DATA – ENCRYPTED ALWAYS
The process of transforming data from plaintext to ciphertext is encryption and had been used since times immemorial. Today, computer based encryptions hold the very key to our existence in wide & varied ways from national security to credit card frauds. For the citizens, fully secure banking transactions is directly proportional to the trust in the banking system.
principle involved is very simple, the technologies involved very complex, only the owner of the data can view plain text and the one managing the data, only in the encrypted form. Lots of patchy solutions are in place in every conceivable sector, banking, insurance, critical infrastructure and industry as well.
End to end encryption is the only reasonable solution for whatever it costs. This goal seems to be still a long way off. Data in motion and data at rest is generally played around with and SSL[should we expand this?] as well. The bottom line is that data either in rest or motion has to be encrypted. The law enforcement agencies face immense challenges because of encrypted data, it will make hacking difficult commensurately.
From anti – virus, to firewall to Intrusion Detection Systems to Intrusion Protection Systems and the like, the world had come a long way but our adversaries have gone beyond. With all other systems in place, data still remains hugely vulnerable, as seen from the recent incidents in the banking / insurance and other sectors. Data being at the core has to be mandatorily encrypted to bring down threat surface area considerably.
The costing of scalability to counter the prevalent threat is a huge challenge and from banks to other public service organizations, both public & private, are vary of the additional cost based on real threat perception. Nonetheless, it ought to happen sooner than later.
The solution – DATA – ENCRYPTED ALWAYS