6.6 C
London
Friday, September 22, 2017
Home Tags Data At Rest

Tag: Data At Rest

Data at rest in information technology means inactive data that is stored physically in any digital form (e.g. databases, data warehouses, spreadsheets, archives, tapes, off-site backups, mobile devices etc.).

Data at rest is used as a complement to the terms data in use and data in transit which together define the three states of digital Data.

The new Google Cloud Platform service will allow enterprises to create, use and rotate encryption keys to protect their data, company says. Organizations looking for an alternative to managing data encryption keys in-house now have a new option to consider.Google this week rolled out a new cloud hosted key management service for enterprise customers of its cloud platform.

The service is available starting this week in beta form in about 50 countries, including the U.S., Australia, Canada, Germany, Netherlands and Denmark.Google cloud KMS is designed to help organizations create, use, rotate and destroy AES-256 standard symmetric encryption keys for protecting data in cloud environments.

The service eliminates the need for enterprises, especially those in regulated sectors such as health care and finance, to maintain custom-built or ad-hoc systems for managing the keys used to encrypt their data, according to the company."With Cloud KMS, you can manage symmetric encryption keys in a cloud-hosted solution, whether they’re used to protect data stored in [Google Cloud Platform] or another environment," Google product manager Maya Kaczorowski, announced on the Google Cloud Platform blog this week. For instance, organizations can use the service to manage the keys used for encrypting user credentials and API tokens associated with applications stored outside the Google cloud. The Cloud KMS service is directly integrated with Google's Cloud Identity Access Management and Cloud Audit Logging services so organizations they have greater control over their keys, Kaczorowski added.Google's new key management service allows enterprises to store and manage literally millions of encryption keys in a cloud environment.

They can set the service to automatically rotate keys at regular intervals and limit the amount or scope of data that can be accessed via a single key version in order to minimize exposure in the event of a security compromise.Google Cloud KMS fills a gap in the company's encryption and key management service offerings.

Google, which is a big proponent of end-to-end encryption on the Internet, currently encrypts all customer data at rest on its cloud servers, by default.It also offers a service that enables enterprises to encrypt data in Google's cloud using keys that are owned and managed by the enterprises rather than by Google.

Google says its customer supplier encryption keys (CSEK) option is designed for enterprises with stringent data privacy and security requirements.This week’s newly introduced key management service falls between the default encryption and the CSEK options and broadens the available choices for enterprises, Kaczorowski said.Pricing for Google's Cloud Key Management Service is based on the number of active keys an enterprises stores and how often the keys are used to encrypt and decrypt data.

The price for active key versions is $0.06 per key per month, while the rate for using the key starts at $0.03 per 10,000 operations.So an organization that stores 500 encryption keys in Google cloud KMS and use them for a total of 100,000 operations can expect to pay $30.30, according to a Google price sheet.
Photojournalists plead for secured data in professional cams Over 150 prominent filmmakers and photojournalists have asked leading camera makers to add support for data encryption to their devices. An open letter published on Wednesday by the Freedom of the Press Foundation – a group that includes Academy Award winners Laura Poitras and Alex Gibney – states that encryption is absent from all commercial cameras being sold today and that the technology is needed to protect both those capturing images and those depicted in them. "Without encryption capabilities, photographs and footage that we take can be examined and searched by the police, military, and border agents in countries where we operate and travel, and the consequences can be dire," the letter states. The list of camera makers contacted includes Canon, Fuji, Nikon, Olympus, and Sony. According to the Committee to Protect Journalists, the confiscation of cameras from journalists is so common that the organization cannot accurately track such incidents. Mobile phones often have passable cameras and also support the encryption of data at rest, for images and text messaging.

