More than half of IT departments are failing at basic security measures, with 82% falling short on key practices, a new survey shows. Are you on top of these five issues?
1. Rotate SSH Keys Annually: 82% of IT departments fail to rotate SSH keys every 12 months
2. Train Users In Best Practices
3. Encrypt Cloud Data: 64% of IT organizations don’t encrypt all of their cloud data and cloud transactions.
4. Use Appropriately Strong Encryption Keys: According to a February 2011 report from the National Institute of Standards and Technology, 1024-bit encryption keys have depreciated in effectiveness, and 2048-bit encryption should be used for all symmetric keys. Only 44% of IT departments use recommended key strengths.
5. Have A Plan For Replacing Breached Certificate Authorities: a majority of IT departments–55%–have no management processes in place to ensure business continuity by quickly replacing a compromised certificate and its accompanying encryption keys.
- Lessons Learned from Snowden (venafi.com)
- Majority of Tor encryption keys may be vulnerable to NSA codebreakers (dailydot.com)
- Syncdocs Strengthens Google Drive with Strong Encryption (virtual-strategy.com)
- Box looks to circumvent NSA by letting customers have the keys (polizeros.com)
- Google Enables AES-128 Encryption for All Cloud Storage Users (hothardware.com)