Friday, October 28, 2011

Encryption 101

For many people, the word "encryption" invokes images of spies, clandestine operations and World War II code breakers feverishly working to decipher enemy messages. Actually, encryption is a priceless security tool that any business can easily use to keep sensitive information confidential and safe from prying eyes.

This article from IT Security highlights some important information about encryption.  As the article title implies, this is a basic overview of what encryption is and how and why you might want to take advantage of this technology. 

What would be nice is a link to an Encryption 202 article.  The article would cover corporate compliance and policies.  When the information we work on contains private information, information containing names, addresses, email addresses, social security, or credit card information we expose ourselves and our companies to global risk.  When the computer or storage device contains proprietary information that would benefit a competitor, then you have potential losses that mount quickly. 

These loses can encompass government intervention, audits, lawsuits, fines and the degradation of your customer base.  When the mix includes these loses, then the stakes are much higher.  The first thing the regulators will look for is a Written Information Security Plan (WISP).  A WISP plan is security fire drill to prevent data loss and a checklist resource to be used in post breach situations.

A WISP plan ensures that your devices are protected by encryption in addition numerous other attributes, including human resources, legal, and insurance compliance.  We are not trying to make it hard for you to sleep, we just want you to follow the best practices in the industry.  Dolvin Consulting works with industry experts Cyber Security Auditors and Administrators (CSA2) to help you to determine your risk quotient and build and maintain your WISP plan to match your risk.  Contact us today to see how we can help you.

No comments:

Post a Comment