There’s no better place to gauge the state of the security industry than the RSA Conference. At this year’s event, the Vormetric team had a chance to touch base with our fellow industry professionals, chat with analysts and the media, and discuss some of the top-of-mind events that have security professionals buzzing. It was time well-spent and once again a fantastic experience.
Chief among those buzzworthy items is a recent piece from Bloomberg’s Chris Strohm, in which former NSA cybersecurity personnel admitted that encryption would have prevented Edward Snowden from gaining access to their files and so famously disseminating them. This wasn’t altogether surprising to myself or the Vormetric team; after all, encryption has been preventing data leaks for a long time. Yet it seems that Snowden’s well-documented activities, as well as numerous other high profile breaches, have resulted in a general feeling that encryption is ‘the answer.’ But if that’s so, why isn’t it more prevalent? Why is there so much resistance to implementing encryption?
I’ve always joked that encryption is wonderful, except for being terrifying, intrusive, complex, and slow. Except: it isn’t. Vormetric’s philosophy is to emphasize the real currency of the IT world: not dollars, but time and convenience. After all, no one’s encrypting their data because they want to. Rather, it’s out of regulatory concerns, fear of breaches, and generally to reduce risk. We’ve created a platform for our customers to encrypt applications, databases and files while, managing who can access the information, what they see when then attempt access, and protect their data through vendor single encryption, key and policy manager. We’ve done so specifically to improve operational efficiency for our customers: no one wants to train their team to manage and administer four or five different systems, or split their attention between multiple vendors. It creates complexity, increases costs, delays deployment and fuels frustration and the end result? Vulnerable data.
Everyone wants to provide the best data security possible with the resources they have. As regulatory requirements have increased, many of our customers that joined us to solve a specific data protection use case have discovered the power of the Vormetric data platform. They quickly discover they can add use cases with the same platform, same management, same ease of deployment and same transparency. For example, after encrypting their database to meet compliance standards, an expanding organization might follow up by working with us directly to improve protection for unstructured or cloud data. In these cases, providing a multifaceted platform (versus multiple siloed options) is simply a case of practical economics. Reducing the daily IT ‘churn’ of navigating through multiple systems, managers and vendors opens up the door for easier communication and better security.
The beauty of what Vormetric is offering is that we’re facing reality head on. Consumers are demanding that their data be protected, and companies are seeking out easily implementable, comprehensive ways to provide that protection. There’s no room for excuses anymore: no one wants to be the next headline in the Wall Street Journal or Financial Times. If the industry is to take that next step forward and make encryption as common as it needs to be, it’s time for a philosophy shift. Convenience and effectiveness are what customers are demanding and we’d be remiss not to listen to them.