Data encryption an effective tool to maintain data control

6th September 2013

By: Schalk Burger

Creamer Media Senior Deputy Editor

  

Font size: - +

Companies should encrypt data to retain control of their data exposure, ensuring that corporate information is not compromised or lost, says managed service provider Global Micro Solutions MD JJ Milner.

The Protection of Personal Information (PoPI) Bill will require all companies to access and delete personal data, which will result in increased data control, especially data stored in other jurisdictions, he says.

Companies often use free overseas mailboxes with basic or universal service level agreements, but this leaves companies with few, and costly, choices to gain compensation should data be lost or leaked. However, the data may still be lost, with the commensurate loss of business advantage or increased business risk, Milner says.

“Even a free solution is not truly free. There are data connectivity costs and there is also a latency delay to international servers, while companies are not guaranteed that they will be able to effectively prosecute the offending service provider should data losses or leaks occur.”

Companies should look at South African service providers because the companies will be able to use local laws to hold the service providers to greater account within South African jurisdiction. Companies can also determine the levels of service they require.

“However, there is no better defence of corporate data than common sense. The primary rules of reducing data exposure, data sprawl and retaining data control are necessary to mitigate potential losses of data by service providers,” he says.

There are several options that companies can explore should they host data with a service provider, including using a transparent encryption proxy, which stores encrypted data to which only the company holds the encryption keys.

Companies must create a sphere of control of their data that incorporates the most critical data and, thereby, retain control of the potential exposure of their businesses’ data. This can partly be achieved through encryption techniques and sound data manage- ment principles, says Milner.

The

PoPI Bill and related data privacy laws are laying the groundwork for correct behaviour with regard to data management in South Africa, but it is not a cure-all for unfit data management practices and also does not mitigate criminal risks of data exposure.

Using multifactor authentication, for example, to secure transparent decryption of sensitive documents or documents that may be distributed to several devices, can help reduce unintended data breaches and can help companies to maintain control over their business data and risks, concludes Milner.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

The content you are trying to access is only available to subscribers.

If you are already a subscriber, you can Login Here.

If you are not a subscriber, you can subscribe now, by selecting one of the below options.

For more information or assistance, please contact us at subscriptions@creamermedia.co.za.

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION