Keeping Data Secure: A Happy Marriage of Hardware & Software

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.infosecurity-magazine.com/opinions/keeping-data-secure-a/

We've all heard the stories about being hacked - and perhaps even
experienced it ourselves - whether by rogue individuals or organized
criminal organizations. Cybersecurity anxiety appears to be the new normal
for our times. It seems not a week goes by without news of another
prominent computer security breach.

Like me, most of us have also received one or more notifications that our
credit card or personal identity information may now be in the hands of
these invaders.

There's nothing new in this, really. Willie Sutton enlightened us all a
long time ago. He allegedly said he robbed banks, “Because that's where the
money is.” Today, money and other valuable personal information are ones
and zeros; digital bits stored on servers. There's a real evolution from
traditional crime to cybercrime. Yesterday's bank vault is now a server and
disc storage array in a data center. Instead of armed guards standing at
the bank entrance, security now comes from computer access control and
encryption guarding our assets.

With everything rapidly moving online, it's clearly a new age and one that
is quickly growing and changing. The Internet of Things and cloud
computing, two massive trends still unfolding, bring both benefits and
threats. As everything becomes more connected, we gain greater services
that improve our quality of life, such as being able to deposit checks and
make payments from our smartphones. Organizations are better able to drive
cost savings by improving asset utilization, enhancing process efficiency
and boosting productivity. But at the same time, this connectedness creates
new opportunities for outsiders looking to exploit security holes for their
own profit.

Security with No Sacrifice in Convenience or Performance

The challenge to us all is significant as individuals, and your
organization, face daily peril of theft in the digital age. You are now
faced with the task of protecting assets, whether on smartphone or PC, and
your IT managers have to protect servers, business laptops, and other
embedded computing nodes.

Why embedded devices, you may ask? Think about the multitude of new
intelligent connection points where data is being collected: biometric
authentication, mobile payment systems, toll roads, location tracking and
smart electrical grids. The advent of autonomous cars will add a new
wrinkle, as clearly a nefarious hack of the navigation and control system
could prove disastrous. Already there are hacking efforts pointing to the
potential for this vulnerability.

All of this is made more complicated by the vast technical complexities and
mix of user needs. Companies, public entities and governments have mobile
workforces, infrastructure  and audiences that require global
communications, cloud-based functionality, and adherence to strict
regulations, all while compromising neither your employees’ ability to
bring their own devices nor your organization's data security.

At the same time, even though individuals and businesses need security,
they aren't willing to sacrifice convenience or performance. To achieve
this along with a greater level of security requires a combination of
software and hardware. Since it cannot be remotely altered, hardware-based
security augments available software tools. The physical layer virtually
eliminates the possibility of malware, such as virtual rootkits, from
infiltrating the operating system.

Security-hardened platforms for PCs, servers, high-performance computing,
and embedded devices make consumer and commercial workloads more secure
through encryption acceleration, trusted execution environments, isolation
of sensitive applications, secured authentication and dedicated key
storage. To do this, hardware developers include a secure processor paired
with high performance cryptographic engines.

The Best Combination for Security

Dedicated hardware enables more secure computing, whether on a PC, laptop,
server, or an embedded device. The hardware provides encryption
acceleration to protect data without slowing the user's experience.
Encryption is considered more secure because the encryption keys are
embedded in the hardware and this can  pose a significant road-block for
attackers. In addition, hardware security does not consume system resources
which results in faster performance for security operations.

The best security comes from a combination of hardware and software. By
using the two together, you can gain access to proven security management
software that includes virus detection, anti-malware, system management,
data encryption and data geo-fencing.

We're now at a point where there's a crisis of trust, where cybersecurity
is a fundamental requirement for modern computing. Without this, the
developing trends of greater connectivity through cloud computing and the
Internet of Things could possibly bring more risk than reward. Your
individuals and your businesses need full solutions to help protect
consumer online experiences, corporate device and data management, security
of cloud infrastructure, and the Internet of Things. Robust security
hardware and software is key to securing your data future.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!