Encryption technology was once so complicated and expensive to implement that no one used it. That’s changing. These examples illustrate how it can be done.
Halfway through a meeting led by one hospital’s IT security team, the doctors finally got a break to stretch their legs and get coffee. While they were gone, some of the security team went around the room and picked up a few of the PDAs that had been left behind. When the doctors came back, the security team displayed some of the sensitive information on patients that had been left unprotected on the devices. It was an enlightening experience for the doctors.
In that case, theft had not really occurred, but in reality, hardly a month goes by when a serious security breach isn’t reported in the news. In most cases, the problem is that the personal data has not been encrypted.
But perhaps you’re thinking that it’s simply not practical to expect everyone to encrypt the data they work with routinely. Maybe you’re imagining a huge, expensive project that requires the IT team to devote time to the complex task of managing a host of electronic keys and certificates while users have to jump through hoops deciding when (and remembering how) to use encryption.
Thankfully, those days are gone. Encryption products are smaller, easy to manage, and transparent to end users. At the same time, they can be just as powerful as a giant public-key infrastructure (PKI) solution that only five years ago would have had managers and users alike pulling out their hair in frustration.
Not only is encryption easier and cheaper than ever before, but it can be used in a variety of ways. Data on mobile devices can be secured; e-mail messages automatically encrypted and decrypted; and full disk encryption can be implemented where necessary.
The following stories show how three different organizations used encryption to secure information.