Companies are embracing an enterprise-wide encryption strategy

The biggest users of encryption are companies in financial services, healthcare and pharmaceutical, as well as technology and software industries, according to Thales.

A new study, which is part of an annual survey of more than 5,000 individuals covering 14 major industry sectors and 11 countries, focuses on how encryption is being used in conjunction with business applications in order to protect data and allows companies to benchmark their use of encryption against companies in similar industry sectors and geographies.

Trend on the extensive use of encryption technologies

“The increased usage of encryption can be traced to many factors, chief among them being cyber-attacks, privacy compliance regulations and consumer concerns. Additionally, the continuing rise of cloud computing as well as prominent news stories related to encryption and access to associated keys have caused organizations to evolve their strategy and thinking with respect to encryption key control and data residency. Our global research shows that significantly more companies are embracing an enterprise-wide encryption strategy, and demanding higher levels of performance, cloud-friendliness, and key management capabilities from their encryption applications,” said John Grimm, senior director security strategy at Thales e-Security.

Key findings

• Companies reporting extensive use of encryption jumped 7% up to a total of 41%, the largest increase in the 11 year history of this report.
• Financial services, healthcare and pharmaceutical, and technology and software companies are using encryption the most – indicative of the influence of regulations, privacy concerns, and the need to protect against purposeful or accidental data breaches.
• Companies that are more mature with respect to their encryption strategy are more likely to deploy Hardware Security Modules (HSMs) across a wide array of encryption applications. HSMs are most frequently used in conjunction with SSL/TLS, database encryption, and application level encryption.
• Companies with a more mature encryption strategy, and who use HSMs more extensively, consistently report lower levels of key management pain.
• Databases, internet communications (SSL/TLS) and laptop hard drives consistently top the list of areas where encryption is most frequently used.
• For cloud data protection, Financial Services companies apply encryption to data at rest, and exert sole organizational control over encryption keys, at rates that significantly exceed averages across all industries.
• Support for both cloud and on-premise deployment ascended to the second most important feature of encryption applications, reflecting the increased move to the cloud and requirements for cryptographic services that span seamlessly from the enterprise to the cloud.
• Performance and latency have ascended to being considered the most critical feature of encryption applications, reflecting increased encryption adoption and the need to ensure it does not interfere with business operations.

Average rank on encryption application extensive usage

1=highest usage rate to 14=lowest usage

“In the 11 years the core survey has been conducted, there has been a steady increase in the use of encryption technology, with the highest increase ever in this year’s results. Along with that increase we’ve seen the rise of new challenges in the areas of encryption key management, data discovery, and cloud-based data storage. The findings of this study demonstrate the importance of both encryption and key management across a wide range of industries and core enterprise applications – from networking, databases and application level encryption to PKI, payments, public and private cloud computing,” said Dr Larry Ponemon, chairman of The Ponemon Institute.