With the proliferation of data generation and use in all industries and sectors, there is an ever-increasing amount of sensitive information in both the private and public ubiquitous cloud systems. In the interconnected world, the availability of vast amounts of online information makes it susceptible to malicious attacks.
In a report by Ponemon Institute, the estimated average cost of data breaches globally in 2017 was $3.5 million. This is equivalent to $141 on average per lost or stolen record. Further findings of the report are that 47% of the breaches were caused by malicious attacks, 28% were caused by human errors and 25% by system glitches.
Companies should establish a security policy in the organization to address data security which not only ensures prevention of data breaches but also engagement in SIEM (Security Information and Event Management) which provide real-time analysis of security alerts generated by the applications and security hardware. Proper provisions should be made in to secure data at rest and in transit.
Data at Rest and In Use
Data at rest can be static i.e. not changed for a while, or it can be inconstant i.e. changed occasionally. For the companies' sensitive data at rest or in use, Simage together with its partners, can provide encryption and tokenization solutions that help the companies to keep their data safe, provide access to the authorized parties, meet compliance standards and counter malicious attacks.
When considering encryption for data at rest, only strong encryption standards like AES and RSA are used to secure the data. HSM (hardware security modules) are provided that take care of the cryptographic keys generation and management. Centralized portal for key management makes it easy to control access and provide ease of use.
Data in Transit
Today's data-intensive services and applications require high throughput in data transmission. Hence the need is greater than ever to ensure that large amounts of data are transmitted securely in a short time interval. Global demand for voice and video services have compounded the requirements to securely transmit high data volumes.
When it comes to encryption of data transmission the option is normally between Layer 2 Encryption vs Layer 3 Encryption. Layer 2 is the data-link layer of the OSI model, whereas the Layer 3 is the network layer. When it comes to large data volumes the Layer 2 Encryption has significant advantages compared to Layer 3 based IPsec Encryption. For example, it has low latency and high throughput.
Simage, together with it partners, provides a complete solution for Layer 2 Encryption of data in transit. Advanced encryption standards including AES are employed to secure the data.