Organizations large and small are investing in digital transformation programs, cloud migration projects, and enterprise mobility initiatives with a view to growing the business and increasing operating efficiency. However, corporate information security management policies do not appear to be adapting quickly enough to cope with the tumultuous rate of change imposed by the rapidly evolving business and technological landscape.
Although encryption has been around for many years, it has come to the fore again recently as a means of making it more difficult to gain unauthorized access to sensitive or confidential information, especially within the context of mobile devices. We fully expect increased adoption of encryption technologies in the near term as organizations bolster conventional approaches to information security management in an attempt to stem the flow of data leakage incidents and privacy breaches.
Universal Data Encryption Adoption: It's Inevitable
Ovum believes that most data will eventually be encrypted at rest and/or in motion; however, for a variety of technical, practical, and legislative reasons, organizations must be diligent and meticulous in their use of this technology, with the customer and employee experience being of paramount importance. Companies can prioritize the encryption of corporate data by carrying out a data classification exercise across their business processes and IT infrastructure.
Data classification can be a resource-intensive and costly process, as not only is it time- and resource-consuming to implement a manual classification in the first place, but it also requires employees to be aware of changing classification policies going forward. There is also the issue of applying policies to information and data items that are already in motion or in distribution channels.
While training can help raise the awareness of data privacy and information security management issues, organizations must first focus on the basics, which means putting in place a set of robust, reliable, and easy-to-use solutions to address the most common data-related activities that employees undertake every day. For most enterprises, this means improving email information security management and adopting a more proactive approach to the distribution and sharing of file attachments.
Encryption Meets Automation
Going forward, the only realistic way of managing and maintaining such processes is to instantiate the organization’s information security management regime through the use of automated, policy-driven implementations. And in the case of email messaging and file sharing/transfers, this means adopting solutions that are capable of securing data in motion as well as data at rest, both on-premise and in the cloud, and in a manner that is near enough invisible to the business end user.
To read more on this topic, see Ovum’s full-length report, Maintaining Corporate Privacy in the Digital Age.
