wonderfully unique software solutions

Encryption policy widespread – but are enough organisations securing data?

About half of respondents to a new vendor survey say they have been reported to the Information Commissioner’s Office (ICO) in the UK since the general data protection regulation (GDPR) came into force in May 2018.

This might seem surprising, given that the same annual survey also found that around nine in ten organisations also admitted a policy of encrypting data on portable media such as USB drives.

Covid-19 has meant, meanwhile, that delivery and postal services are busier than ever as more organisations are using a distributed network of workers based in remote offices or at home. This surely makes encryption more important than ever.

“In addition, widespread airline cancellations can also pose a significant operational impact on the scheduled distribution of mail,” notes secure storage specialist iStorage in an press statement.

“When sharing sensitive information, some may opt for secure postal delivery. More likely though, in the digital age, if someone wants to share a highly confidential document, they will probably either email it, use a file sharing service or share it in the cloud.”

Organisations – and individuals – increasingly need to share information quickly without compromising data protection. Data breaches can result in heavy fines.

“Studies reveal that cloud misconfigurations exposed over 33 billion records in two years. If it’s not hacks or technical issues, the other common cause of data leakage is human error. According to a study by IBM, 24 per cent of data breaches are caused by human error,” says iStorage.

Posting an encrypted USB might be a secure alternative to the post – unless physical delivery is delayed of course.

But there are a range of solutions. Products like iStorage’s patented cloudAshur give users a solution for encrypting, sharing and managing data in a cloud-based way.

CloudAshur can also encrypt data stored on a local network or drive, or email attachments, or data shared via file sharing services. And it’s best not to leave encryption in the hands of the cloud service provider – best practice is for the user to have full control of the encryption key, in case of a breach.

CloudAshur, for instance, physically stores the encrypted encryption key within a PIN-authenticated, AES-XTS 256-bit hardware encrypted USB module. Each authorised user can be given a clone of the encryption module.

iStorage also offers a range of encrypted SSDs, HDDs and flash drives, which can be monitored using a remote management console. “Those responsible for cloud and data security in the organisation can manage and monitor cloudAshur devices centrally.

The iStorage diskAshur2 encrypted hard drive was in March named the most secure in Popular Mechanics‘ list of the best external hard drives.

The vendor has government certifications covering its diskAshur PRO2 and DT2 HDDs and SSDs – including FIPS 140-2 Level 2/3, NCSC CPA, NLNCSA BSPA and NATO Restricted level. In addition, a premium flash drive, the datAShur PRO, has been certified to FIPS 140-2 Level 3, NLNSCA DEP-In and NATO Restricted level.

Recent Articles

RealVNC remote-access highlighted by six finalists for Raspberry Pi prize

RealVNC, maker of RealVNC Connect, has named six finalists for this year's RealVNC Raspberry Pi Prize with winner and runners-up to be...

Cyberattack climate entails customised firewalling, notes Stormshield

Firewalling at the edge is no longer enough so organisations increasingly need to combine suitable location with segmentation and zero-trust strategies that...

Palm vein biometrics market set to explode this decade

The market for palm-vein based biometrics has been forecast to expand in line with a compounded annual growth rate of 22.4% from...

Automox targets unsigned scripts with PowerShell signing capability

Endpoint management company Automox is unveiling Worklets Signing, which complements Worklets and Ask Otto with a view to helping companies dodge the...

Arista warns SMBs to take precautions against edge threats

Arista Networks, the vendor of Arista Edge Threat Management (ETM) has warned that SMBs aren't always aware of the extent of targeting...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox