Encryption technologies, once relegated to military and government installations, are evolving and becoming more common as data security becomes increasingly important to IT professionals. One of the neatest developments is a technology developed by Xerox that allows users to encrypt certain portions of a document in order to control access. The new system allows people to see only the parts of a document that pertain to their jobs, and the encryption and redaction is based on the user who is accessing the document. The best part of this technology is that the user who generates the document will have the ability to designate the levels of encryption and redaction without having to involve IT, a boon to people who need to control documents to which even IT should not have access.
Xerox developing new document encryption technology (Information Security Magazine)
Seagate has also announced a full disk encryption system (FDE) that will keep all data on a server in the data center encrypted, even while that data is "at rest," allowing companies with confidential data to dispose their old drives without needing to do expensive and/or time consuming work to ensure that the data is completely wiped from the drive. FDE is already in use at some places, particularly in laptops, and is set to expand pretty dramatically as the TSA has recently announced that it is requiring contractors to encrypt laptop hard drives in response to the loss of two laptops containing data about truck drivers certified to carry hazardous materials. The options available to people who want to encrypt their data are laid out pretty succinctly in a recent SC Magazine article.
Seagate Expands Full Disk Encryption To Data Center Hard Drives (Information Week)TSA Demands Encryption Following Dual Laptop Loss (eWeek)
I have not dealt a lot with encryption technologies lately, because the last time I worked for a large corporation was back in 1997, and it only had three desktops in a DMZ in the data center attached to the Internet. Since then, though I technically work for the government (community college), I have been in relatively low security environments that only require encryption for backups that are shipped offsite. However, I can see a day in the near future where even this environment will require encryption, albeit on a limited basis.
Have you seen more encryption technologies as the focus on secure computing has sharpened? Do you see a need in your environment for some of the newer encryption technologies? Is your shop required by the government to encrypt? What have your experiences been with encryption?