Thales, one of the leading providers of data security solutions has recently released their annual Data Threat Report for 2018. This report analyzes data from 1,200 senior security managers from 11 countries around the globe, including the US, Germany, UK, the Netherlands, Japan, India, and Sweden and highlights among other trends, the rise of encryption.
The report shows that spending on IT security projects is increasing, with 78% of the respondents stating that they were increasing IT security budgets in 2018.
What are the drivers for this increase in spending?
The report shows that the number of data breaches has risen sharply, with breaches becoming larger and more high-profile, with around a third (36%) of the respondents reporting a breach in the past year, and with two-thirds (67%) having been breached in the past. The prevention of data breaches, along with the avoidance of financial penalties resulting from a breach likely accounts for a large proportion of the budget.
Alongside this, data sovereignty remains a hot topic globally and new regulations pertaining to the protection of personal data, such as the General Data Protection Regulation (GDPR) in Europe have also contributed to the upturn in spending.
There are many methods to protect data. However, one solution was singled out by a large portion of the respondents (77% globally) as the number one solution in terms of effectiveness to satisfy local data privacy laws.
This solution is data-at-rest encryption.
Why is the adoption of encryption low?
With threats and breaches at an all-time high, IT security spending on the rise and data-at-rest encryption being identified as the top tool to protect data, why is data encryption not ubiquitous?
In fact, the report shows that despite data-at-rest encryption being identified as the most effective method at protecting data, it was ranked last on the planned spending priorities, compared to other security methods. Interestingly, the lowest ranking solution in terms of effectiveness (end-point and mobile device defenses) sits at the top of the planned spending priorities for 2018.
The inverse relationship between effectiveness and planned spending can be attributed to a number of factors, including cost/lack of budget, perceived complexity, and concerns related to the impact on system performance.
How can StorMagic SvSAN help?
StorMagic SvSAN delivers data-at-rest encryption at up to 85% less cost than other solutions. This feature delivers robust encryption using a FIPS 140-2 validated cryptographic module and cipher (XTS-AES-256) that meets HIPAA, PCI DSS, and SOX requirements.
The data encryption feature is available as an add-on for SvSAN and is delivered as a software-only solution that does not require special self-encrypting disk drives, RAID cards or FPGA/ASICs. Furthermore, it can integrate with any key management solution that is KMIP-compliant, including StorMagic’s own encryption key manager: StorMagic SvKMS.
Implementing data-at-rest encryption with SvSAN eliminates the previous barriers to entry.
Enabling encryption is performed with a few clicks.
- New volumes can be created with encryption enabled by default
- Existing unencrypted volumes can be encrypted
- Crypto-keys to be changed (rekeyed) to fit in with a key lifecycle management policy
SvSAN with data encryption is significantly less expensive than comparable solutions for edge computing environments, by as much as 85%.
Impact on performance
Performing encryption operations is compute intensive and will always have some impact on performance. However, to combat this, the SvSAN data encryption feature utilizes modern CPU instructions (e.g. Intel AES-NI) to allow the encryption operations to be offloaded to the CPU, significantly improving encryption performance.
To lessen the impact on performance even further, additional vCPUs can be assigned to the SvSAN virtual appliance to provide additional compute resources for the encryption operations.
For more information on simple, cost-effective, flexible virtual storage designed specifically for the edge, download the SvSAN Technical Overview white paper.