I read the TechWorld feed and last week I encountered an article entitled “Encryption could make you more vulnerable, warn experts”. I couldn’t believe what I was reading.
However, experts from IBM Internet Security Systems, Juniper, nCipher and elsewhere said that data encryption also brings new risks, in particular via attacks – deliberate or accidental – on the key management infrastructure.
Duh! Whenever I am asked about or talk to folks about encryption I always remind them that key management is vitally important; lose your key and you lose you data. Most, if not all, enterprise encryption products offer robust key management and backup capabilities.
Do these companies have products in the pipeline to address these “vulnerabilities” to account for this FUD?
“Sometimes, the result of implementing security technology is actually a net increase in risk,” added Richard Reiner, chief security and technology officer at Telus Security Solutions.