The possible answers, as most security professionals will tell you, are anything but simple.
Unisys today took a crack at this complex problem with the introduction of Stealth Solution for Network, a patented method of encrypting and "bit-splitting" data into smaller pieces while encrypting them again.
The idea behind Stealth is to allow organizations to restrict the exchange of sensitive data to a fixed group of individuals who have the keys to encrypt and decrypt it --without forcing them to use a discrete network. Stealth can be used on an enterprise network to prevent other groups in the organization from viewing data, or it can be used over virtual networks or the Internet to help protect sensitive data from being accessed by outsiders, Unisys says.
Stealth can also be used to keep users from straying outside their secure communities, Unisys states. By assigning a digital workgroup key to each community of interest, Stealth can ensure that users cannot access data outside of their assigned communities, the company says. "Stealth delivers the right information to the right people at the right time," says Ted Davies, president of Unisys Federal Systems. "Our government clients have been asking for a security solution like this for years. With Stealth, we can help them to simplify their networks without sacrificing security, while delivering significant cost savings."
Initially, the Stealth technology is being targeted at defense and other government environments, but Unisys says it expects its new approach to catch on in commercial environments, where retailers, financial institutions, and healthcare providers are seeking to build "trusted networks" that allow the exchange of data with less fear of attack by hackers or identity thieves.
Stealth, which was developed in a partnership with security vendor Security First, has been in development and testing for more than four years, Unisys says. It encrypts data, "bit-splits" that data into multiple packets as it moves through the network, and then reassembles the information packets for delivery to authorized users. These packets are proved secure through the use of certified encryption and unique bit-level splitting of the encrypted data.
Stealth is a combination of software that resides on users' personal computers and -- for now -- a Dell 1950 server that manages and provides the workgroup license keys. Once authorized and granted workgroup keys, users create peer-to-peer encrypted tunnels vis available networks to share information, Unisys says.
Unisys isn't giving details on Stealth products or prices yet, but the company plans a broad rollout next year. The new line will also include Stealth Solution for Storage Area Networks (SAN), which will extend the encryption and bit-splitting concept to the SAN environment. Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message