Cryptographic Orchestration Reimagined for the Enterprise

There is no doubt that cryptography has played an important role in the digital revolution. For just one simple example, eCommerce could not have happened without public-key cryptography that enables payment credentials (e.g., credit card numbers) to be sent securely over the Internet. However, the role of cryptography in securing the digital world of 20 years ago is very different to its role in enterprises today. Cryptography has transitioned from an important yet marginal tool to a set of methodologies that are central to securing enterprise systems.

In the past, the belief was that attackers could be kept outside of our private networks and data centers. As a result, encryption was primarily needed when data was being sent between sites (encryption of data-in-transit). Encryption was sometimes also used to encrypt storage (encryption of data-at-rest), but mainly due to the fear that the physical media holding the data could be stolen or in order to prevent leaks when disks and tapes were disposed of. Today, it is well understood that attackers are everywhere, and we cannot rely on having a strong perimeter to keep them out. This requires organization to deploy zero trust solutions, where security is preserved even when attackers do manage to get into the network.

The challenge is further compounded when we understand that our networks themselves are far less under our control than in the past, specifically due to the continued demand to digitize data.

Bring your own device (BYOD) initiatives required organizations need to support a myriad of devices of different types, including devices belonging to employees. In addition, IT infrastructure no longer resides in a local data center but is spread across multiple data centers and clouds. All of this needs to be managed remotely, and with far greater speed than in the past. Business needs are primary, and IT and security must support business agility, not impede them. This means the ability to quickly support business initiatives, cloud migration, new standards and infrastructure, and more.

Since we can no longer rely on keeping the attackers out of our networks, today cryptographic solutions play a far more central role in security than ever before. Cryptography is used in authentication, encryption of data in many different scenarios (in databases, on storage, as virtual machines), for signing on business transactions to ensure integrity, for signing on code to prevent the propagation of malware, to protect new digital assets (like crypto assets), and much more. As we will see, the necessity to deploy cryptographic solutions across the enterprise, at the pace needed by business, brings with it many challenges.