<p>Data security is a non-negotiable strategic imperative cloaked with business implications for risk management and competitive advantage.</p>
<p>Organizations today face ever-increasing cybersecurity risks — both internal and external. Safeguarding data against financial losses, regulatory penalties and reputational damage is not merely a technical issue; it is an enterprise priority.</p>
<p>To that end, data encryption is a key component in <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-secure-AI-infrastructure-Best-practices”>modern AI</a>, cloud and collaboration ecosystems.</p>
<p>Data exists in three phases:</p>
<ul class=”default-list”>
<li><b>Data at rest.</b> Data stored or saved on devices such as local computers, file servers or cloud storage. It is not actively in use or being moved.</li>
<li><b>Data in use.</b> Data being processed, accessed or temporarily held in a system’s memory or processors while operations are performed on it.</li>
<li><b>Data in motion.</b> Data being transferred between locations, such as across networks, between devices or over the internet.</li>
</ul>
<p>Each phase requires different technologies and approaches to mitigate threats. Organizations that operationalize data security across all phases gain a measurable competitive advantage.</p>
<section class=”section main-article-chapter” data-menu-title=”Aligning encryption with business goals and risk management”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Aligning encryption with business goals and risk management</h2>
<p>Executives must establish data encryption as a strategic control that delivers enterprise value. Organizations that adopt a risk-based encryption approach can identify and prioritize data according to its impact on business.</p>
<p>CISOs and their teams should align data security with regulatory compliance — e.g., <a href=”https://www.techtarget.com/searchsecurity/tip/Data-sovereignty-compliance-challenges-and-best-practices”>data sovereignty</a> laws and industry standards; customer trust and brand protection; and digital transformation initiatives, such as cloud, data sharing and AI.</p>
<p>Governance must include clear executive ownership for data assets across business units. Mandate accountability for encryption key management and technical support.</p>
<p><b>Executive insight:</b> <i>Protect data where it reduces material risk exposure.</i></p>
</section>
<section class=”section main-article-chapter” data-menu-title=”How to secure data at rest: Foundation of data protection”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>How to secure data at rest: Foundation of data protection</h2>
<p>Data at rest encompasses databases, cloud storage, endpoints, backups and other static data repositories. In today’s distributed environments spanning regional data centers, edge computing and IoT, these locations can be very diverse.</p>
<p>To protect stored data, prioritize the following five specific actions:</p>
<ul class=”default-list”>
<li><b>Data discovery and classification.</b> Identify and label what matters most to the business. An organization cannot protect what it does not know about.</li>
<li><b>Encryption strategies.</b> Determine whether full encryption — encrypting all data — or selective encryption — encrypting only specific, sensitive data — is best based on sensitivity and performance requirements. Endpoint systems in particular will require attention and support.</li>
<li><b>Infrastructure security.</b> <a href=”https://www.techtarget.com/searchsecurity/feature/Guide-to-cloud-security-management-and-best-practices”>Secure cloud</a> and on-premises environments, including patching, monitoring, key management and physical security.</li>
<li><b>Access governance.</b> Limit access based on roles and business needs, and implement MFA and <a href=”https://www.techtarget.com/searchsecurity/feature/How-to-implement-zero-trust-security-from-people-who-did-it”>zero-trust security</a> where possible.</li>
<li><b>Human risk mitigation.</b> Conduct encryption training and awareness.</li>
</ul>
<p>An effective system to manage data encryption and secure storage offers several positive business outcomes, such as reduced breach likelihood, reduced breach impact, stronger compliance posture with reduced penalties and improved audit readiness.</p>
</section>
<section class=”section main-article-chapter” data
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: