2014: The year of encryption

Padlock in the middle of digital circuit board Companies are under pressure in the current environment to make sure their encryption is up to scratch

"The solution to government surveillance is to encrypt everything."

So said Eric Schmidt, Google's chairman, in response to revelations about the activities of the US National Security Agency (NSA) made by whistle-blower Edward Snowden.

 Technology of Business

Schmidt's advice appears to have been heeded by companies that provide internet-based services.

Microsoft, for instance, says it will have "best-in-class industry cryptography" in place for services including Outlook.com, Office 365 and SkyDrive by the end of the year, while Yahoo has announced plans to encrypt all of its customers' data, including emails, by the end of the first quarter of 2014.

For many smaller businesses too, 2014 is likely to be the year of encryption. That's certainly the view of Dave Frymier, chief information security officer at Unisys, a Pennsylvania-based IT company.

But he believes the driving force for this will be different: not government surveillance programmes, but the threat of attacks from hackers.

Diamonds and paperclips

Rather than encrypting everything, Mr Frymier advocates that companies identify what he believes is the 5%-15% of their data that is really confidential, and use encryption to protect just that.

He says employees should then be barred from accessing this data using standard desktop and laptop machines or their own smartphones or tablets, which can easily be infected with malware. Access would be restricted to employees using secure "hardened" computers.

Dave Frymier Dave Frymier from Unisys says the threat posed by hackers will drive firms to invest in encryption

"When you look at the increasing sophistication of malware, it becomes apparent that you need to establish highly protected enclaves of data. The only way to achieve that is through modern encryption, properly implemented," says Mr Frymier.

"You can split your data into diamonds and paperclips, and the important thing is to encrypt the diamonds, and not to sweat the paperclips."

Prakash Panjwani, a general manager at Maryland-based data protection company Safenet, also believes that the large number of high-profile data breaches in 2013 - including hacker attacks on US retailer Target, software maker Adobe, and photo messaging service Snapchat - means that 2014 will inevitably be a bumper one for encryption vendors.

"Snowden has focused attention on surveillance issues, but the real threat is organised crime and the number of data breaches that are occurring," he says.

"Companies are going to come under extreme pressure from boards, customers and regulators in 2014 to take action so that if there is a data breach they can say, 'We didn't lose any data because it was encrypted.'"

Keeping the regulator happy

A large number of companies already use encryption to protect the data they store on their own systems "at rest", as well as data "in flight" as it is sent over networks to customers, other data centres, or for processing or storage in the cloud.

Hacking for password Using a longer encryption key will make it harder for hackers to access your data

But Ramon Krikken, an analyst at Gartner, believes that the way encryption is used by many of these companies is likely to change in 2014.

"Companies are certainly going to have to take encryption more seriously thanks to the Snowden revelations," he says.

"At the moment many companies are using encryption for compliance reasons, not for security. They are not using it to protect their data, but because it is the easiest way to comply with regulations: encryption is the auditor's and the regulator's favourite check box item."

'Back doors'

Start Quote

You have to decide who you trust, and find out where the vendor gets all the parts of its product from”

End Quote Ramon Krikken Gartner analyst

One question that companies will need to consider is which encryption algorithm or cipher to use to best encrypt their data. It's an important question as some older ciphers can now be "cracked" relatively quickly using the computing power in a standard desktop PC.

And there is a question mark over whether the NSA may have deliberately used its influence to weaken some encryption systems - or even to introduce "back doors" that provide easy access to encrypted data to anyone who knows of their existence.

"The problem is that even if you can inspect the source code, it is certainly not a given that you would be able to spot a back door," Mr Krikken says.

Edward Snowden US whistle-blower Edward Snowden's revelations have made companies take encryption more seriously

He believes it is more important to establish where all the parts of an encryption solution come from.

Start Quote

No-one ever got fired for having encryption that was too strong”

End Quote Robert Former Neohapsis

"If you procure software or hardware from overseas, from a country with a government which does not have your best interests at heart, you need to remember that it may not be as secure as you think," Mr Krikken says.

"So you have to decide who you trust, and find out where the vendor gets all the parts of its product from."

Don't be cheap

Another thing companies need to consider when they implement encryption is how strong the encryption should be. Using a longer encryption key makes it harder for hackers or governments to crack the encryption, but it also requires more computing power.

But Robert Former, senior security consultant for Neohapsis, an Illinois-based security services company, says many companies are overestimating the computational complexity of encryption.

"If you have an Apple Mac, your processor spends far more time making OS X looks pretty than it does doing crypto work."

He therefore recommends using encryption keys that are two or even four times longer than the ones many companies are currently using.

"I say use the strongest cryptography that your hardware and software can support. I guarantee you that the cost of using your available processing power is less than the cost of losing your data because you were too cheap to make the crypto strong enough," he says.

"No-one ever got fired for having encryption that was too strong."

More on This Story

The BBC is not responsible for the content of external Internet sites

More Business stories

RSS

Business Live

  1.  
    09:02: Cyprus denied bailout cash

    The Cypriot parliament says it wants more time to draft a new law to protect people from losing their homes as a result of last year's banking crisis. The IMF says it will discuss the next steps with Cypriot authorities. The European Union had released a €350m instalment before the vote, bringing the amount of bailout cash given to Cyprus so far to €5.7bn.

     
  2.  
    Via Twitter Douglas Fraser Business and economy editor, Scotland

    "Big contract win for Schlumberger, providing drilling + well services for Statoil, in big new Mariner heavy oilfield, east of Shetland"

     
  3.  
    08:45: Cyprus denied bailout cash
    A  man walk outside a branch of Bank of Cyprus in Nicosia

    Remember last year's bank crisis in Cyprus? Well, the island nation may be in trouble again. The International Monetary Fund (IMF) is refusing to give Cyprus an €86m tranche of rescue money after the Cypriot parliament voted to suspend an insolvency law - due to take effect at the end of the month - that would have made it easier for banks to start to collect on bad loans.

     
  4.  
    08:40: North sea oil outlook BBC Breakfast
    Dominic Laurie, BBC Breakfast

    Around 375,000 people work in the UK oil industry and half of those are in north east Scotland says a cold looking Dominic Laurie from Aberdeen docks on BBC Breakfast. He speaks to the chief executive of Wood Group Bob Keiller. He says the industry has been through this kind of challenge before when the oil price collapsed in 1986 and 1998. He says the oil industry came out stronger.

     
  5.  
    08:25: North Sea oil outlook Radio 5 live

    More from Sir Ian Wood. He thinks that oil prices will be around $60 to $65 a barrel over the next 18 months and then will recover. That could prompt job losses of up to 10% in the UK oil industry, although he thinks it is more likely to be 5%. He says that investment plans are made 2-3 years in advance, so the impact is not immediate.

     
  6.  
    08:18: North Sea oil outlook Radio 5 live

    "Well over the top and far too dramatic," is how Sir Ian Wood describes a warning that the North Sea oil exploration business is close to collapse. Sir Ian is the Scottish billionaire who was commissioned by the government to carry out a review of the UK's oil industry.

     
  7.  
    08:09: Newspaper review
    Business pages

    The bid by IAG for Aer Lingus dominates today's business pages. Times Chief Business Commentator, Alistair Osborne says IAG's timing is not great as Aer Lingus shares are up 54% over the past year. Away from that, in the Financial Times Gillian Tett warns about the amount of dollar-denominated debt held offshore by companies from emerging markets. Graham Ruddick of the Telegraph warns that next year could be even worse than this year for the big supermarkets chains.

     
  8.  
    07:59: North Sea oil outlook BBC Radio 4

    Ian Theophilus an oil and gas consultant tells Today he expects a number of North Sea oil projects - planned with a higher oil price in mind - may be reduced or cut altogether. He says he is very worried about the prospect for North Sea oil in 2015. He says he and colleagues "remember the late 1980s and 1990s" when the oil price was between $9 and $11 per barrel and "everything was stuck". "The chances are that could happen again," he adds.

     
  9.  
    07:51: Keeping the lights on

    Reacting to the completion of the energy auction Energy Secretary Ed Davey, said: "This is fantastic news for bill-payers and businesses. We are guaranteeing security at the lowest cost for consumers. We've done this by ensuring that we get the best out of our existing power stations and unlocking new investment in flexible plant."

     
  10.  
    07:41: Keeping the lights on

    Companies will be paid £19.40 per kilowatt by the government to provide backup power following an auction process that has been going on all week. The new scheme is designed to ensure the nation has a sufficient energy buffer to cope with peak demand - usually over the winter.

     
  11.  
    07:32: Premier League TV review
    Premier League logo on a football

    Ofcom has launched a consultation on its view that the current division of Premier League and Champions League football between Sky and BT harms competition between pay TV retailers. Back in 2010 Ofcom ordered Sky to offer its sports channels to rivals at a price set by the regulator. It is now reviewing whether that has helped competition and "remains appropriate". There will be a second phase of the review in 2015.

