What do I need from encryption?
While key length and the range of software features are important, they do not tell you how well a product will perform from the user’s point of view – or from the administrator’s.
FIPS - 140 Validation
The most widely accepted independent validation is the FIPS-140 standard. If a product is validated to FIPS-140 then it is already more secure than most situations demand and will be acceptable under the GDPR and other regulations.
Ease of use for non-technical users
There will always be situations where your employees will need to decide whether or not to encrypt a document, email, etc. It is vital that they are able to use the software provided and can be confident that encrypting data will not lock them – or authorised recipients – out.
Remote management of keys, settings and security policy
To avoid staff having to make security decisions, encryption can be enforced everywhere – but this tends to restrict legitimate business processes and can stifle productivity. The inclusion of a remote management capability – one that allows changing of encryption keys, functionality or security policy settings for remote users, who typically represent the biggest security issue – means that the default settings for enforced encryption and security policy can be set higher without limiting normal processes elsewhere in the business.
Management of Encryption Keys
One of the biggest usability challenges is how users are expected to share encrypted information. There are two traditional methods:
Shared passwords, which suffer from being easy-to-remember-and-insecure or impossible-to-remember-and-secure-but-written-down-or-forgotten, or;
Public-key encryption, which works well across smaller workgroups with no or low staff turnover, but becomes complex and problematic with larger or more dynamic teams.
Using centrally-managed, shared encryption keys avoids these problems, with the added bonus of mirroring the way that physical keys are used to lock our houses, apartments, cars, etc. Staff already understand this concept, and it only needs explaining once. Coupled with a premium remote-management system, shared encryption keys strike the optimum balance of security and practicality.
Try ESET DESlock+ for free
While key length and the range of software features are important, they do not tell you how well a product will perform from the user's point of view - or from the administrator's.