The amount of data traversing the network through cloud and data centre environments is extraordinary. We now live in what is called the 'zettabyte era' according to the Economist. With so much traffic being generated it’s vital that we control and protect the transfer of sensitive or personal information not only at rest but also in flight.  Huge strides are being made by both proactive organisations and global regulators.  Here in Europe, the European General Data Protection Regulation (GDPR) is set to ensure that data protection of any information that can identify a living individual becomes the standard.

With the GDPR deadline of 25 May 2018 rapidly approaching, it is essential that data protection extends beyond perimeter detection and defenses. GDPR aims to harmonise data security legislation as well as the penalty fines across the EU and ensure compliance with strict rules and duty of care relating to data retention and transmission. The Netherlands has already implemented the Data Breach Notification Law as of January 1st 2016 – with the obligation to report any breaches not only to the authorities, but to all involved.

These new rules, while necessary, are also severe. They require not only the disclosure of data thefts, but also hefty fines which can be as high as €10,000,000 or 2% of total worldwide annual turnover - whichever is greater.  It’s imperative that organisations review their data protection procedures and take appropriate measures to protect their data, regardless of where it is in their environment.    These data protection procedures should include not only protecting data at rest but also include the transfer of data across what is becoming an increasingly complicated infrastructure including public, private, and/or hybrid cloud and data centre environments which only increase the opportunity to be exploited.

It’s imperative that organisations review their data protection procedures and take appropriate measures to protect their data, regardless of where it is in their environment.

Unfortunately in-flight data, once considered inherently secure, is vulnerable to criminals that have the ability to tap into fibre optic connections. Tutorial videos are even available online to teach those with malicious intent how to gain access to sensitive data. These cables are also often easily accessible and unprotected, some even clearly marked to reduce accidental fibre cuts, making them an open target for hackers. The worst part of a data breach from fibre hacking is that it can happen without the provider even noticing for hours, days and months.   While higher layer application and IP oriented protection clearly adds value, only optical transport layer encryption can ensure total protection to all in-flight data, all of the time.

Ciena’s range of optical encryption solutions are purpose-built with the highest security cryptography algorithms available, as well as external third-party certification, two independent sets of keys for authentication and data encryption, and a dedicated end-user portal that provides the end-customer with full control of their security key management. This allows enterprise end-customers to take advantage of compliant encryption solutions that can be packaged together as a complete service.

Where encryption is required between smaller locations or where bandwidth and latency are not as critical, a virtual encryption solution added to a holistic security strategy can also make sense. Flexible virtual network function (VNF)-based solutions can provide encryption and security capabilities from a wide range of trusted specialists via Ciena’s Blue Orbit ecosystem partners.

With the data being generated internationally set to grow 10-fold by 2020, a holistic data protection strategy, including in-flight encryption, will go a long way in helping to reduce the number of business-critical breaches – and ensure your organisation is fully prepared for the formal adoption of the GDPR in May 2018.