banner

Thales Blog

Stop the network – I want to get off

June 22, 2021

Sharon Ginga Sharon Ginga | Senior Technical Product Marketing Manager More About This Author >

Data is moving across the network all the time, to and from data centers to headquarters, branch offices, across on-premises, and virtualized networks, to the cloud and back again. So it’s highly unlikely that you can separate yourself, and your data, from the network. And not if you want to get anything done like running your business, whatever business that may be.

But is that data secure? The data network infrastructure is the on-ramp for all organizations’ connectivity and as data grows exponentially, so do attempts by cybercriminals to target the volumes of data in motion. COVID-19 has meant that more and more data is moving across unsecured networks, and even as we take small steps to a new hybrid normal, this trend will continue.

A recent Thales research report of IT and cybersecurity decision-makers highlights serious concerns about the security of data in motion across networks. Public and private networks are assumed to be secure, when in fact they are not and data flow unencrypted. The research shows that only 9% of enterprises believe they have proactive cybersecurity strategies that address evolving threats and just 58% of organizations say they encrypt their data in motion. 69% of respondents claim to use firewalls or IPsec for encrypting network data in motion, unaware of the security and performance limitations of these solutions, rather than using dedicated purpose-built network data encryption security solutions. As important as firewalls are to protect digital assets against cyber-attacks, they do not protect against the successful breach of unencrypted network data. Relying on outdated technologies, such as IPsec a 25-year-old protocol that was not designed for high bandwidth networks, means that oftentimes organizations are compromising on performance as well as security. These security compromises including open access, no automated key rotation and lack an active tamper response can have far-reaching consequences in the event of a breach.

And 70% depend on regular implementations of time-consuming and business disrupting software patches to keep their often outdated security solutions up to date. So as the network operations staff struggle to keep up with the demands of today’s networks using yesterday’s technologies that cannot support their requirements, the majority are aware of but don’t have time to develop a more forward-thinking strategy to handle newer and upcoming technologies like Software Defined Networking (SDN) and Post-Quantum Cryptography.

It’s not all doom and gloom as there is growing awareness about the need for data in motion protection solutions. As with all encryption, 86% understand that securing the keys to their encryption is vital to ensuring an effective solution. And similarly, 85% of respondents believe a dedicated purpose-built security solution’s ‘separation of duties’ (security versus network operations) is important for maximum data protection, as opposed to ‘integrated solutions’ that perform dual network and security functions.

The survey shows inconsistent and highly fragmented approaches to network data encryption security across organizations. The growing trend towards adoption of DevSecOps will help enterprises that want to ensure that their security solutions work seamlessly and flexibly within the underlying network architecture used by business teams. Without a way to securely and efficiently share data, most of us can’t do our jobs, not to mention manage a large part of our digitally connected lives. So where does that leave you? Isn’t it about time to get on, not off, to effective network data encryption security?

To find out how you match up to your peers, and what you can do to improve both performance and security, download the Security Weaknesses in Data in Motion Identified in Cybersecurity Survey.