Confusion around application-level data protection creates hidden security risks, reveals survey by Entrust and Prime Factors
Survey reveals key trends among US and UK IT organizations around securing sensitive data at the application layer.
MINNEAPOLIS, MN— May 17, 2021 — Entrust, a global leader in trusted identity, payments and data protection, and Prime Factors, a global leader in application-level data protection, have found that companies plan to take extensive actions in the next 12 months to address a broad concern for sensitive data being unprotected in use at the application layer.
Results from a recent survey of 600 IT professionals across the US and the UK convey that most companies are taking a variety of actions related to data protection. However, many companies do not address data protection in the applications they control, instead relying on data-at-rest encryption techniques which generally do not protect data-in-use. Most companies appear to be broadly concerned with protecting data beyond when it’s at rest, with 85% of respondents reporting being somewhat or very concerned with unprotected data at the application layer. Yet the survey finds that only 24% of companies are employing techniques that protect data in the applications they control.
Respondents did indicate considerable near-term action plans to address protecting data at the application layer – with nearly all respondents (96%) stating that they have plans to add application-level data protection functionality within the next twelve months. Encryption, data masking, security audit logging, and tokenization were among top solutions listed by respondents. However, respondents also expressed broad concern for the complexity of implementing these types of data protection. When asked to list their top three challenges in implementing application-level data protection, no single answer was chosen by a majority of respondents, with answers ranging across seven different challenges reaching at least a 25% response rate.
Overall, the highest ranked challenge in applying data protection in applications was related to cryptographic key management. When asked what about cryptographic key management was most challenging, the number one answer was ‘generating and storing cryptographic keys securely’. Furthermore, the vast majority (98%) cite using Hardware Security Modules (HSMs) to support encryption in applications.
“Organizations can no longer afford to underestimate or poorly implement application-level encryption,” said John Grimm, Vice President of Strategy at Entrust. “Whether organizations are managing fully automated, high-volume applications or tightly supervised, low-volume applications, it’s imperative that business leaders and IT teams prioritize deploying application-level encryption and data protections. Using Entrust hardware security modules, organizations can establish a safe, trusted platform for cryptographic processes and key management.”
“Companies tend to focus on securing data-at-rest, because it’s traditionally been easier to implement,” said Justin Teitt, Chief Operating Officer of Prime Factors “however, these solutions are not designed to address protecting data once it leaves its storage location. This is clearly an area of growing concern, however the perception that protecting data at the application layer is too challenging still lingers. This is exactly what our solution helps to address – simplifying complexity for application-level data protection.”
Report Summary: Landing page
Webinar: Register for webinar on 9 June
Entrust: https://www.entrust.com/digital-security/hsm; or
Prime Factors: https://www.primefactors.com/data-protection/why-encryptright/
About Entrust Corporation
Entrust keeps the world moving safely by enabling trusted identities, payments and data protection. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, accessing e-government services or logging into corporate networks. Entrust offers an unmatched breadth of digital security and credential issuance solutions at the very heart of all these interactions. With more than 2,500 colleagues, a network of global partners, and customers in over 150 countries, it’s no wonder the world’s most entrusted organizations trust us. For more information, visit www.entrust.com.
About Prime Factors
Prime Factors is a global leader in applied data protection software, helping to secure an open and collaborative digital world. Data has never been more plentiful or more valuable, and the protection of sensitive data has never been more complex. With a focus on application-level data protection, software solutions from Prime Factors help to simplify the complexities associated with protecting sensitive information where it is most at risk. For 40 years, Prime Factors has served more than 1,000 customers across six continents in a variety of industries, including 80% of the top financial institutions in North America, with cryptographic software solutions for payments, information exchange, and general data protection. www.primefactors.com Follow us on LinkedIn or Twitter.