The majority of data breaches today are occurring at the application layer where sensitive information is more exposed and susceptible, however a joint research survey with Entrust revealed that less than 25% of respondents are actually applying data protection at the application layer, instead relying on data-at-rest encryption. The challenge is that data-at-rest encryption only really secures data when it remains at rest. When an authorized application requests the data, it is decrypted and passed to the application in the clear, leaving sensitive data-in-use vulnerable – kind of like having an insurance policy that only covers your car while it is parked in your driveway but not while it is being used. This does not make sense to us, and it appears that the sentiment is shared. Broad concern was expressed by the respondents of the survey, which included 600 IT professionals from the US and the UK, 85% of which reported being somewhat or very concern with unprotected sensitive data at the application layer.
But protecting data at the application layer is complex and challenging. When asked about the top challenges for implementing application-level data protection, respondents ranked 11 different items among the hardest. Challenges with managing cryptographic keys and consistently applying data protection policies, especially across multiple applications, were among the higher rated responses. However, no single answer received a majority of responses, highlighting how broadly challenging it can be to secure data in applications.
These results buttress what most industry experts already know about the traditional approach to application-level data protection, in which cryptographic functionality is interwoven into applications to secure data at its point of creation – it’s hard. Compound this challenge with the need for multiple applications to access the same encrypted data, perhaps across multiple operating systems and multiple cloud environments, and it becomes exponentially more complex and time consuming to implement. However, this is exactly what the joint solution from Prime Factors and Entrust addresses – hardened application-level data protection simplified.
Perhaps the most surprising of the survey results was that 96% of respondents reported that they plan to implement specific application-level data protection functionality within the next 12 months. These numbers number are astounding, given how relatively little adoption application-level data protection has had to date, however, with evolving regulations and standards, along with ongoing breaches, perhaps it should be expected. As the move to better protect data at the application layer continues, companies will look to simplify protecting data wherever it is used, moved, or stored.
Request the Webinar Replay, “Application-Level Data Protection: Confusion, Challenges, and Solutions” to explore the survey results, learn the nuances and challenges of application-level data protection, and discover architecture and approaches that can help simplify protecting data where it is most at risk.