With the rapid growing of technology and information, protecting customer and business has become increasing important because hackers today target a lot of business from small to large size hoping to gain information about either the customer or the business so that they can sell the information and make a profit, this can, in turn, hurt the business and its reputation because the customer will no longer have trust in the business and will leave the business to do business somewhere else. On top of that, the company that got compromised will also have to pay law suite money when going to court.
It is simply not enough to rely on technology and services alone to protect business data because when it comes to information security, security is a process and not a technology. Technology can only help to protect the data but like all technology, it is only as good as the person show designed it. The IT specialist will have to innovate new idea and new ways to protect their business data and infrastructure. New product is always being invented to help IT professionals protect their organization data and one of them is called the Dell EMC Integrated Data Protection Appliance which according to Robb D. this device “is a pre-integrated appliance that is said to be simple to deploy” and it was designed to support a wide range of network and application including both physical and virtual platform. “It also supports multiple hypervisors and can extend to the public, private and hybrid cloud for long-term retention”. (June 2, 2017). Although relying on appliance to protect business data is a good idea, user must remember that one technology is not good enough to keep the data safe, the user must create other strategies to harden the network and service such as using the latest encryption technology and make sure the algorithm it provides is AES or advanced encryption standard which is the strongest encryption right now for any technology to encrypt network traffic.
Protecting Data at Rest
Protecting data at rest is another important strategy for securing data for any organization with information technology, and dealing with threat intelligence. While traffic moving through the network can be encrypted using Virtual Private Network, Firewall, and other appliance, it is also important to use encryption software to encrypt data at rest because when data that is stored on a hard drive or at a destination unencrypted, the hackers can use malware and other malicious software to copy and steal data. If the data is encrypted while it is sitting on a server or a hard drive, even if the hacker can make a copy of the data, it would still be very hard for the attacker to decrypt the data. One of the best encryption used by many small businesses and large enterprise today is the PGP or pretty good privacy algorithm and Symantec has developed a software that uses the PGP algorithm to help user encrypt their data stored on the server. If the business wants to save money and still want to use the PGP algorithm to protect their data, they can use a software called OpenPGP which is an opensource tool that works similar to Symantec that provides the same security and the best part about OpenPGP is that it is completely free to use for anyone. Anyone can take the source code, edit the software based on their business needs and compile the software to run with their system. According to OpenPGP “OpenPGP is the most widely used email encryption standard. It is defined by the OpenPGP Working Group of the Internet Engineering Task Force as a Proposed Standard in RFC4880” so using this will provide the same security measure and will meet government compliance for protecting corporate data.