That makes them safer in theory than professional camera equipment in conflict zones and in confrontations with authorities. Against a well-funded, resourceful, or determined adversary, however, technical protection doesn't guarantee that encrypted data will remain secure. After attempting to pressure Apple into creating a special version of iOS that would allow it to gain access to an iPhone used by one of the San Bernardino shooters in 2015, the FBI ultimately gained access to the device with the help of a third party, through what's believed to be software vulnerability. What's more, US Border authorities have broad latitude to search electronic devices, and many countries have laws that can be used to compel individuals to disclose encryption keys.
So the availability of encryption doesn't mean it will be effective at shielding data from scrutiny. At a recent Hacks/Hackers event in San Francisco titled "Information Security for Journalists," Data Guild cofounder David Gutelius said that, with the possible exception of Signal, he wouldn't recommend any digital communication technology for journalists with serious security concerns involving nation-level adversaries.

Even Tor, a generally well-regarded network anonymity tool, can be compromised, he said. In an email to The Register, Trevor Timm, executive director of the Freedom of the Press Foundation, acknowledged that laws limiting encryption and border searches could diminish its effectiveness but emphasized that it should be an option. "Journalists – or anyone who uses a camera with encryption enabled – would always have the option to unlock it if they chose to, but right now they don't even have that choice, and that's the problem," said Timm. Jonathan Zdziarski, an iOS forensic researcher, in a series of Twitter posts on Wednesday voiced support for better encryption and stronger privacy protection but expressed doubt that camera makers, as they lose sales to smartphone makers, see the addition of encryption as a way to revive sales. "Until every journalist learns to encrypt their hard drive and use Signal, I'm not sure an encrypted camera will do them any good," said Zdziarski. And even then, it may not withstand the threat of rubber-hose cryptanalysis or a $5 wrench. ® Sponsored: Customer Identity and Access Management
Europe's FBI sheds light on security bungle An investigator at Europe's FBI Europol took home a USB stick packed with terror probe documents and accidentally spilled the files on the internet. Dutch telly documentary series Zembla reported this month that about 700 pages of analysis on terrorist groups and related sensitive information were exposed online as a result of the officer's security blunder. The secret intelligence documents ended up on a personal hard drive that was shared to the web with no password protection, according to security firm WinMagic. The now-ex-staff member took the dossier home in order to work on it outside office hours, a Europol spokesman told The Register this week. He claimed that “most of the data is almost 10 years old,” adding: A recent case included in a Dutch television programme concerned the breach of an ex-Europol staff member with Europol’s security regime. The concerned former staff member, who is an experienced police officer from a national authority, uploaded Europol data to a private storage device while still working at Europol, in clear contravention to Europol policy. A security investigation regarding this case is ongoing, in coordination with the respective authorities at national level to which the staff member returned. Current information suggests that the security breach was not ill-intended. Although this case relates to Europol sensitive information dating from around 10 years ago, Europol immediately informed the concerned Member States. As of today, there is no indication that an investigation has been jeopardised due to the compromise of this historical data. Europol will continue to assess the impact of the data in question, together with concerned Member States. Human error is the weakest link when it comes to the intersection of staff, data, and technology. Although this risk can never fully be ruled out, Europol’s systems and the security training offered to Europol staff are constantly reviewed. Mark Hickman, WinMagic's chief operating office, commented: “If organisations like Europol which are so tight on security can make mistakes, it brings into stark reality how much inherent risk there is for businesses if the right approach is not taken to educating employees, as well as having the right technology, to protect data at rest.” ® Sponsored: Customer Identity and Access Management
Vormetric Live Data Transformation solution recognised for innovation, functionality and originalityLONDON, England, November 25, 2016 – Thales, a leader in critical information systems, cybersecurity and data protection, has announced that its Vormetric Live Data Transformation was named Security Innovation of the Year in the Computing Security Excellence Awards, following a ceremony in London. Judged by an independent panel, the awards celebrate the achievements of the IT industry's best security companies, solutions, products and personalities.

This category was highly competitive, with the judges looking for products and services that can demonstrate something truly new and innovative. With cyber threats and compliance requirements increasing in tandem, it is important that encryption can be deployed and managed with minimal impact on business processes and user experience. However, when very large data sets are involved, initial encryption deployments can reduce data availability and require lengthy maintenance windows.

