The growing use of encryption makes the effective monitoring and detection of security incidents increasingly difficult. Due to technical progress, security suppliers are increasingly forced to discuss the balance between security and privacy with their clients.
The paradox ‘confidentiality or openness’ is caused by the fact that the content of an encrypted data stream can no longer be viewed by anyone – not even by security specialists. The focus is now usually on confidentiality, partly because of GDPR. Privacy is paramount and if the data is properly encrypted, privacy is guaranteed.
Encryption can be a hindrance to detecting incidents and determining their severity. It can frustrate forensic investigation and even make it ineffective. Yet the fact that traffic flows are encrypted does not automatically mean that security teams are unable to do anything. However, monitoring becomes more indirect, and less substantial.
It is not always easy, but it is possible to find a useful and acceptable balance between security and privacy. The question is what the ultimate security gain is, and what it may cost.
Read the full article (in Dutch) in the print edition 4 of AG-Connect.