Why Encryption Is Key for Today's Applications: Monique Hart, VMware SSA

The Fast Mode spoke to Monique Hart, Lead Solutions Engineer at VMware SSA on new encryption technologies and their impact on today's networks. Monique joins us in a series of discussions with leading vendors in the traffic management, service assurance, traffic monitoring, analytics, policy control and network security space, assessing various attributes of encryption, its benefits as well as the challenges it poses, specifically loss of visibility that makes networking increasingly complex.

Tara: What are the benefits of encryption?

Monique: In any business, maintaining compliance and preventing cyberattacks are essential to protecting your company's reputation and sensitive information. This is where the golden encryption thread comes into play as a security tool.

It is important to understand what encryption is, and when we talk about encryption in cryptography terms (the art of writing or solving codes), encryption is the process of encoding information. This process converts the original presentation of the information, known as plaintext, into an alternative form known as ciphertext.

There are two main forms of encryption: Symmetric encryption encrypts and decrypts data with a single password, and Asymmetric encryption uses two encryption keys, a public key that multiple users have access to that encrypts the data, while a private key that only some users have access to decrypts the data. 

When no encryption is present, sensitive data is left vulnerable to attacks. An example would be to save sensitive data such as credit card details or passwords as plaintext on a server, anyone who can gain physical access to that server can plainly read the data and use it to their advantage.

Strong encryption is important in various areas of a business, including:

1. Virtual disk files – Ensures that files remain safe and secure while in storage or transit.
2. Encryption for data security – Encryption helps prevent unauthorized access to sensitive data.
3. Email Encryption – Makes sure your sensitive email messages stay private.
4. End-End to encryption – This ensures that only the sender and receiver have access to the data.
5. Network-level encryption – The process of encrypting messages transmitted over the network.
6. Protecting and encrypting multiple devices – With the changing nature of the modern workplace and the wide range of locations where we can work, data encryption has become more critical than ever in protecting sensitive data spread across multiple devices to protect sensitive company information.
7. Application-level encryption – Encrypting data within the application in various states, protecting data against possible threats.

From a VMware perspective, our encryption solutions benefit technology providers by delivering solutions on time and securely, protecting their workloads, and migrating them. With vSphere Virtual Machine Encryption, you can encrypt existing virtual machines or create encrypted ones. The virtual machine is protected because all files containing sensitive information are encrypted. Only administrators with encryption privileges can perform encryption and decryption tasks.

Tara: How important is encryption for today’s applications?

Monique: Applications are the heartbeat of many organisations, and as application demand grows, the need to secure them grows even more. Organisations cannot afford to have an application go down or be affected by a cyber-attack.

The data in these applications is highly sensitive to the business and critical to keep safe and secure whether the data is in different states- at rest, in use, or in transit. The data can be vulnerable to a broad range of threats, so securing the applications and the data that resides within them is critical.

As most data is created at the application layer, it is vital to apply application-level encryption to secure the data before it leaves the application, as this sets organisations up for success in improving security.

Why this shift?

Security is a multilayered process, and encryption is one of those layers, but it is not the only one. As the threat landscape changes, we must constantly be on our toes and apply necessary security postures to prevent data leaks. We do so by utilising encryption as one of the levels/layers of protection.

Application-layer encryption has a number of benefits for the security and performance of an application, and with the right planning and consideration, it can be implemented. Using application-layer encryption enables stronger data protection and protects your organisation against a wide range of threats. These include the following:

1. Preventing account misuse - With application-layer encryption, data is only accessible through the suitable application, which helps to enforce stronger access controls and more closely monitor data use.
2. Data-aware encryption - With application-layer encryption, the application that owns the data is the one that encrypts it, which allows better protection for sensitive data, users, and groups, enabling better protection for sensitive data.
3. Regulatory compliance - Data protection regulations are becoming more important, with application-layer encryption, it is easier to maintain and demonstrate regulatory compliance as it reduces the ways in which an attacker could gain access to the protected information residing on the applications.
4. Key management - With application-layer encryption, there is better control for the application of its key management.

This interview is a part of The Fast Mode's Real-time Visibility for Encrypted Traffic segment, featuring 34 leading IP networking solution providers and their views on the impact of encryption on traffic visibility. A research report on this topic will be published in February 2023 - for more information, visit here.