MicroScope+ Premium Content/MicroScope

You only need to look at recent headlines to realise that data is still being stolen – the Russians allegedly stealing Covid-19 vaccination research for one. Organisations spend millions on IT security – identity and access management, disk encryption and data loss prevention, to mention just a few technologies that many resellers have in their portfolios. These are all great and necessary, but clearly there are still gaps between systems. Often, when introducing the idea of file-level encryption to CISOs and CIOs, we hear, “But we already encrypt all our data”. When probed further, it turns out that what they mean is that they have full disk encryption. It’s shipped as part of Windows, and there’s a variety of products that help organisations to manage the technology. The problem is that disk encryption is all about protecting data when it’s on a specific piece of hardware. Now, if you’re a cyber criminal and you’ve successfully compromised a legitimate user’s account – Twitter’s recent woes seem to have stemmed from this kind ...