Today, most enterprises have successfully arrived in the digital world. They have realised digitisation’s great potential, understanding that they can only benefit from it if they embrace the coming changes. Naturally, digitisation’s transformative powers also confronted enterprises with challenges that needed to be mastered. And mastered they were – now, enterprises produce digital data of all kinds and formats in vast volume, routinely transferring it across their own firewalls.
They make full use of all the technical options available, reaching from FTP and MFT, PGP and S/MIME solutions to flash drives and cloud services. Enterprises have made great strides in their digitisation processes; and given the magnitude of changes for their business processes, they can be rightfully proud of what they have achieved.
Enterprises and the value of their data (and its protection)
In the digital age, securing data is crucial for any enterprise. Data is widely considered to be the most valuable resource in today’s world, and it is treated as such by good as well as bad actors. Protection of intellectual property and proprietary information are key challenges enterprises face on a daily basis. Securing data is paramount because they have to successfully combat industrial espionage and professionally operating corporate hackers.
Another (no less important) factor is that data integrity and good data protection are fundamentally requirements to maintain auditability and prevent unintentional data leaks. Enterprises are aware of this and have realised the necessity of strengthening IT security and rethinking their approach to protecting their data. They have put huge efforts toward measures to counter the IT threats they have to guard against: firewalls have been set up, antivirus software has been used and updated, and internal data protection guidelines have been established, often more than 30 different solutions in an enterprise. However, despite all the progress made in recent years, there is still an area where enterprises are very vulnerable – and where they face an urgent need to take action.
What weaknesses are targeted?
Data in transit is at a particularly high risk of being targeted by bad actors. It is no longer locally stored and protected on a computer but “on the move” and therefore potentially more vulnerable to fall victim to cybercriminals. Encryption of data can be a potent countermeasure and has increasingly shifted into enterprises’ focus. By making data legible only to individuals who have the necessary keys for encryption and decryption, it can serve as an effective tool to protect sensitive information and keep it confidential while in transfer from sender to recipient. Passwords are an integral part of this countermeasure, as they safeguard encryption for sender and recipient and therefore protect data in transit. However, despite enterprises’ best efforts, there is a great risk in passwords and password management for their data security.
The root cause lies in the fact that establishing and maintaining password security always involves an extra manual effort. Passwords have to be created and then shared between communication partners – for every transfer. As a result, convenience for the users often prevails over security of the transferred data: Once an initial password has been established, in ongoing exchanges it is often kept for all future communication.
Therefore, enterprises seem to always have had the problem that even good security measures fall short of their intended purposes because they lack ease of use. Consequently, they are not accepted by the users and not applied to their daily work.
So how can passwords be protected and data security maintained?
QUICK revolutionises the exchange of information by combining security for data in transfer and convenience for users. All extra manual effort for users is eliminated. After an initial secret is shared between communication partners, QUICK uses only one key to generate passwords for the encryption and decryption of data on the sender and recipient side. Once this secure connection has been established, users no longer need to remember or use passwords in the future. Users can activate QUICK without having a deep technical understanding, they do not need to meet special IT requirements or ask for help from their administrator to set it up. All they need is a few seconds, and they are good to go.