Compounding matters further, maintaining data security compliance often requires routine encryption key rotation even after initial deployments have been successfully completed. When large data sets have been encrypted, significant processing time and long periods of planned downtime may be required to support the rekeying of data.

These realities have often forced security and IT teams to make tough trade-offs, fundamentally having to choose between security and availability. “The use of encryption is critical to securing data at rest, but trying to encrypt very large databases or millions of files can span hours and even days, which can be a non-starter for applications that can’t afford long maintenance windows,” said Louise Bulman, Vice President of U.K. and Ireland Sales for Thales. “Our Vormetric Live Data Transformation is a real game-changer.

For the first time, the operational impact of protecting data is effectively zero – organisations can be confident that their data, wherever it resides, is secured, without worrying about the disruption traditionally associated with encryption.

As such, we are very proud to have been recognised in this category at the Computing Security Excellence Awards.” With Vormetric Live Data Transformation from Thales, encryption is delivered with minimal disruption, effort, and cost.

The solution’s transparent approach enables security organisations to implement encryption without changing application, networking, or storage architectures. Launched earlier this year, the product offers patented capabilities that deliver breakthroughs in resiliency and efficiency, while also highlighting Thales’ drive to continue offering organizations the most innovative, easy to deploy and operate data security solutions available. “With this solution, businesses can ensure data protection while continuing to operate without interruption – no matter how many files are involved or how large their databases are,” continued Bulman. “Our Vormetric Live Data Transformation product offers significant improvements in security and data availability, while reducing the operational costs typically associated with encryption. We thank the judges for recognising our ongoing commitment to data encryption and protection.” # # # About Thales e-SecurityThales e-Security + Vormetric have combined to form the leading global data protection and digital trust management company.

Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual, and cloud environments.

By deploying our leading solutions and services, targeted attacks are thwarted and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost.

Thales e-Security and Vormetric are part of Thales Group. www.thales-esecurity.com About ThalesThales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 62,000 employees in 56 countries, Thales reported sales of €14 billion in 2015. With over 22,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements.
Its exceptional international footprint allows it to work closely with its customers all over the world. Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market.

The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure. Thales offers world-class cryptographic capabilities and is a global leader in cybersecurity solutions for defence, government, critical infrastructure providers, telecom companies, industry and the financial services sector. With a value proposition addressing the entire data security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, data protection, digital trust management and design, development, integration, certification and security maintenance of cybersecured systems, to cyberthreat management, intrusion detection and security supervision through cybersecurity Operation Centres in France, the United Kingdom, The Netherlands and soon in Hong Kong. Contact:Dorothée BonneilThales Media Relations – Security+33 (0)1 57 77 90 89dorothee.bonneil@thalesgroup.com Liz HarrisThales e-Security Media Relations+44 (0)1223 723612liz.harris@thales-esecurity.com
The security vendor aims to embed security as part of an application by way of an integrated software development kit. Virgil Security announced on Oct. 12 that it has raised $4 million in a Series A round of funding.

The new funding, which was led by KEC Ventures and included the participation of Bloomberg Beta, Blu Venture Investors, Charge Ventures, NextGen Venture Partners, Sparkland Capital and Working Lab Capital, will be used to help the company grow its sales, marketing and go-to-market efforts.Virgil Security got its start in August 2014 and was part of the Mach 37 cyber accelerator program that helps startups build a business."What we do is we turn every software developer into an applied cryptologist," Dmitry Dain, CTO and founder of Virgil Security, told eWEEK. "Most developers simply don't know how to protect their applications, so we created a set of SDKs and APIs in the cloud that allows any software developer to protect applications."What Virgil Security does not provide is Transport Layer Security (TLS) for data in motion.

