Encryption: Why Some Entities Still Don't Get ItSophos' Alan Phillips on Why Some Healthcare Entities Are Still Laggards
Encrypting healthcare data is a no-brainer, right? It can help keep your organization off the Department of Health and Human Service's "wall of shame" breach tally, and it's just the right thing to do. So, why are so many healthcare entities still failing to encrypt?
See Also: The Essential Guide to Security
Alan Phillips of Sophos says that despite the compelling business case for encryption, many senior management teams are slow to get behind even some of the basic forms, such as full disk encryption.
"You still run into some of the old problems, like, encryption is a bit of a dirty word," Phillips says. "In the old days, if you encrypted a laptop, it might slow down and become unusable, and people still struggle with that piece of it. Full disk has definitely picked up in adoption, but I'm not even sure that's enough these days with the way that data is moving around in the world."
In a video interview at Information Security Media Group's Healthcare Security Summit in New York, Phillips discusses:
- Why some healthcare entities are encryption laggards;
- Today's encryption best practices;
- How Sophos helps clients refine their encryption strategies.
Phillips is senior corporate engineer at Sophos, where he's responsible for the safeguard encryption, mobile management and security product. With more than 18 years of experience in IT security, he has been instrumental in the planning, implementation, support and success of broad corporate security and IT initiatives with both enterprise and SMB organizations.