(DarkReading) The security industry is gearing up to upgrade standards to protect against quantum attacks. All organizations should have the beginnings of a quantum resilience data protection plan in place because the race to the first quantum computer is fierce.
Begin protecting against tomorrow’s — or 2029’s — threats today.
Every server should use encryption to prevent data extraction or corruption. You can’t put a quantum computer onto a corporate server because, remember, it’s a physics lab, not a piece of portable code. Therefore, you need to protect data right at the source — on the servers. It is important to protect data with proper access policies that ties to process, applications, and users with unique encryption for different data sets.
What if a cybercriminal or nation-state hacker extracts data or keys and transports them to a quantum computer facility? IBM and others already have made small quantum computers available to the public. It’s likely that a public cloud provider will offer quantum computing as a service once the technology has matured.
To face this threat, adopting a comprehensive approach to protecting data on servers includes:
–Proper management of keys, including hierarchical keys to enable key rotation.
–Applying firewall-like rules for data access, restricting access by user ID and application.
–Reporting any unauthorized or suspicious attempts to access data. Good reporting and alerting can prevent loss of data after a single key or server has been compromised but before critical data is sent out for quantum-powered code breaking.