Encryption

Faced with the thought of a USB drive, notebook PC or backup tape going missing, most IT managers look to some form of encryption as the first layer of defence. However, according to one storage security expert, that's largely a pointless exercise.

"I often refer to encryption as crypto fairy dust," Eric Hibbard, chair of the Security Technical Working Group in the Storage Network Industry Association, said in a recent interview. "A lot of IT managers sprinkle this on and think it makes certain problems go away."

Large organizations are deploying more and more encryption technologies these days on laptops, tape backup systems, mobile devices--everywhere.

Yes, they are concerned about regulatory compliance, data breaches, and embarrassing front-page headlines, but there is something else going on as well. Technology suppliers are now baking encryption into technology components and systems. As encryption becomes cheap and ubiquitous, risk-averse users will likely deploy it everywhere.

Some mind-blowingly smart scientists from the University of Michigan, US Naval Research Lab, and the University of California at San Diego, have figured out how to use lasers to trap an electron in a dark state. That means lots of things, but from a security standpoint, it also means computers based on quantum technology would be uncrackable by conventional machines.

Following a slew of high-profile data breaches, U.S. government agencies have largely failed to roll out planned encryption deployments, leaving about 70 percent of their systems with unencrypted sensitive data, the Government Accountability Office stated in a recent report.

I often disagree when the so-called experts talk about security in terms of binary decisions. Managing security risk is always a cost/benefit trade-off compared to the value of the thing being protected.

It may not be possible after all to conceal the existence of a sensitive file on a machine. BT security expert Bruce Schneier and a group of researchers have hacked an ultra-paranoid feature in the TrueCrypt open-source disk encryption tool that lets users hide secret files from detection by attackers or others.

In an attempt to be more proactive rather than simply reactive, the MPAA has recently approved the DreamStream system and its 2048-bit “military strength” anti-piracy encryption technology to protect content streamed to viewers online.

First introduced to the MPAA in March of 2008 by Laura Tunberg, MGM’s former vice president of intellectual property enforcement, it was since reviewed by the MPAA and found it to be a viable means for securing digital content. Chief development officer for DreamStream, Ulf Diebel, is excited by this acknowledgment of their product.

Domino's Pizza is to use Voltage Security's Secure-mail encryption package to protect internal and external company e-mails.

The move is part of a corporate-wide data loss prevention initiative to avoid accidental loss of private or proprietary information, said Karl Anderson, network security manager for the pizza maker. "We realised that e-mails being sent to partners and suppliers, such as insurance providers, may contain information like social security numbers that must be encrypted before sending," he said.

An Indian government official said his country may use third-party tools to crack the encryption used by Research In Motion (NSDQ: RIMM)'s BlackBerrys if the company doesn't open up its network.

"If they fail to come up with any satisfactory solution, we will invoke other options. We have been approached by other companies with solutions to decrypt the data passed over the BlackBerry network," said Telecom Minister A Raja during a presentation to the country's Department of Telecommunications.

Vendors of encryption products are seeing an opportunity for themselves in the growing acceptance of the Macintosh platform in mainstream enterprise IT environments.

Over the last few weeks, two vendors have released tools they say are designed to help corporate IT organizations provide full-disk encryption support for the Mac OS X platform.