Dain said the company provides end-to-end application layer encryption. "Our system doesn't care what transport a developer uses," Dain said. "A developer can choose to use TLS or they can use insecure transport; it doesn't matter as everything is encrypted at the application layer." Virgil Security provides encryption for data at rest that is deployed in the cloud, he said. A common attack vector for hackers today is to intercept non-TLS transported data in a man-in-the-middle attack that can then replace data or potentially inject malicious code into an application. According to Dain, Virgil Security users are still protected thanks to the use of the Elliptic Curve Integrated Encryption Scheme (ECIES) algorithm, which includes data verification."Many IoT devices do not use secure transport," he said. "So we enable developers not to worry about which particular data transport method is being used as we encrypt at the application layer."The way Virgil Security works is a software library is compiled into an application.
Software development kits (SDKs) are provided for high-level programming languages, including Python, Java, C, .NET and Go.

To enable a DevOps workflow, Virgil Security integrates with the open-source Jenkins continuous development/continuous integration (CI/CD) platform.The core software libraries for Virgil Security are available as open-source downloads on GitHub. On top of the core libraries is the Virgil Key Service, which provides a cloud-based crypto key management service that has commercial support options available."The libraries are open-source, and users can just take the GitHub code and never actually need to talk to us at all," Michael W. Wellman, CEO and co-founder of Virgil Security, told eWEEK.Virgil Security is looking at moving beyond just data encryption and data verification to providing a full suite of security APIs.

Additionally, Dain said there will be more work done on making it easier for developers to easily build secured applications."We don't consider ourselves to be a pure cyber-security company; we're more of a developer tools company," Dain said. "We're not preventing malware; we're purely doing application security."Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.
There are two major types of public cloud computing attacks: single-tenant and cross-tenant.

A cross-tenant attack is the stuff of IT nightmares, but it has not yet occurred. (In a cross-tenant attack, the hackers gain root-level access to the cloud and thus access to most or all of the tenants -- including you.) Single-tenant breaches are more likely to occur.
In these attacks, the hacker has compromised one or more machine instance, but can't go beyond that.

The most likely cause of a single-tenant breach is that user IDs and passwords have been compromised.

That's typically due to malware or phishing attacks on client devices.
In this case, it's all on you; the cloud provider has done its job, but you haven't done yours.  When such breaches occur, hopefully you'll figure it out quickly. When you recognize the breach, the best response is to invoke a prebuilt set of processes that can do the following: Shut down the instances -- computer, storage, or both -- that have been compromised.

That prevents any activity, whether good or bad, until the problem has been corrected. Audit the security system to determine how the attackers gained access and what they did while in the system.
Isolate the hackers and remove their access from the system. Resecure the system and make users change their passwords before they are granted renewed access. Of course, this does not address the core problem -- it only fixes a single intrusion.

To address the core vulnerabilities of single-tenant attacks: Establish proactive monitoring mechanisms to ensure that odd activity is spotted quickly, and the relevant cloud instances are defended.

For example, monitor for access from a foreign IP address and for multiple login failures. Consider using encryption, at least with your data at rest.

That way, even if hackers gain access, your data remains protected. Implement identity and access management. Consider using multifactor authentication and other types of access mechanisms that provide better protection at the user-access level. Review the security services that your cloud provider offers, and consider using any that apply.
It can be better to use the native security capabilities than to bolt on your own or those of third parties. As more workloads move into the public cloud, we'll see more attacks.

That's what happens when any platform, cloud or not, gains popularity.

But if you're proactive and invest in modern security mechanisms, you'll discover that the cloud is a more secure place for your applications and data than your datacenter has been.
Just 20 per cent were the result of hacking One in four breaches (25.3 per cent) in the US financial services sector over recent years were due to lost or stolen devices, according to a new study. Cloud security firm Bitglass further reports that one in five recorded breaches over the last 10 years were the result of hacking. More than 60 financial sector organisations suffered recurring breaches in the last decade, including most major banks. While hacking accounted for a disproportionate number of the individuals affected by financial services breaches, only one in five leaks were caused by hacking. Other breaches were the result of unintended disclosures (14 per cent), malicious insiders (13 per cent), and lost paper records. In 2015, 87 breaches were reported in the financial services sector, up from 45 in 2014.
In the first half of 2016, 37 banks have already disclosed breaches. One in seven (14 per cent) of leaks can be attributed to unintended disclosures and a similar 13 per cent to malicious insiders. JP Morgan Chase, the US’s largest bank, has suffered several recurring breaches since 2007.

