Positively secure – through Johnny’s

Triggered by some recent comment that this sage peer brought to the table [(not?) like this]:

Why doesn’t Johnny encrypt, still ..??

Since it’s such a hugely powerful tool in securing your organisations’ data, implementing along much privacy protection. When done right, ‘cryption covers a major part of asset protection [in the Confidentiality sense; Availability’s actually higher-risked through it ..!], next to near-in-vulnerabilisation [‘inoculation’ ..?] of your IAM, both based on actually proper data classification [the business ‘process’ executed by knowledgeable 1st-liners or otherwise practically useless ..!] and supported with of course rock-solid endpoint hardening and protection, and the same for (intermediairy / other) stationary processing facilities.

So that indeed, any data leakage, be it of Seecrut business IP or PII, can be treated as a futile case.

Yeah, the Law of Conservation of Trouble …

  • To have the right, correct, 100.00% bug-free implementations is Hard [See: Snake Oil, almost exclusively in the market];
  • To do it right, is Hard;
  • The same, for key management;
  • The same, in prep for / in the bow wake of, new crypt-algo’s re quantum computing;
  • The same, for non-re-identification protection like here;
  • It’s no use if all the processes around it [like the above classification, IAM; there’s others] aren’t up to it;
  • Availability may suffer if any of these isn’t done correctly – you may end up having zero data;
  • The same, qua back-up and recovery (-facilities ..!) – who knows their passwords of ten years ago ..? [may be required! Think retention rates, and last viable image of a stable environment];
  • In-cloud storage plus processing, (STaaS linked to SaaS, fully outside your proprietary networks) as some parties are already offering, calls for very close scrutiny of the set-up at multiple [OSI 2-8/9, I’d say] levels;
  • &c., &c., &tc.

Nevertheless, ‘cryption helps so much, we should all support it ..! Also this sort of bigger Change projects [programs ..?] deserve a good business case. Not budget crumbles, but surely still worth it.

As is this:

[Yeahhh… I have one! – the rare Peterborough Curling Club member’s pin … uncrackable signalling.]

Leave a Reply

Maverisk / Étoiles du Nord