     
  12.  
    07:20: North Sea oil outlook Radio 5 live
    North Sea oil platform

    It's extremely difficult to tell if the North Sea oil business is heading into the same kind of crisis that it saw in 1986, says Aberdeen businessman Charles Skene on Radio 5 live. Kenny Anderson the boss of an Aberdeen construction firm remembers the "strife" caused in 1986 when oil fell to $36 per barrel. But predicting oil prices is an "impossible game" he points out.

     
  13.  
    07:10: Samsung shareholder payout

    Samsung Electronics is considering increasing its dividend payout this year by between 30% and 50% compared to 2013.

     
  14.  
    06:56: Nigerian currency crisis BBC Radio 4

    Phillip Walker of the Economist Intelligence Unit, tells Today the crisis facing Nigeria is far bigger than the one facing Russia. Nigeria's currency the naira has fallen 15% against the US dollar this year forcing the country's central bank to impose foreign currency trading controls. "Nigeria has a bigger population than Russia, its economy relies on oil exports more than Russia, so it's a big problem," Mr Walker says.

     
  15.  
    06:48: Gas prices BBC Radio 4

    Professor Green says energy suppliers have an eye on politics at the moment. He says Labour leader Ed Miliband's promise to freeze energy prices for 20 months if his party wins next year's election may mean suppliers will keep prices artificially high despite currently benefitting from lower gas costs.

     
  16.  
    06:34: Gas prices BBC Radio 4

    While falling oil prices have recently caught the attention of many, the cost of gas has also been coming down. That's because demand in Europe has been falling due to a relatively warm winter so far. Richard Green professor of sustainable energy business at Imperial College London tells Today we shouldn't expect lower energy bills are a result. That's because energy suppliers are selling us gas they bought at last year's prices.

     
  17.  
    06:32: Asian markets

    Asian stock markets have had a mixed session. They Nikkei 225 is up more than 2%. Hong Kong's Hang Seng is up 1.4%. Shares in Shanghai have fallen back after hitting a four-year high in early trading. The Shanghai composite is down 0.1%.

     
  18.  
    06:21: China recalculates growth
    Chinese flag

    China's economy is bigger than originally thought. The government has revised up the size of the economy in 2013 by 3.4% to 58.8 trillion yuan ($9.5 trillion). The increase was mainly accounted for by a greater contribution from the services sector. In comparison, the US economy was worth almost $17 trillion in 2013.

     
  19.  
    06:14: IAG bid for Aer Lingus Radio 5 live
    Dublin Airport

    British Airways owner, IAG is "good at integrating new airlines" says Richard Hunter, head of equities at Hargreaves Lansdown. He is explaining why IAG made a bid for Aer Lingus. The Irish airline is attractive because it has lots of landing slots at Heathrow, says Mr Hunter. IAG may also have a bit more spending power because of the lower oil price, he adds.

     
  20.  
    06:06: North Sea oil jobs Radio 5 live
    Oil worker

    North Sea oil companies are cutting wages, rather than jobs at the moment, says Alan Savage chairman of recruitment company Orion Group on Radio 5 live. For agency workers wages have already been cut by up to 20%. He says that the British oil industry is highly taxed and the "government has a lot to answer for".

     
  21.  
    06:02: Russian crisis Radio 5 live
    Russian President, Vladimir Putin

    Next year is going to be grim for the Russian economy, says Craig Botham, emerging markets economist at Schroders on Radio 5 live. The economy is likely to contract 4.5%, inflation is forecast to be betweem 11% and 12%. The rouble could keep on weakening, "it's hard to see a particular floor for the currency" Mr Botham says.

     
  22.  
    05:59: Ben Morris Business Reporter

    Do get in touch. Email bizlivepage@bbc.co.uk or tweet @bbcbusiness.

     
  23.  
    05:59: Matthew West Business Reporter

    Morning folks. The news the US Federal Reserve is in no hurry to raise interest rates boosted shares on Wall Street and in Asia to new highs. Meanwhile the Bank of Japan maintained its commitment to government bond buying at its last meeting of the year. And we'll be keeping an eye on the Russia rouble and oil price again today and there may be more on IAG's bid for Aer Lingus. Stay with us.

     

Features

From BBC Capital

Programmes

  • An ECG (electrocardiogram)Click Watch

    The wearable technology which could allow you to pay for goods with your heartbeat

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.