grows greater if we take into consideration the new fines that will be applied after the European Union’s General Data Protection Regulation (EU GDPR) will take full effect in 2018. 

The number of reported incidents concerning the loss of data due to the misplacement of a CD, a smartphone or a USB is surprisingly high. Human error is not a variable that can be completely eliminated. 

As a result, Organisations incur significant losses, are forced to pay fines, offer compensations, and on top of that can suffer a major PR crisis that could leave them on their knees in the eyes of the public. 

Research shows the current average loss caused by a data leak at a large EU-based company stands at a staggering amount: over three million pounds. 

From 2018 onwards, organisations will be subject to facing increasingly stiff financial sanctions for negligence. These potential penalties will be up to 20 million Euros, or 4 per cent of the company’s annual revenue. This sum adds to any costs incurred due to damages, without even considering the loss of reputation.

“Human error is not a variable that can be completely eliminated.” 
Christoph Brader, Kingston

Data encryption – within and outside the premises of a company firewall – can prevent disasters. The use of an encrypted USB would make sure the data on it remains private. Kingston’s DT2000, for example, has only 10 attempts and a 15 character code. A quick round up of math tells us that forcing a 128-bit key could take 1.3 quadrillion years. The DT2000 uses a 256-bit key, which increases exponentially the time needed, all of which is simply nullified by the 10 attempts. 

Security levels can, however, reach an even higher standard, complying with the FIPS 140-2 level 3 certification. This means that any physical attempt to tamper with the drive is also detected. 

Kingston offers this military-grade level of security with the IKD300 – available as stand-alone as well as in a forced managed version. Thanks to the drive’s tamper-evident epoxy seal, brute force attempts will all be detected. 

The IKD300 is the result of years of effort in improving the security of these sorts of devices. This include the acquisition of the encrypted USB and technology assets of IronKey earlier this year. 

These sorts of encrypted drives are incredibly easy to use and require no technical knowledge from the person using it. The difficulty then lies in developing awareness around the protection of sensitive data as well as implementing suitable procedures and having them put into practice throughout an organisation.

Check Also

Remote/Hybrid-Working Industry 2021 trends and 2022 predictions

Kalam Meah, ISP Director, TP-Link UK offers some trends and predictions for the road ahead …