This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Two of the most serious data breaches in 2015 came from the Asia Pacific region, when a whopping 43 million data records were stolen from the Korea Pharmaceutical Information Center,and 30 million records were stolen from India's BSNL in July, according to the Breach Level Index. In the Asia Pacific region, there were 63 data breaches in the first half of 2015.
A perfect security storm is brewing
The environment could not be more inviting for a criminal. More and more enterprises are migrating to the cloud, big data is now widely used across Asian enterprises, and IoT is gaining momentum, meaning large amounts of data are being moved across 100G/200G (and beyond) infrastructures. These trends have created a perfect security storm, dramatically reducing the enterprise's ability to secure the network.
Governments worldwide are beginning to recognise this threat, rolling out new security regulations with heavy penalties. As a result, enterprises need new security solutions that ensure the information travelling across private and public networks is secure.
The traditional approach to data security is now inadequate
Today, enterprises tend to equate security with perimeter and premise security - meaning firewalls, user access management and credentialing to secure servers, databases, routers, and switches. These technologies protect data 'at-rest'.
However, it's important to remember that a huge part of what we see as 'the cloud' doesn't live overhead or in a data centre. The cloud lies under our streets, with fiber-optic networks transporting terabytes of data at dizzying speeds across cities, countries and continents.
This data is highly vulnerable to attack -instructions to do so can be easily accessed via social media. Encrypting essential data while in flight is essential to an overall data security strategy.
Encryption has been around for a long time: we are all familiar with protocol-specific encryption methods such as Transport Layer Security (TLS) and Secure Sockets Layer (SSL). However, with the vast number and types of devices and protocols in use today to create and access critical data,traditional per-application encryption solutions can quickly become cumbersome, complex, and costly. Bulk encryption for data in flight can help alleviate some of that burden at both the end devices as well as at the application specific layer, as it acts on aggregate traffic rather than individual instances/sources. For that reason, it can be done much more simply and cheaply, and with much less impact to performance.
A holistic strategy with optical encryption
It is now becoming clear that to address the range of devices and applications that generate and use enterprise data, network managers need to go even deeper into the network and encrypt at the physical or optical layer, just before it enters the fiber.
Sign up for CIO Asia eNewsletters.