Network Computing Dark Reading

Advertise

Operations

2/8/2019
02:00 PM

Curtis Franklin Jr.
Slideshows

1 Comment
Comment Now

6 Reasons to Be Wary of Encryption in Your Enterprise

Encryption can be critical to data security, but it's not a universal panacea.

2 of 7

Encryption Isn't Free

Both Microsoft and Apple now include encryption as an option for clients running their operating systems. So if there's no additional charge for encrypting the hard disk on a laptop, encryption is free for everyone, right? Well, no.

First, there's a dramatic difference between encrypting the hard disk of a laptop or desktop computer and encrypting the petabytes that make up a modern enterprise data storage infrastructure. There's really no comparing the scale of the two processes in a way that's meaningful. Time is one of the resources that is eaten in vast quantities by the latter; CPU cycles and memory are two more.

There is also a performance impact for encryption and decryption. The small performance penalty that may be all but unnoticeable on an encrypted laptop can become unbearable when multiplied across tens of thousands of users and millions of transactions. Very real costs are associated with encrypting data — and the conversation hasn't even reached the point of discussing the cost of the software or services to provide the encryption itself.

The point is that encryption has costs associated with it — costs that must be weighed against the benefits of encryption for a particular piece of data. It's a rare organization that will find every bit so important that it's sufficiently valuable to justify the cost of encryption, so calculations are required in even the smallest of companies.

(Image: Victor Moussa via Adobe Stock)

2 of 7

Comment |

Email This |

Print |

RSS

Comments

Newest First | Oldest First | Threaded View

[close this box]

100%

davinoishi,
User Rank: Apprentice
2/12/2019 | 11:35:33 AM

Transparent Encryption

While file and volume encryption have limits, there are transparent solutions available that allow information to remain encrypted even in use.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

High Stress Levels Impacting CISOs Physically, Mentally

Jai Vijayan, Freelance writer, 2/14/2019

Valentine's Emails Laced with Gandcrab Ransomware

Kelly Sheridan, Staff Editor, Dark Reading, 2/14/2019

Making the Case for a Cybersecurity Moon Shot

Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer, 2/19/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

Want to Stay In Front of Breaches? Train Like The Marines.

Secure DevOps: Fact or Fiction?

FutureWatch Report

Threat Hunting Report

More White Papers

Video

All Videos

Cartoon

Latest Comment: We won't cut you loose as long as you don't slow us down!

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-20122
PUBLISHED: 2019-02-21

The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is...

CVE-2018-6687
PUBLISHED: 2019-02-21

Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows.

CVE-2019-8982
PUBLISHED: 2019-02-21

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.

CVE-2019-8980
PUBLISHED: 2019-02-21

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

CVE-2019-8979
PUBLISHED: 2019-02-21

Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.

Terms of Service
Privacy Statement
Legal Entities