New security technologies are finally making it easier for security to enable the business and drive value, according to Dave Anderson, senior director at Voltage Security.
Many of the largest organisations in the world are beginning to use information security as a strategic advantage and to re-establish the value of data.
“Although we have been talking about this for years, it has become much easier to achieve in the past year to two years,” he told Computer Weekly.
“Encryption used to be a difficult and manual process, requiring encryption keys to be renewed annually and other key management processes,” said Anderson.
But with the advent of stateless encryption technologies, all the key management problems go away because keys are generated on demand, he said.
Information can be exchanged securely without changing the business processes. All that is required is for the sender and recipient to register with a key server, typically in the form of a virtual appliance.
More on security and the business
- How IT security can drive business and enable innovation
- Business support security spending set to rise, survey shows
- Businesses finally see ROI for IT security
- IT security: could you be the key?
- Security Think Tank: context-aware security is business-aware security
- UK companies use IAM for business not security, study shows
- Upfront security better and cheaper, says expert
Through integration with most common email clients, encryption and decryption is handled automatically in the background.
This evolution in security technologies is enabling business to do things that it could not before, such as a US-based bank that is now offering mortgages through an automated online process.
“This initiative was driven by the bank’s security team, which recognised that by using data encryption and tokenisation, sensitive mortgage data could be protected easily for the first time,” said Anderson.
“This is a good example of how security can be proactive in enabling the business to improve the customer experience, improve the efficiency of processes, cut costs and drive revenue,” he said.
Security is no longer about locking up the data, but using new technologies to make data available securely to the right people inside and outside organisations, said Anderson.
“Data is only valuable when it can be moved around and made easily accessible to those who need it to do their jobs,” he said.