IBM is embarking on a massive encryption deployment to provide 355,000 employees with desktop and laptop encryption to protect data.
Although IBM already uses encryption in pockets of its organization, particularly with Secure Multipurpose Internet Mail Extensions encryption in Lotus Notes, the rollout of PGP whole-disk encryption marks Big Blue's biggest-ever commitment to data-scrambling, according to Alan Mitchell, IBM senior technical staff member for IBM's office of the CIO, information technology security and privacy. "This is an enterprisewide deployment worldwide through 2008," Mitchell says. "We're using whole-disk encryption to protect assets."
As with many other organizations riding the encryption wave, the two driving forces are concerns about data losses and compliance with privacy regulations impacting industry sectors around the world. (EMC's CSO recently mentioned that the storage giant is encrypting all its laptops.)
While IBM is not itself a banking or healthcare provider, its customers that are have encouraged IBM to adopt encryption for purposes of sharing information. "We work with banking, healthcare and government agencies," Mitchell says. "We serve these markets and they are driven by compliance requirements." He adds, "And we've had an increased loss in laptops as well."
PGP’s software hides data at rest with encryption. IBM's pilot program with it last year found the key management to be fairly simple. Over time, IBM expects to include language requiring encryption in its contracts with business partners that handle IBM-related data.
"This is going to be part of our requirement in business over time," said Mitchell, who declined to discuss the cost for the encryption software rollout at IBM. (Learn more about Data Leak Prevention products in our Data Leak Prevention Buyer's Guide.)
Learn more about this topicData breaches, regulation fueling data-encryption adoption
12/10/07PGP adds whole-disk encryption to puzzle
01/15/08Al Qaeda group claims to have strengthened its encryption