Triggered by some recent comment that this sage peer brought to the table [(not?) like this]:
Why doesn’t Johnny encrypt, still ..??
Since it’s such a hugely powerful tool in securing your organisations’ data, implementing along much privacy protection. When done right, ‘cryption covers a major part of asset protection [in the Confidentiality sense; Availability’s actually higher-risked through it ..!], next to near-in-vulnerabilisation [‘inoculation’ ..?] of your IAM, both based on actually proper data classification [the business ‘process’ executed by knowledgeable 1st-liners or otherwise practically useless ..!] and supported with of course rock-solid endpoint hardening and protection, and the same for (intermediairy / other) stationary processing facilities.
So that indeed, any data leakage, be it of Seecrut business IP or PII, can be treated as a futile case.
Yeah, the Law of Conservation of Trouble …
- To have the right, correct, 100.00% bug-free implementations is Hard [See: Snake Oil, almost exclusively in the market];
- To do it right, is Hard;
- The same, for key management;
- The same, in prep for / in the bow wake of, new crypt-algo’s re quantum computing;
- The same, for non-re-identification protection like here;
- It’s no use if all the processes around it [like the above classification, IAM; there’s others] aren’t up to it;
- Availability may suffer if any of these isn’t done correctly – you may end up having zero data;
- The same, qua back-up and recovery (-facilities ..!) – who knows their passwords of ten years ago ..? [may be required! Think retention rates, and last viable image of a stable environment];
- In-cloud storage plus processing, (STaaS linked to SaaS, fully outside your proprietary networks) as some parties are already offering, calls for very close scrutiny of the set-up at multiple [OSI 2-8/9, I’d say] levels;
- &c., &c., &tc.
Nevertheless, ‘cryption helps so much, we should all support it ..! Also this sort of bigger Change projects [programs ..?] deserve a good business case. Not budget crumbles, but surely still worth it.
As is this:
[Yeahhh… I have one! – the rare Peterborough Curling Club member’s pin … uncrackable signalling.]