Nothing is ever ‘free’

Last week I attended SC Congress in New York and did a presentation talking about the results of our study with the Ponemon Institute and the cost of data encryption solutions.

It was a good event, well attended and there was great turnout at the session I presented at. What really resonated though was the nodding heads when walking through the information. Engaging the audience is always important when presenting, but getting agreement on key findings and data in general, is always refreshing if not comforting. It helps validate what we did, why we did it and why we think it’s important.

I think it’s extremely important today to dispel the myth that ‘free’ OS-bundled encryption is a sufficient solution for customers. The vast majority of the time, it’s not. I don’t think I’m alone in the belief that nothing in life is ever ‘free’ and if it is you’re getting what you pay for.

What was revealed in the Ponemon study was that when looking at the overall costs associated with data encryption and security solutions, the actual cost of a software license is a small, small factor in the overall scheme of things. In actual fact, the majority of costs associated with data encryption solutions come from time spent managing them by IT administrators and downtime experienced by users.

The fact is, while OS-bundled encryption is ‘free’ it’s no less complex than a traditional data encryption solution, but in many respects is less robust and poses more headaches than gains. These solutions tend to be very rigid offering little flexibility, specific to one OS  and while claiming to be easy to use, are actually quite complex, especially from an administration standpoint.

OS-bundled encryption is great, if you need ‘good enough’ security. If you need something that is one-dimensional and doesn’t offer the flexibility most organizations require for a multi-platform environment, then it’s ideal.

We are regularly compared against these types of solutions and it’s always a challenging argument. In a world where the bottom line is king and overhead costs are trying to be reduced, the perception that you’re getting your data security for free is too compelling to pass up. It’s not until after it’s implemented that most organizations find it’s not the ideal solution and the cost of administering this ‘free’ solution is more than they could have possibly anticipated.

Previous Post
Rethinking Data Security for the Public Cloud
Next Post
WinMagic Launches New Website – Faster, Better, Easier to Navigate

Related Posts

It’s not as hard as you might think

I was reading an article from ITWorld this week that touched on the recent data breach at the South Carolina Department of Revenue. While I find this type of thing fascinating, I also find it scary when someone says something…

SC eConference Data Security

WinMagic will be exhibiting at the SC World Congress (SCWC) eConference on Data Security on Tuesday, September 24, 2013! SCWC hosts virtual conferences each month focusing on challenges that IT security professionals encounter frequently in their roles. SC Magazine is…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.