Securing data by restricting access to objects using operating system access controls works well for data at rest, or data that is stored at a single location. Access controls limit which subjects can read or write data. This provides a level of security while the data remains on the object’s storage device, accessible only through Windows. The problem with this configuration is that functional data tends to be used.
Sensitive data is stored in objects that need to be secured. It is also accessed at some point for the purpose of being presented, manipulated, or transmitted to another subject. Once data leaves its protected storage device, you need to provide additional protection to ensure its security is maintained.
What business challenges do YOU think organizations encounter when attempting to implement encryption?