I was reading an article in Information Week entitled 5 Security Lessons From Real-World Data Breaches that talks about data security and how companies can harden their external and internal defenses. There was a lot of good information about security infrastructure, including firewalls, network intrusion systems, data loss prevention tools and numerous others. Most of these tools address data at rest or data in transit. They tend to exclude data in use.
What is data in use? It’s what it sounds like. If a hacker steals a document by exploiting inadequate defenses, they now can use the data they stole. Most people focus on making sure the data doesn’t get out in the wild, but what do you do when it does. Encryption techniques help ensure that if a sensitive document gets out, it is unusable by the hacker.
Some start with simple PGP to ensure their email isn’t compromised. This doesn’t help if the documents are not in email. Using a policy based encryption system tends to work best. This helps you control who can access the information and when.
It is important to use many security tools to ensure your company does not lose critical information. The last step is to ensure you can control information once it’s in the wild.
photo credit USFS Region 5