Network Systems DesignLine | Protect critical customer data in under 15 minutes

Get the latest news, products and how-to information on network systems. Sign up for the Network Systems DesignLine newsletter, a weekly e-mail guide dedicated to the needs of engineers developing networking equipment and components. Here is our RSS feed.








 
 HOW-TO

Protect critical customer data in under 15 minutes

It's time for a better approach to encryption. What if you overlay security onto the network, in a cost effective architecture? With the strategic placement of transparent encryption endpoints throughout the network that security overlay is possible. Here's how.
By Rod Starrett, CipherOptics Print This Story Send As Email Discuss This Story Reprints

Page 1 of 2

Network Systems Designline
(08/18/2006 2:11 AM EDT)

Rate this article
WORSE | BETTER
1 2 3 4 5
It's 10 o'clock. Do you know where your data is? If you think for just a moment, you'll realize that it could be anywhere in the world and you have no idea if it is protected or vulnerable. Your personal information is somewhere at your bank, sent over the Internet when you buy a book or CD online, and stored at your health insurance company, not to mention state, local and federal government agencies. Whether it's the potential of embarrassment or financial ruination, shouldn't your private information remain secret? A slew of government regulations imply that it should. Yet, security breaches keep coming. ChoicePoint, a name made famous by a huge breach in early 2005, has become a rallying point for organizations to re-examine their approach to data security.

A simple Google search verifies that there is a growing market for stolen personal information, and how easy it is to buy and sell personal information. Credit card numbers, bank accounts, and other information can fetch between $50 and $100 per number. A tapped network link where transactions are processed can lead to the theft of tens or hundreds of thousands of personal records that contain such information and lead to a ten million dollar profit to the thief. The ChoicePoint haul could be worth up to $4 billion in the black market. And with such information as Social Security numbers, bank account and credit card numbers and corporate intellectual property all being targeted for theft, it's time for organizations that house and use confidential data to get serious about protecting it.

As your customers trust their most important information to you, protecting networks with firewalls, intrusion detection and ID management are essential first steps but protecting the data itself is the true goal. There are new threats surfacing every day that bypass these traditional security solutions. Because most network data is dynamic, it can be moving around the network at any given time. How do you approach securing that dynamic data? According to best practices espoused by top security experts, encrypting the data in motion over the network is key to protecting it. Once encrypted, when an unauthorized person is able to access it, customer records would be useless to them and your business would be protected. As organizations integrate encryption into their best practices to protect data and comply with regulations, they often encounter highly complex, time-intensive and expensive solutions that, while protecting data, degrade network and application performance. Perhaps it's time to take a better approach to encryption as a means of data protection.

Is protecting data really that difficult?
You know you need to secure data. But you have heard all the stories about how difficult the job of securing data on your networks really is. Router upgrades with new software and new hardware, encryption accelerator add-ons so the router CPUs do not roll over, complicated ACL rules the list just goes on.

Do you really want to "touch" your network? You have invested potentially millions of dollars in it. You have staff to manage and operate, troubleshoot, and fine tune network infrastructure. Do you really want to upgrade your network, which is the foundation of your business, to support data protection? The upgrade can take months and cost millions more. In some cases an entire network upgrade is necessary. You really need a data protection solution that can overlay your existing network and not impact its design or architecture. Maybe it's time to look outside the router for a data protection solution.


What if you could overlay security onto the network, in a cost effective architecture? With the strategic placement of transparent encryption endpoints throughout the network that security overlay is possible.

Case Study

Personal Information Protection for Customers of an International Bank

A bank with multiple data centers elected to use a third party MPLS provider for data center-to-data center connectivity. The benefits were financially motivated--they save on telecommunications expenses by switching to MPLS. But they were concerned about what happens to their customers' financial data if the MPLS provider misconfigures a switch. The chain of trust on the customer data would be broken. They had no way of assuring that there was no customer data leakage between the two data centers.

Their solution was to add authentication and encryption to the bank's existing router/switch infrastructure. The required architecture was quickly self-evident. Two high-speed encryption appliances created a secure tunnel over the MPLS infrastructure, preventing any unintended data leakage. No router infrastructure upgrades were required, no complicated project plan needed. The link is secure.

Benefits

  • Cost savings--enabled toll-bypass of telecommunications company by using MPLS
  • Customer information protection--data leakage prevented in case of a misconfigured switch
  • Investment proof--no infrastructure upgrades required




Page 2: next page Print This Story Send As Email Discuss This Story Reprints

Page 1 | 2


 
eSearch  

 Top 5 Most Read
 How-To Stories
1. 2. 3. 4. 5.

 Top 5 Most Read
 News Stories
1. 2.

  • Introduction to Optical Transmission Systems

    		•
  • Optimizing Embedded Systems for Broadband 10 Gigabit Ethernet Connectivity

    		•
  • Interfacing a DS3231 with an 8051-Type Microcontroller

    		•
    The entire library >>  

    		 
     Top 5 Most Read
     Product Stories
    1. 2. 3.

     Sponsor

    EE Times TechCareers
    Search Jobs

    Enter Keyword(s):


    Function:


    State:
      

    Post Your Resume
    -----------------
    Employers Area
    Most Recent Posts
    GE Corporation seeking Lead Systems Analyst in Van Buren Township, MI

    Osram Sylvania seeking Sr Applications Engineer in Danvers, MA

    Accolo, Inc. seeking User Experience Engineer in Reston, VA

    Johnson Controls, Inc seeking Project Development Engineer in Pittsburg, PA

    WhiteHat Security seeking User Interface Engineer in Santa Clara, CA

    More career-related news, resources and job postings for technology professionals


     Tech Library
    ¤ Looking for the appropriate Industry Association? This comprehensive, up-to-date list will take you to the right Web site for the help you need.

    ¤ Got a question about a standard? Here are direct links to resources detailing the industry's most important communications standards.

    ¤ Freshen up on technology, new and old, with these links to interesting and informative tutorials.

    More from TechLibrary
    Welcome to our DesignLine network of web communities. On these sites, we provide practical how-to technical information for engineers and engineering managers involved in Automotive,audio, DSP, DTV, EDA, Industrial Control, Mobile Handset, Power Management, Programmable Logic,RF,Video, and Wireless networking design. Check out the sites and let us know your thoughts.
    		 



    HOME  |  ABOUT  |  FEEDBACK  |  CONTACT
    Career Center | CommsDesign.com | Embedded.com | EE Times | TechOnline
    Planet Analog | DeepChip | eeProductCenter | Electronic Supply & Manufacturing | Webinars


    All material on this site Copyright © 2006 CMP Media LLC. All rights reserved
    Privacy Statement | Your California Privacy Rights | Terms of Service