Network Security – Desktop encryption

In Network Security’s December newsletter Ken Munro, Director of penetration and security testing company, NCC Group SecureTest discussed the shortcomings of encryption.

“Encryption seems to have become the network security saviour over the past few months. There is no doubt that encryption as a way of protecting data is a valuable and powerful weapon in the network security arsenal. However, those who put it in place as a knee-jerk reaction, without thinking about how it should be implemented, rick becoming complacent and leaving their data vulnerable to attack. Encryption is by no means the be-all and end-all of IT security and there are a number of ways in which it can be compromised.”

Munro concluded: “Despite its shortcomings and the emerging security issues, it remains one of the best ways to protect data in case of it falling into the wrong hands. What is important, however, is that we continue to stay one step ahead of the black-hat hackers, discovering and rectifying the holes in our defences before the attackers exploit them.”