Nothing is ever ‘free’

Last week I attended SC Congress in New York and did a presentation talking about the results of our study with the Ponemon Institute and the cost of data encryption solutions.

It was a good event, well attended and there was great turnout at the session I presented at. What really resonated though was the nodding heads when walking through the information. Engaging the audience is always important when presenting, but getting agreement on key findings and data in general, is always refreshing if not comforting. It helps validate what we did, why we did it and why we think it’s important.

I think it’s extremely important today to dispel the myth that ‘free’ OS-bundled encryption is a sufficient solution for customers. The vast majority of the time, it’s not. I don’t think I’m alone in the belief that nothing in life is ever ‘free’ and if it is you’re getting what you pay for.

What was revealed in the Ponemon study was that when looking at the overall costs associated with data encryption and security solutions, the actual cost of a software license is a small, small factor in the overall scheme of things. In actual fact, the majority of costs associated with data encryption solutions come from time spent managing them by IT administrators and downtime experienced by users.

The fact is, while OS-bundled encryption is ‘free’ it’s no less complex than a traditional data encryption solution, but in many respects is less robust and poses more headaches than gains. These solutions tend to be very rigid offering little flexibility, specific to one OS  and while claiming to be easy to use, are actually quite complex, especially from an administration standpoint.

OS-bundled encryption is great, if you need ‘good enough’ security. If you need something that is one-dimensional and doesn’t offer the flexibility most organizations require for a multi-platform environment, then it’s ideal.

We are regularly compared against these types of solutions and it’s always a challenging argument. In a world where the bottom line is king and overhead costs are trying to be reduced, the perception that you’re getting your data security for free is too compelling to pass up. It’s not until after it’s implemented that most organizations find it’s not the ideal solution and the cost of administering this ‘free’ solution is more than they could have possibly anticipated.

Previous Post
Rethinking Data Security for the Public Cloud
Next Post
WinMagic Launches New Website – Faster, Better, Easier to Navigate

Related Posts

Come one, come all

Last week we announced the results of the Ponemon Institute study we commissioned and had co-sponsored by leading industry SED partners. We wanted to take this opportunity to remind readers that next week we’ll be reviewing the data via a…
Read more

Assessing Security & Risk

This week I’ve been in National Harbor, MD attending the Gartner Security & Risk Management Summit. As a newcomer to this event, it’s been a whirlwind few days delivering excellent content and insights into key market trends and customer needs.…
Read more

Encryption only works if you use it

Once again there’s been a device theft that has left the personal health info (PHI) of 11,000 patients out in the open because the device was unencrypted. But when you look deeper into the problem, the organization did actually have…

Ruggedly Secure

The need for data encryption and security is prevalent everywhere, especially for those in the field services or other vertical markets. (more…)

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Contact Us

This will close in 0 seconds