The largest breach event, the result of a cyber-attack in 2014 affected an estimated 76 million US households. Other breaches at JPMorgan stemmed from lost devices, unintended disclosures, and payment card fraud. Bitglass's Financial Services breach report is based on an analysis of all breaches in the financial services sector since 2006 with data aggregated from public databases and government mandated disclosures. “Financial institutions are prime targets for hackers and are rightfully concerned about the threat of cyber-attacks, device theft, and malicious insiders,” said Nat Kausik, chief exec of Bitglass in a canned quote. “To stay one step ahead as data moves beyond the firewall, firms in this sector must encrypt cloud data at rest, control access by contextual risk, and protect data on unmanaged devices.” ® Sponsored: 2016 Cyberthreat defense report
It's hard enough to track and manage all the keys an enterprise uses without throwing cloud servers into the mix as well. Public cloud infrastructure providers like Google and Amazon offer key management services as part of their cloud, but not all ent...
NEWS ANALYSIS: Oracle's POS platform was revealed to be at risk, possibly giving attackers a backdoor to thousands of systems.

The breach was not surprising to security experts. Point-of-sale malware is nothing new, but on Aug. 8, news of a potentially...
Hewlett Packard Enterprise is undertaking a strategy to move more of its security products through partners, telling CRN that it is starting to open its data security portfolio to the channel, lines that had previously only been sold direct. "As a company, HPE is heavily focused on security and bringing security to the market for the customer base. With that in mind, we have taken on the role of wanting to bring our data security solutions, which have been traditionally sold direct, into the channel," said Sheryl Wharff, global product marketing for HPE Data Security. The first of those systems to be moved through the channel is the Enterprise Secure Key Manager (ESKM), a certified hardware and software platform to manage encryption keys, she said. HPE has also started moving its SecureMail email and data protection system through partners. Partners have already started selling both products, she said. [Related: Hewlett Packard Enterprise Reportedly Looking To Unload Autonomy Assets, Partners Think It'll Be A Tough Sale] HPE is targeting reseller partners who already sell the company's infrastructure systems, primarily the HPE ProLiant system in either Gen 8 or Gen 9, or the company's 3PAR disc arrays, which are already sold with encryption capabilities.

For those partners, who usually have deep expertise with HPE's high-end server and storage lines, Wharff said there is a "huge opportunity" to start conversations around security, which add value to customers around protection of sensitive data and additional revenue streams for the partner. "It's the next logical step for these resellers to begin to add security to their business.

They're very excited about it and very excited about bringing it to market," Wharff said. "This adds a wealth of opportunity for our resellers." Adding to that opportunity is a growing customer recognition of the importance of encryption technologies, Wharff said, driven by highly publicized data breaches and questions around application security. "It's a much easier sell because the market has recognized that it's very important to protect data at rest that's sensitive. You need to bring these new technologies into the market and you need to protect the data in a way you haven't before," Wharff said.   Jeff Smith, vice president of business development and digital transformation solutions at Plainview, N.Y.-based International Integration Solutions, one of the largest HPE partners in the country, said his business has already been "making good inroads" with the security technologies.
In particular, he said he is seeing significant demand from clients with regulatory requirements, such as PCI or HIPAA. For example, he already has two healthcare companies engaged in talks for potential sales, one of which was driven by recent reports of a Philadelphia-based healthcare services company that had to pay $650,000 to settle HIPAA violations due to data loss.
Smith said that type of fine could have been prevented with stronger data security solutions in place, such as those now being moved through the channel at HPE. "We think it's very positive," Smith said.
Survey reports that use of encryption jumped a full 7 percent to a total of 41 percent, the largest increase in the 11-year history of the Ponemon report. For a long time, encryption was like prune juice or caster oil for employees in an enterprise–they only used it when they absolutely had to do so because it didn't go down easy.No so anymore.

