banner

Thales Blog

The Multi-Cloud Era Creates New Encryption Challenges

April 5, 2018

Key Findings from the 2018 Global Encryption Trends Study

Data is the lifeblood of a successful business in today’s world, but the balance of using it effectively and protecting it properly is pushing enterprises to the brink. With more organizations using multiple cloud providers to store and process their data, while at the same time needing to demonstrate compliance with increasingly stringent regulations, it’s essential to have a data protection strategy that is up to the task. No core technologies are more fundamental to data protection than encryption and key management.

We’ve just released the results from our Global Encryption Trends Study which once again show positive growth in the use of encryption across a wide variety of use cases. For example:

  • 43% of respondents report that their organization has an encryption strategy applied consistently across their enterprise
  • 41% are using HSMs (Hardware Security Modules) which is at the highest level ever, and HSM usage is viewed as increasingly important to encryption and key management strategies by 57% of respondents
  • 39% encrypt extensively in public cloud services, a number which has grown significantly just in the past year

An interesting aspect of the 2018 report is that encryption drivers have shifted towards protecting specific sensitive information, not just checking the compliance box. Compliance remains a significant driver for performing encryption, however, it has been surpassed for the first time by protecting enterprise’s intellectual property and customer’s personal information. The trend toward identifying and protecting high risk, high value information is clear, and the continuing drumbeat of data breaches and associated brand damage is keeping encryption top of mind as well.

Now, we’ve seen a multi-year trend of increasing cloud adoption with organizations looking to use the flexibility and scalability of services offered by Amazon Web Services, Microsoft Azure, Google Cloud, and more. However, what differentiated this year’s results was the clear increase in the use of multiple public cloud providers. According to the report, 61% of respondents are using more than one public cloud provider, and 71% plan to in the next two years.

Which leads me to my next point…

Data discovery was cited as huge challenge (67%) for organizations this year. By storing data in several different places, it’s harder for organizations to find and keep track their data, which is important in the face of today’s more stringent compliance regulations. Additionally, the use of multiple cloud providers can take users down the road of using multiple native cloud encryption tools, which in turn makes it difficult to instantiate a consistent encryption and key management policy using those different tools. Multiple tools can also increase the likelihood of mistakes such as configuration errors, which are already cited as the most significant threat to sensitive data or confidential data by 47% of respondents. Organizations can benefit from taking a single pane of glass approach to managing keys and bringing their own encryption (BYOE) to the cloud, simplifying the administrative aspects of encryption and key management.

The Multi-Cloud Era Creates New Encryption Challenges

It’s always interesting to see the changes in encryption trends from year to year. Cloud encryption was nascent five years ago, but adoption has accelerated greatly. Internet of Things (IoT) encryption is where cloud encryption was back then – small and preliminary, but poised for growth. Forty-nine percent of respondents are at least partially encrypting data on IoT devices or along with IoT platforms. The current IoT security focus on authenticating devices will soon grow to include encryption and data protection. The volumes of IoT data that will be generated will become staggering in the near future and enterprises will be forced to create a multi-tier strategy for data protection at the edge, in the fog, and in the cloud.

And of course, we can’t forget about GDPR and the looming May deadline. We see substantial evidence in this year’s study of its effect – one example is the increase in data discovery challenges, particularly in countries such as the UK, Germany, US and France.

No matter what happens over the next year, encryption will continue to be a crucial part of any security and data protection strategy. When all else fails, data-centric methods such as encryption – with best-practice based key management – wrap a protective layer around data to thwart those that seek unauthorized access to it. Scalable, cloud-friendly encryption isn’t a luxury or insurance policy. It’s a necessity to protect the data which is the lifeblood of the business.