The issue in encryption: Why it will not solve our security problems
The issue in discussion today is whether or not encryption is really that important in computer security, when it comes to the issues people face today (in security). The biggest issue faced in encryption is that even if every piece of info in an enterprise, intruders could still access it.
There are many issues faced in encryption. Many speculations occur like the following when it comes to encrypting data (and why there is a need for a backup method):
- Encrypting every piece of information does not always mean the data is totally secure.
- If a user can access the data, so can the intruder.
- Users and even applications must be able to access data in unencrypted form to use it.
- Web apps will still suffer SQL injection.
- It will not stop Java exploits.
- Only if a user can access the device he/she is on, if the device is stolen, the data is no longer secure.
- If the least bit of personal/business information is leaked, a hacker has at least a small means to try to crack passwords.
So, the biggest concern, it seems, that even if data is encrypted doesn’t make it completely secure. The best way to truly secure data is working with a defense-in-depth method of securing machines, as it seems to be a way of making the hacker work hard to get to the data. By that time, the hacker would question whether the hack would be worth it.
If this post would appear to help you save money, by providing tips to secure your data, please consider a donation.