Encryption for data storage and email security is now almost mainstream within enterprises, largely because: a) internal and cyber-security issues are at an all-time high; and b) security companies have been working hard to make encryption and key management easier to use.New evidence of this trend comes from cybersecurity software maker Thales e-Security, which recently revealed the findings of its 2016 Encryption Application Trends Study.The report, based on independent research by the Ponemon Institute, indicates that the biggest users of encryption are companies in financial services, health care and pharmaceutical and technology and software industries.

Because highly regulated financial and personal health care data is so sensitive in nature, it is logical that they would be leading the way in use of encryption. However, the key takeway in the study is this: Companies across the board reported that extensive use of encryption jumped a full 7 percent up to a total of 41 percent, the largest increase in the 11-year history of this report. Trends: More and Better Encryption and Key Management, Trust in CloudThe Thales-Ponemon study takes in a good sampling.
It is part of an annual survey of more than 5,000 individuals covering 14 major industry sectors and 11 countries; it focuses on how encryption is being used in conjunction with business applications in order to protect data and allows companies to benchmark their use of encryption against companies in similar industry sectors and geographies."This report primarily shows clear trends toward more and better encryption, easier and more efficient key management, and more organizations moving more aggressively to the cloud," Peter Galvin, Vice-President of Strategy at Thales, told eWEEK.This matches up with what eWEEK has been seeing in the security space for a couple of years."The increased usage of encryption can be traced to many factors, chief among them being cyber-attacks, privacy compliance regulations and consumer concerns," said John Grimm, Senior Director of Security Strategy at Thales. "The continuing rise of cloud computing as well as prominent news stories related to encryption and access to associated keys have caused organizations to evolve their strategy with respect to encryption key control and data residency."Our global research shows that significantly more companies are embracing an enterprise-wide encryption strategy, and demanding higher levels of performance, cloud-friendliness and key management capabilities from their encryption applications."Key Takeaways from SurveyHere are the key data points from the survey:--Companies reporting extensive use of encryption jumped 7 percent up to a total of 41 percent, the largest increase in the 11 year history of this report.--Performance and latency are now considered the most critical feature of encryption applications, reflecting increased encryption adoption and the need to ensure IT managers that it does not interfere with business operations.--Support for both cloud and on-premise deployment ascended to the second-most important feature of encryption applications, reflecting the increased move to the cloud and requirements for cryptographic services that span seamlessly from the enterprise to the cloud.--Databases, internet communications (SSL/TLS) and laptop hard drives consistently top the list of areas where encryption is most frequently used.--Companies that are more mature with respect to their encryption strategy are more likely to deploy Hardware Security Modules (HSMs) across a wide array of encryption applications. HSMs are most frequently used in conjunction with SSL/TLS, database encryption and application-level encryption.--For cloud data protection, financial services companies apply encryption to data at rest, and exert sole organizational control over encryption keys, at rates that significantly exceed averages across all industries.Steady Increase in Encryption Usage for 11 Years"In the 11 years the core survey has been conducted, there has been a steady increase in the use of encryption technology, with the highest increase ever in this year's results," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute.  "Along with that increase we've seen the rise of new challenges in the areas of encryption key management, data discovery, and cloud-based data storage.

The findings of this study demonstrate the importance of both encryption and key management across a wide range of industries and core enterprise applications–from networking, databases and application level encryption to PKI, payments, public and private cloud computing."You can download a free copy of the report here.
Companies with a mature encryption strategy are more likely to use hardware security modules and consistently report lower levels of key management painPlantation, FL – June 29, 2016 – Thales, leader in critical information systems and cybersecurity, announces the findings of its 2016 Encryption Application Trends Study.

