1 / 24

Data Encryption Implementation: Challenges and Opportunities

Learn about data encryption, implementation aspects, encryption packages, concerns, and a product demonstration. Understand the importance of encryption, its benefits, and precautions for a successful implementation.

rosamariam
Download Presentation

Data Encryption Implementation: Challenges and Opportunities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Implementing Data EncryptionOpportunities and Challenges Beth E. Binde Bruce T. Rights Harold W. Winshel

  2. Housekeeping • Speaker backgrounds • Cell phones (as well as other devices that beep, chirp and otherwise distract)

  3. Agenda • Define terms • Why implement encryption? • Which encryption package to implement? • What concerns need to be addressed during implementation? • Product demonstration

  4. What is data encryption? • Protecting data by concealing the meaning • Reduces impact of data theft • Helps protect Data At Rest

  5. Three states of data Data at rest Data in transit Data in process

  6. Why implement encryption? • Protect confidential data • Non-public personal information (NPPI) • Intellectual property • Regulatory requirements

  7. Sanctions for Regulatory Non-Compliance

  8. Recent Data Breaches

  9. Encryption vs. Data Breach Pay now … or pay later

  10. Caution! • Don’t trust a secret or proprietary algorithm or roll your own • Public scrutiny by multiple experts finds the flaws • Public scrutiny beneficial • Protect keys • Keys essential for decryption • Even knowing the algorithm is not sufficient • Don’t rely on any single technology or measure for security

  11. Safeboot: Product of Choice • Gartner Magic Quadrant recommendation • GSA SMARTBuy product • Centrally managed • Provides audit logs • Supports Full Disk Encryption as well as Content Encryption (File/Folder Encryption) • Password recovery, both local and remote • Price

  12. Additional Product Features • Initial disk encryption operation runs in background • Multiple permission levels (32!) • Easy back up of managed systems • Seamless integration following login process • Pre-boot authentication

  13. Implementation: Precautions • Marginal disks are more likely to fail while being exercised during the encryption process • Backup prior to encryption (especially for deans, directors, department chairs and other entities above your pay grade) • Practice on a test machine • Provide training for systems administrators • Document, document and document

  14. Housekeeping: • I recently had a stroke, and it affects my verbal skills. • I have no problem understanding you but I may need to self-correct as I speak. I appreciate your patience. • I’ll try to speak slowly.

  15. Housekeeping (continued): • If I’m unclear, don’t hesitate to ask me to repeat it. • If, after three times, my repetition is still unclear, give up! • (Actually, feel free to see me after the session or email me.)

  16. Implementation Precautions: • Don’t encrypt the Dean’s PC WITHOUT FIRST BACKING UP! • Don’t encrypt any PC without first backing up • Assume the hard drive may (will) fail

  17. Policy Objective: • If you have a clear business need for juicy stuff to be stored on your computer, you have to have authorization in writing.

  18. Implementation Objectives: • Initially, all notebooks with juicy stuff are to be encrypted. • “Juicy stuff” is, certainly among other things, defined as student social security numbers. • After that, all notebooks – regardless of content – are to be encrypted. • The reason: notebook PC’s travel a lot, are more subject to being stolen, are becoming more and more popular as opposed to desktop PC, etc.

  19. Concerns of Users: • Will I be locked out – on campus, or off campus? • Does encryption add a new risk to the data? • No. It adds a nominal amount of currently existing risk. • You should be backing up for data anyway. • Example: PC could be lost, stolen, or experience mechanical failure. • How long will it take to have a password reset?

  20. If Encryption’s So Great, How Come Everyone Doesn’t Use It? • Lack of awareness of reporting requirements if a PC stolen or lost • Cost of purchase • Time • Product evaluation and testing • Installation and maintenance • Staff training • User education • Loss of data due to corruption of encrypted disks • Possible temporary lock out due to forgotten passwords

  21. Product Demonstrations • End user point of view • Administrator point of view

  22. Concluding thoughts • What is encryption? • Why do you need it? • Encryption as part of an overall security posture • Sharing experiences to help you

  23. Executive Summary

  24. Questions? • Beth Binde binde@rutgers.edu • Bruce Rights brights@rci.rutgers.edu • Harold Winshel winshel@camden.rutgers.edu

More Related