Even though it makes lots of sense, implementing encryption in the enterprise has its drawbacks, ranging from performance degradation, a false sense of security to complexity and cost. These potential obstacles in turn, make many businesses balk. They find themselves faced with a serious and complex dilemma. If encryption is used, costs increase, performance suffers, and the network is saddled with numerous complexities, making it very difficult to manage. If encryption is not used, costs are lower; however, the network is extremely vulnerable.
One advantage to encryption is that it separates the security of data from the security of the device where the data resides or the medium through which data is transmitted. When data itself is encrypted, it allows administrators to use unsecured means to store and transport data, since security is encompassed in the encryption. Other key advantages to implementing encryption include the elimination of the pain that co- mes with data breach disclosures, the provision of strong protection for intellectual property, and the fulfillment of myriad regulatory compliance requirements. Nevertheless, just a cursory look at the intricacies behind encryption algorithms and keys is all that is needed to rapidly understand that this is about as close to rocket science.
Take encryption keys. One of the main drawbacks of encryption is the fact that management of encryption keys must be an added administrative task for often overburdened IT staff. In fact, the security of data becomes the security of the encryption key. “Lose that key, and you effectively lose your data”