The report, based on independent research by the Ponemon Institute and sponsored by Thales, reveals that the biggest users of encryption are companies in Financial Services, Healthcare & Pharmaceutical and Technology and Software industries. This new study, which is part of an annual survey of more than 5,000 individuals covering 14 major industry sectors and 11 countries, focuses on how encryption is being used in conjunction with business applications in order to protect data and allows companies to benchmark their use of encryption against companies in similar industry sectors and geographies. John Grimm, senior director security strategy at Thales e-Security, says:“The increased usage of encryption can be traced to many factors, chief among them being cyber-attacks, privacy compliance regulations and consumer concerns.

Additionally, the continuing rise of cloud computing as well as prominent news stories related to encryption and access to associated keys have caused organizations to evolve their strategy and thinking with respect to encryption key control and data residency. Our global research shows that significantly more companies are embracing an enterprise-wide encryption strategy, and demanding higher levels of performance, cloud-friendliness, and key management capabilities from their encryption applications.” News facts: Companies reporting extensive use of encryption jumped 7% up to a total of 41%, the largest increase in the 11 year history of this report. Financial Services, Healthcare and Pharmaceutical, and Technology and Software companies are using encryption the most – indicative of the influence of regulations, privacy concerns, and the need to protect against purposeful or accidental data breaches. Companies that are more mature with respect to their encryption strategy are more likely to deploy Hardware Security Modules (HSMs) across a wide array of encryption applications. HSMs are most frequently used in conjunction with SSL/TLS, database encryption, and application level encryption. Companies with a more mature encryption strategy, and who use HSMs more extensively, consistently report lower levels of key management pain. Databases, internet communications (SSL/TLS) and laptop hard drives consistently top the list of areas where encryption is most frequently used. For cloud data protection, Financial Services companies apply encryption to data at rest, and exert sole organizational control over encryption keys, at rates that significantly exceed averages across all industries. Support for both cloud and on-premise deployment ascended to the second most important feature of encryption applications, reflecting the increased move to the cloud and requirements for cryptographic services that span seamlessly from the enterprise to the cloud Performance and latency have ascended to being considered the most critical feature of encryption applications, reflecting increased encryption adoption and the need to ensure it does not interfere with business operations. Dr Larry Ponemon, chairman and founder of The Ponemon Institute, says:“In the 11 years the core survey has been conducted, there has been a steady increase in the use of encryption technology, with the highest increase ever in this year’s results.

Along with that increase we’ve seen the rise of new challenges in the areas of encryption key management, data discovery, and cloud-based data storage.

The findings of this study demonstrate the importance of both encryption and key management across a wide range of industries and core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing.” Now in its 11th year, the core study surveyed 5,009 individuals across 14 industry sectors: Communications, Consumer Products, Education & Research, Entertainment & Media, Energy and Utilities, Financial Services, Healthcare & Pharma, Hospitality, Manufacturing, Public Sector, Retail, Services, Transportation, and Technology & Software in 11 countries: United States, United Kingdom, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India and Arabia (which is a combination of respondents located in Saudi Arabia and the United Arab Emirates). Download your copy of the new 2016 Global Encryption Application Trends Study For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube About Thales e-SecurityThales e-Security + Vormetric have combined to form the leading global data protection and digital trust management company.

Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual, and cloud environments.

By deploying our leading solutions and services, targeted attacks are thwarted and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost.

Thales e-Security and Vormetric are part of Thales Group. www.thales-esecurity.com About ThalesThales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 62,000 employees in 56 countries, Thales reported sales of €14 billion in 2015. With over 22,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements.
Its exceptional international footprint allows it to work closely with its customers all over the world. Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market.

The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure. Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France, the United Kingdom and The Netherlands. Contact:Dorothée BonneilThales Media Relations – Security+33 (0)1 57 77 90 89dorothee.bonneil@thalesgroup.com Liz HarrisThales e-Security Media Relations+44 (0)1223 723612liz.harris@thales-esecurity.com