Google Encryption Tool Prompts Call For Data Security Innovation

Printer-friendly version Email this CRN article

Google's unveiling of a new Chrome browser extension aimed at helping users send secure email messages could have a broader impact on data protection measures, said experts who are calling for new ways for businesses to implement more substantial encryption measures.

Encryption providers are increasingly turning to the channel to sell their services to clients. In the last week, Florham Park, N.J.-based DataMotion, and Belcamp, Md.-based SafeNet announced broader channel plans to get systems integrators and managed service providers to add SaaS-based encryption to their list of offerings. GlobalScape, a maker of a secure managed file transfer software, also is transitioning to a channel-delivery model.

Google's Chrome extension, called End-to-End, uses the open source version of PGP and is first being tested by security researchers for coding bugs and other issues that could weaken its effectiveness against criminals.

[Related: Cloud Encryption Gaining Solution Providers' Attention]

An analysis it conducted of users of its Gmail service found that between 40 percent and 50 percent of messages are not encrypted. The problem, according to Google? Current encryption programs require the know-how to install and use for both the sender of a secure message and the recipient.

Google's browser extension is in line with the broader trend of technology makers supporting encryption in everyday software, including smartphones and tablets, said solution providers.

Business executives are learning that end users are increasingly accepting the additional steps required for data and email security, said Kenneth Leeser, president of Needham, Mass.- based risk management consultancy and reseller Kaliber Data Security.  Leeser's firm partners with Milford, Conn.-based SilverSky for email security and data loss prevention. Encryption has become a feature in broader platforms and available in SaaS offerings to protect against data leakage through corporate email.

"The trend is to bake these things in," he said. "There's still the understanding that encryption is slowing me down, but there's more of an acceptance at the end-user level that this is a toll we have to pay for having data on our laptops or using open Internet connections."

Encryption is no panacea, but if properly implemented, it can help delay even the most sophisticated attackers from viewing sensitive data even after successfully cracking into the systems containing the information, said John Kindervag, vice president and principal analyst at Forrester Research.  

Kindervag and others said new data encryption measures are on the horizon. The point-to-point encryption model can no longer be properly implemented and supported in a world where communication is increasingly meshed, Kindervag said.

"We have to transform the whole process so lots of people can send and receive secure messages in a way that is transparent to them," Kindervag said. "That has to happen or we won't be seeing continued growth in businesses trying to leverage the Internet right now."

NEXT: Businesses Getting Encryption Message, Say Providers

Printer-friendly version Email this CRN article