Encryption

The Sterling Data Group > Data Protection > Encryption

Encryption is key to Data Security

It’s a fact that data is more dispersed than ever before. With employees using laptops, home PC’s, tablets and smart-phones the task of ensuring data security is becoming more and more difficult. Recently a company was fined £60K following the theft of a laptop containing sensitive personal information during a burglary at an employee’s house. Needless to say, the data on the laptop wasn’t encrypted. Click here for the full story or click here to contact us for more information.

In the above case, the laptop was password protected, however this only protects data access via the operating system. Simply by removing the disk and attaching it to another computer could grant access to all of the sensitive information that it contained.

The only real solution is to employ ‘Whole Disk Encryption’. Whole disk encryption forces the user to enter the encryption pass-code when starting the computer up and makes the data inaccessible without the pass-key should the disk be connected to another computer.

Whole disk encryption is available from many software providers and is even available as Open Source software, there are however some additional points that should be considered prior to selecting a whole disk encryption solution:

  • Ensure that the software is certified to FIPS, CCTM or other applicable recognised standard.
  • Ensure that all employees understand that the data on mobile devices (and preferably desktop devices also) must be encrypted at disk level.
  • Choose the appropriate solution, an organisation with only a handful of hardware items may opt for a locally managed Open Source solution whereas an organisation with many devices, will be best served by a centrally managed Enterprise solution.
  • Ensure that mobile devices are either prevented from storing data locally or are also encrypted.
  • If employees are able to use USB memory sticks, ensure that these are also encrypted by default when connecting to the USB port of a machine within your organisation.
Hardware Based Encryption
 
Hardware based encryption is a variant of whole disk encryption that removes the need to have 3rd party software (which can in some instances be disabled by the user) installed. Software encryption can be complicated to use, require central management and can also slow the performance of the computer down.
 
Hardware based encryption is available built into standard Hard Disks (HDD) and new Solid State Disks (SSD), the latter bringing additional benefits by reducing laptop power consumption thus improving battery life, much faster boot and faster data access. Should a laptop or desktop be lost or stolen, the data cannot be accessed without knowing the encryption key (password). Please click here to contact us for more information.
 
Sterling Encryption Services
 
Sterling can assist you with an audit of your current encryption policies and then provide advice to close any gaps in your encryption policies. We can also provide staff training to ensure that the importance of encryption is understood throughout your organisation.

Sterling can also supply hardware encrypted disks, both HDD & SSD that comply with FIPS standards. This service is available as supply only, supply and fit or supply and clone where the existing data (including operating system) is cloned to the new disk before applying the encryption. With the cloning service, once the disk is installed the computer is exactly the same as before the replacement but also secure. Please click here to contact us for more information.

Encryption of Portable Data

One of the weakest links in the data protection chain comes in the form of USB Flash Drives. As these devices are readily available and  very cheap, it “makes sense” for an employee who needs to transfer data to work elsewhere (or even to create a backup) to transfer it to a USB stick.

These devices however are prone to loss and theft and in most instances are not encrypted. Again, as with hard disks, encryption is available  either software or hardware based. Some software based devices allow encrypted and non encrypted data to co-habit on the same device, allowing for errors to be made when storing data. Hardware encrypted devices usually only allow for encrypted data to be stored preventing accidental storage of unencrypted data. Click here to see the range of hardware encrypted devices available from Sterling or click here to contact us for more information.

Encryption of Physical Records

There have been multiple stories in the press concerning lost and stolen paper files that contain sensitive data. Obviously it is not practically possible to encrypt paper based documents yet employees often have a requirement to refer to paper records when working remotely or when visiting clients.

The solution is to move paper based records into a secure cloud based repository that is fully compliant with your security policies. This allows for authorised employees to access, edit and add to these records from any web connected device.

Sterling’s solution from Castrum provides just this service. Furthermore, by placing your existing paper based records in secure archive storage with Sterling, they can be digitised on demand providing a seamless, cost effective transition to secure working practices. Please click here to contact us for more information.

Online Backup and Recovery
Backup Media Management

Live Chat

Join the Live Chat