If you want to protect your sensitive information, encrypt it. How many times have we heard – or said – this? That, usually, is our opening shot when we hear about some load of credit card data being stolen. “If they had encrypted that data in the first place, it would still be safe.” I've said it many times myself. It is our starting point for information security. The assumption is that if we do this one simple thing all will be well. And – being fair – it probably will be in most cases.
Now let's approach it from the other direction. We have done everything we can to secure our infrastructure. We've put up the firewall, implemented a solid security architecture, required – and tested for – strong passwords, and we've monitored the whole thing with an IPS for good measure. But the bad guys are very bad and getting worse.
So, all of our precautions are for naught. An intruder gets in anyway. Maybe someone inside clicked on something they should not have. Or perhaps someone was shopping online during lunch and happened on a compromised site. That happens to the most reliable sites from time to time. Whatever. The bad guy's bot now is in your network wandering about trying to harvest sensitive data. Are you concerned?Well, of course we don't want any bots in our enterprise, but, given that one is there, what now? We go after it, but there is no panic because all of the sensitive data is encrypted. So our first and best choice for securing data – whether at rest or in motion – also turns out to be our best solution for peace of mind if the worst happens.
That is what this month's product section is about: keeping the worst from happening. Nathan Ouellete is looking at encryption for data in motion while Mike Stephenson has cranked up the Norwich University virtual lab system and has busily encrypted everything in sight. The result, we hope, will be a very comprehensive look at the encryption products available today. But, wait, there's more.
There are some important tidbits here in these two Group Test reviews. As I was looking over the openers and the reviews, it occurred to me that a product category that I had thought was going a bit stale has perked right up. I got a hint of this when I started looking at enterprise-wide whole disk encryption with our security engineer at the university. It turns out that encryption has become very easy to implement: easy for the user – I've crashed my university notebook numerous times with no consequences – and very secure.This month, we not only offer you a look inside the top products in the business – as always – but we also give you, simply by showing you the new tricks that today's products can do, an update on the evolving state of encryption products in general. And we didn't even charge you extra for that.