On encryption and why it's overrated
Data encryption may not be the right answer anymore. Does distributed data storage make for a more secure enterprise?
I ran across a recent blog post by storage vendor Cleversafe titled "Three Reasons Why Encryption is Overrated," and as I suspected it generated a lot of discussion in online forums (LinkedIn, Google Groups, log-in required for both) dedicated to those issues.
Beyond the sensationalist headline, the post does raise some interesting points for consideration on the topic of encryption.
- Future processing power--In the future, malicious hackers will be able to crack older encrypted files due to increases in processing speed.
- Key management--An encrypted file has a key to unlock it. Lots of files means lots of keys. Lots of anything equals management headaches.
- Disclosure laws--Such laws mandate that data breaches are reported. Whether or not that exposed data is safely encrypted or not doesn't really matter at that point--the court of public opinion has branded you guilty.
Distribution or dispersal of data (Cleversafe's approach) is certainly one way to deal with emerging security threats, but it may not be the right way for everything. The important thing is to start looking at new technologies and methods to determine what's right for your business and technology strategy.
Follow me on Twitter @daveofdoom.