Executive Decision: What to EncryptImproper Encryption Use Slows Down Organizational Processes
Not all information should be encrypted, Fedde says; indeed, encrypting the wrong data could hamper organizational performance. "If you encrypt things that don't need to be encrypted, you run into a lot of issues: It's harder to share information; it can slow down your processes," he says.
In an interview with GovInfoSecurity.com's Eric Chabrow, Fedde discusses:
- How encryption has evolved and is being used differently today than a few years ago. Earlier, encryption mostly was used to protect data in transit; now, it's widely used to safeguard data at rest.
- Why, despite the recent rash of publicity surrounding website hacks, many organizations don't know they've been breached. "People don't recognize the threat is real, and the target could very well be them," he says. "They don't have an appreciation for how imminent, how insidious. how right in their own back yard this problem could be."
- How encryption can keep the most sensitive data securely stored on a public cloud, including classified military secret. Data, if encrypted, isn't vulnerable at rest, but only when someone does something with the information. "If you're gong to make a blanket statement about the government using clouds with classified information, the answer is no because you really don't want to run applications in the cloud," he says. "There are other layers and other complexities to protecting information when you're running applications, so doing those in the cloud, at least with technologies today, would not be appropriate for classified information."
Fedde became SafeNet president in 2006 and chief executive officer this past May. He rose through the ranks, serving as director of corporate product management and business development, general manger of the enterprise security division and chief operating officer. He holds a bachelor of science degree in electrical engineering from the University of Iowa.