New Risks Mitigate Merits of Encryption
The practice of encrypting stored data is followed by many organizations, which want to be free from concerns over loss or theft of data. However, according to the experts from Juniper, IBM Internet Security Systems, nCipher and others said that data encryption has associated risks, particularly those via attacks, accidental or deliberate, on the management infrastructure.
Although modern encryption is essentially unbreakable, but if too many organizations use it and make its adoption common, then criminals' attention would likely shift to other weak elements like encryption or decryption keys and people or users, said, Executive Vice President of Strategy, Richard Moulds, Ncipher, Pcw.co.uk reported this on February 11, 2008.
Moulds also said that the technique of encryption is new to many organizations, which have been exposed to it only with SSL. But that is only a matter of single session. When a user shifts to inactive data and encrypts his laptop and if he loses the key, the data becomes trash. This then takes form of a self-imposed Denial of Service (DoS) attack, as reported by PC World on February 10, 2008.
Mould also said that such kinds of problem with encryption could bring business to a halt.
European Security Strategist at Juniper, Anton Grashion, warned that encryption is of great interest to bad guys as much as it is for the good ones, PC World reported this on February 10, 2008. Grashion also said that no sooner has the technique of encryption become known that attackers find it a big opportunity to target key infrastructures.
He added that a lot of information lost in the modern time is not primarily due to Internet attacks as it is due to information simply mislaid. This, therefore, asks for the need for encrypting data before it goes on the Internet, a place, which is scary and wild.
One more risk with encryption is its over-zealous use that damages the ability of an organization to use and share vital business data unhindered, noted Principal Security Strategist, Joshua Corman for IBM ISS, PC World reported this on February 10, 2008.
Corman also fears that with encryption, enterprises that are information-driven might be hiding all their information, stifling the opportunity to collaborate.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 19-02-2008