Encryption

Papers and Posts

If you are just getting started, we recommend you read the following blog posts and papers in order. (In keeping with our Totally Transparent Research policy, for sponsored papers we also link to the original blog posts so you can see how the content was developed, and all public comments).

1. The most important piece of work we've published on encryption is Understanding and Selecting a Database Encryption or Tokenization Solution.
2. Your Simple Guide to Endpoint Encryption.
3. Post on the Three Laws of Data Encryption.
4. Format and Datatype Preserving Encryption
5. Post on When to Layer Encryption.
6. Application vs. Database Encryption.
7. The post Database Media Protection focuses on threats to storage media, and some follow-up comments on Database Media Threats.
8. The Data Security Lifecycle covers encryption during the movement and storage of data.

General Coverage

1. Tokenization Will Become the Dominant Payment Transaction Architecture
2. Visa’s Data Field Encryption
3. Boaz Nails It- The Encryption Dilemma
4. “PIN Crackers” and Data Security, looking at attacks on encryption.
5. Part of the core value of Data Centric Security is the ability to protect data regardless of where it moves or resides, which is facilitated by encryption. This is discussed in Part 1 and Part 2 of the Best Practices for Endpoint Security.
6. An editorial on how parts of the U.S. intelligence community discourage the adoption of encryption, as it is counterproductive to their mission.
7. This post discusses Digital Rights Management (DRM) as it pertains to Cloud Computing and content protection.

Presentations

• Presentation on Data Breaches and Encryption.
• Presentation on Data Protection in the Enterprise. This is a corporate overview.
• This presentation is on Encrypting Mobile Data for the Enterprise.

Podcasts, Webcasts and Multimedia

We do not currently have any multimedia for this topic.

Vendors/Tools

The following is just an alphabetized and categorized list of vendors and products in this area (including any free tools we are aware of). Being here does not imply any endorsement; this list is simply meant to assist you if should you should start looking for tools. Please email info@securosis.com if you have any additions or corrections.

Enterprise/General Encryption Providers

• Certicom.
• CheckPoint.
• Entrust.
• GuardianEdge.
• IBM.
• nuBridges.
• Prime Factors Inc.
• RSA.
• SafeNet.
• Sophos (Utimaco).
• Symantec (PGP).
• Thales (nCipher)
• TruCrypt.
• Venafi.
• Voltage.
• WinMagic.

Endpoint Encryption Vendors

• beCrypt.
• Credant.
• DESLock.
• McAfee (SafeBoot).
• Microsoft (BitLocker).
• Namo.
• Secude.
• Secuware.

Database Encryption Vendors

• NetLib.
• Oracle.
• Relational Wizards.
• RSA (Valyd).
• SafeNet (Ingrian).
• Sybase.
• Thales (nCipher).
• Voltage.

Key Management, Certificate and other tools

• Entrust.
• Symantec (Verisign).