Some would say that if encryption isn’t becoming ubiquitous, then it should be! Data breaches are in the news nearly every day now. Last week it was reported that in 2013, payment card data breaches jumped 5-fold, representing around 740M records exposed. Deploying encryption on a broad basis would at least help to reduce the loss of data. There are other signs of a trend as well too, but more in the preventive aspect on a large scale; the major web service suppliers, Yahoo and Google, are encrypting email and cloud storage, by default.
So to help answer the question of whether encryption is, or will, become ubiquitous or not, clearly the solution must have some acceptable attributes in order to enable broad based adoption, especially for businesses and enterprises. And if you think about it, those attributes are fairly simple to list; highly secure, so fast that it’s imperceptible to the end user, simple to use, deploy and manage, and provides info in a way that most people can understand.
Needs to be Secure & Fast
Fast? Yes! Most solutions in the industry have or are thinking about implementing Intel’s specific instructions for encryption which essentially act like a turbo accelerator for real time encryption and decryption, and to be certified as well. You may have seen the acronym Intel AES-NI, which spelled out is Intel Advanced Encryption Standard New Instructions, a mouthful, but it works. In attempt to quantify the performance impact on today’s laptops using 4th generation Intel processors (e.g. Haswell), we worked with Intel’s performance group and have just published a Solution Brief on the subject. Understandably, end users prefer that technology solutions do not harm productivity and from what we have seen utilizing an industry benchmark called Sysmark2012, the performance impact to an end user is negligible. Also, the boot-up times and added times when closing the laptop lids (to enter standby) aren’t too shabby either!
Must be Simple to Deploy and Manage
Well, there may not be a solution available that is so simple that anyone can deploy, the solution however should not require Rocket Scientist skills either, or in this case, an IT architect or data scientist. Generally, IT Admins should feel confident that upon deployment of their encryption solution the endpoint was in good health before deployment and was successfully encrypted upon completion. Most industry solutions have some level of this. Our own solution takes this a bit farther on the front-end and back-end of the deployment with health checks and the ability to discover and encrypt vPro endpoints with unique cost reducing features. All of these capabilities should be scalable and automated by the way.
Clearly Communicates Security Posture
The encryption solution needs to have reports and dashboards mechanisms that are multi-level, with at least one level that is readable and allows the IT Admin to quickly assess the infrastructures security posture. If the only means of reporting info forces you to dive into spreadsheet level sorts and extract pivot points, then that solution isn’t too friendly. Most everyone knows that McAfee has a single console, called ePolicy Orchestrator that leverages our solutions into a single console. The encryption integration with ePO is no different, and that team has done a fairly decent job with reporting as well.
Listed here are just some of the basic attributes that will help to enable broad based adoption of encryption in business. Hopefully, the above discussion has provided a perspective on the type of attributes required to help your business become and remain secure. When seeking out encryption solutions, either from McAfee or not, you should look closely at the basics and also ask questions on how that solution can make it easy to deploy and manage your encrypted endpoints on a daily basis.
If you have any questions comment here or go to our Data Protection pages on the web.