Data Security

Security is Hard. But does it need to be?

August 10, 2020 Written by: Bob Doyle 5 min read

We have spent decades attempting to secure data wherever it may reside or wherever it is delivered and while in flight. With the expanding at home workforce, IOT and the numerous points for collection of data, the challenges we face in ensuring sensitive data is safe are overwhelming. There is good news and bad news on data breaches. According to the latest report from Risk Based Security, publicly reported data breaches in the first quarter of 2020 have fallen significantly by 42% compared to 2019.

However, the amount of data leaked soared to 8.4 billion this quarter, an increase of 273% compared to the first quarter of 2019, setting a record for at least the same period since the detailed report began in 2005.

We encrypt data but it is only useful when the data is not being used which is pretty much never. We have network security to ensure data is not in the clear as it traverses the network. We modify our applications so that we can ensure data is not decrypted until it reaches its endpoint. We have two-factor authentication to prevent unwanted logins. The net is we do everything we can to ensure data remains safe, but we still see major losses of sensitive data by both small and exceptionally large companies.

The data is lost to criminals who use it as a revenue stream (Keeper, a password management app, claims that hackers have stolen around $100 billion worth of personal details since 2010).

How does it impact us as individuals? In 2013 Target had 110 million people affected with 40 million having their debit and/or credit cards compromised. It just seems that no matter how much energy we expel or how many technologies we are invested in, we can never be sure, it is a matter of when not if.

What if security was addressed at the data? What if data was encrypted and remained encrypted during execution, during a move to the cloud, while moving throughout the organization? This would keep data safe for pretty much any use case. The thought of someone getting credentials through a phishing exercise which is the most common cause of a data breach or a misconfigured data store needs not keep you up at night.

Sotero protects data from the inside out and allows data to remain encrypted throughout the data life cycle. Files or data stores encrypted with Sotero KeepEncrypt will never reveal clear text data to anyone pulling data without going through the Sotero driver based PROXY which can be deployed on premise, in the cloud or as a hybrid solution with key management completely in the hands of the companies IT security team.

When you have data that is encrypted with Sotero KeepEncrypt you gain peace of mind in knowing that all your data is locked and you decide who gets a key to unlock a specific element based on what is needed to be viewed. Whether an ETL process, a migration, sharing with third parties or complying with regulations like GDPR, CCPA, PCI, HIPPA etc. is there anything more invulnerable than data that is constantly in an encrypted state? If Data is secure, we may find that other technologies may not be necessary or as critical.

Tags:

ccpa,

cybersecurity,

data breach,

data privacy,

encryption,

gdpr,

hippa,

pci,

phi

Take a look at a truly encrypted future, with no data left unsecure.

Request a Live Demo

Schedule a live one-on-one
demo of Sotero.

Book Demo