Get ready for everything you do online to be encrypted

Securing all our data is becoming easier thanks to encryption management services based in the cloud.

Implementing advanced encryption to services and applications will become quicker, simpler and more cost-effective.

Encryption is an example of “defence-in-depth”, which provides a second security control that works independently from access control. Defence-in-depth is a data-security best practice, where multiple security controls are put in place to protect valuable data such as personally identifiable information.

Next year encryption will become easier thanks to the increasing availability of cloud-based encryption-key management services. Managing and protecting encryption keys can be difficult. Organisations need to work where to store the keys, and how to protect a system. Getting it wrong can lead to catastrophic data breaches. Cloud-based key-management services will give organisations the option to store their keys securely, away from their physical site. And they will also provide greater control over which users and applications have access to the keys, under what context they can use the keys, and for how long.

We will also see an increase in encryption for data in motion – that is, data moving around networks and across the internet – thanks to a new implementation of the Transport Layer Security (TLS) protocol, which provides end-to-end secure communications over the internet. Most organisations today use OpenSSL for their TLS needs. OpenSSL has 500,000 lines of code, with at least 70,000 of those involved in processing TLS. This is old code and when it was written there was no way to have modern security threats in mind. What’s more, it is hard to understand, and difficult to audit and it is tricky to fix bugs within it. Often the fixes introduce new ones.

Security is our top priority, and we all need to take precautions and protect the most precious asset: data. Next year this will become even easier and more widespread. As I like to say: “Dance like nobody is watching. Encrypt like everyone is watching.”

Werner Vogels is vice-president and chief technology officer of Amazon Web Services