Vacationhouse: This is brillant by Steven...
Other security experts say that the future of data encryption lies not in software but in hardware. "The point is that you're seeing the first real published vulnerabilities in software security," said Steven Sprague, CEO of Wave Systems. "The real call to action is anyone buying a PC should be asking for encryption capabilities in the hard drive."
Security experts maintain that hardware encryption eliminates the threat of hacking due to the fact that none of the keys are everused outside of the chip in the hard drive. The only way to steal the encryption would be to take or physically break the silicon chip.
"It's all going to be in hardware. It adds minimal cost to the drive, there's no peformance impact, and it's secure. There's no reason why it souldn't exist on every purchaser's machine," Sprague added. "When you turn your computer power on, you wake it up from sleep, the drive needs to have a password provided before a single bit comes off the hard drive."
The findings also have significant ramifications in terms of compliance and compliance-related issues, Sprague said. Legislation in numerous states, including California, requires that public companies disclose data breaches to all affected individuals, unless it can be proven that the data on the system was encrypted. Data protection might be easier to prove if the critical information was stored with encryption hardware, thus eliminating the possibility of embarrassing public disclosure if the data was somehow exposed.
Experts say that the real question in determining data breach compliance won't be "was the data encrypted?" but "how long ago was the laptop turned off?" and "Was the laptop turned off or just asleep?"
"The more vulnerabilities that are published on software, the harder and harder it will be to prove that software was sufficient," said Sprague. "We know the solution to this problem. In some aspects, this is not a surprise."
AI
Market Data 
Markets 
