2017: The Year Encryption Goes Wild

2017: The Year Encryption Goes Wild

  • By Mike McCamon
  • Jan 11, 2017

Wow, another year goes by with even more monumental data breaches. Believe what you want about the election, the DNC hacks, the latest Yahoo breach revelation and the numerous other data thefts put even more business decision-makers in fear for their own company’s technology security. Leadership’s historical response to breaches has continued to be higher walls and wider moats. Maybe it’s time for a different (and maybe more affordably efficient) approach.

My prediction is 2017 will be the year Encryption Goes Wild – as in wider use by more enterprises, more users, and in more applications.  There have been some nice inroads over the past few years at better encryption for personal chat, but the record for these exact tools’ migration and deployment into the enterprise is abysmal. The scope of enterprise chat, messaging, and file sharing has completely different requirements from how you message your buddy or spouse with dinner plans.

The reasons encryption goes wild in 2017 are (1) enterprise user security fatigue means they regularly and repeatedly take unadvised technology risks in the spirit of “I need to get my job done,” (2) leadership team anxiety continues to grow from swelling, yet suspect effective, security budgets, (3) the growing realization by most IT professionals that the game has changed from “if we get hacked” to “when we got/get hacked,” and (4) encryption is the most affordable way to secure information both outside and inside the firewall.

Encryption technology has historically been something that only the most technical software engineers and developers discussed, but more and more it comes up in daily conversation and has become a front-and-center business opportunity. In 2017, encryption will go wild.

Encrypt everything

These days, most everyone in the enterprise deals with encryption at some level. Whether by ensuring they have a secure connection to an email server or that https is included in a website address, a majority of people wouldn’t argue against the fact that security is important. But while these practices are all good, they don’t address the wider issue.

Even though a hosted connection or a server might be secure, the company data hosted on the server is now at the mercy of the service provider. Similarly, when companies use a cloud-hosted group chat tool, that provider’s servers can collect, store and even analyze company data to learn about their customers. Even on-premise servers present a risk because insider threats are a legitimate possibility. In fact, the Ashley Madison hack and the NSA breach were both insider jobs.

In order to better protect from both internal and external threats, companies are realizing that end-to-end encryption is no longer just a nice-to-have; it’s a necessary safeguard against an almost inevitable breach. More and more services are offering end-to-end encryption, and we’re going to see this grow exponentially in the coming years.

Email for Internal Discussions is Showing its Age

Anyone familiar with the security industry knows that the history of end-to-end encrypted email is not pretty. No one has been able to successfully deploy any usable, fully encrypted email service, yet it’s the tool that businesses use most to communicate and collaborate on important documents. For many CIOs, this translates to more spending on firewalls and other external safeguards to reduce the risk of a breach. With rising awareness of the importance of encryption, however, companies are moving to alternative types of communication and file-sharing tools to protect their businesses.

Enterprise-deployable, end-to-end encrypted software that can be properly scaled is few and far between, but in 2017, we’ll continue to see more technology companies announcing secure software for the enterprise to address this need. Secure collaboration software, storage servers and chat tools are already gaining strong user bases. While email won’t ever be fully replaced any time soon, its position as the primary means of sharing internal company data is being recognized for how unsecure it is, and email usage is already declining.

Being a black hat becomes harder to hack

So a company has now ensured nearly all employee activity is done on fully encrypted applications, eliminated employee use of unsanctioned tools and reduced unnecessary spending on firewalls. Even in a scenario in which CIOs have rolled out every secure, deployable, verifiable encryption tool, a determined hacker can still find a weakness to exploit.

However, once they are able to infiltrate the system, they’ll find all services use end-to-end encryption, and that the only avenue for them is to try to breach a user’s end point. With this model, the only way a hacker can achieve a large-scale breach is to compromise nearly every single end point in the organization.

As a hacker, this raises some questions: How do I get into a network, have no one realize and compromise every device with no one noticing? This is even more difficult and time-consuming at scale, and there are no longer quick wins of getting all the information a company has to offer. As more enterprises roll out fully end-to-end encrypted systems in the coming year, hackers will have a hard time accessing the information they want.

Tear down that wall

End-to-end encrypted email was proven to be completely unusable, and we as an industry have abandoned efforts to deploy it successfully. With that failure has come the realization that bulletproof, future-resistant encryption is not only achievable, its already in use today. We’ve proven we don’t need two-step verification or USB dongles to create an experience that’s both user-friendly and secure, and we’ve shown there are ways to avoid using unencrypted services like email—such as encrypted chat—and still succeed at our jobs.

Rather than focusing on “building a wall” to secure their companies, CIOs that want to reduce risk should focus on using apps and tools that offer to fully encrypt corporate data – without storing keys – so that there are fewer security weaknesses to safeguard against in the first place.

Featured

  • Security Today Announces 2025 CyberSecured Award Winners

    Security Today is pleased to announce the 2025 CyberSecured Awards winners. Sixteen companies are being recognized this year for their network products and other cybersecurity initiatives that secure our world today. Read Now

  • Empowering and Securing a Mobile Workforce

    What happens when technology lets you work anywhere – but exposes you to security threats everywhere? This is the reality of modern work. No longer tethered to desks, work happens everywhere – in the office, from home, on the road, and in countless locations in between. Read Now

  • TSA Introduces New $45 Fee Option for Travelers Without REAL ID Starting February 1

    The Transportation Security Administration (TSA) announced today that it will refer all passengers who do not present an acceptable form of ID and still want to fly an option to pay a $45 fee to use a modernized alternative identity verification system, TSA Confirm.ID, to establish identity at security checkpoints beginning on February 1, 2026. Read Now

  • The Evolution of IP Camera Intelligence

    As the 30th anniversary of the IP camera approaches in 2026, it is worth reflecting on how far we have come. The first network camera, launched in 1996, delivered one frame every 17 seconds—not impressive by today’s standards, but groundbreaking at the time. It did something that no analog system could: transmit video over a standard IP network. Read Now

  • From Surveillance to Intelligence

    Years ago, it would have been significantly more expensive to run an analytic like that — requiring a custom-built solution with burdensome infrastructure demands — but modern edge devices have made it accessible to everyone. It also saves time, which is a critical factor if a missing child is involved. Video compression technology has played a critical role as well. Over the years, significant advancements have been made in video coding standards — including H.263, MPEG formats, and H.264—alongside compression optimization technologies developed by IP video manufacturers to improve efficiency without sacrificing quality. The open-source AV1 codec developed by the Alliance for Open Media—a consortium including Google, Netflix, Microsoft, Amazon and others — is already the preferred decoder for cloud-based applications, and is quickly becoming the standard for video compression of all types. Read Now

Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”