Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

ACCESS THE REPORT Get free access to this report now

5 Key Take-aways

  • Tick Strategy - "Most organizations planning data encryption deployments lack encryption key management strategy, which increases the risk of data loss.”
  • Tick Data Breaches - “SRM leaders are facing ever-increasing needs to protect and encrypt various types of critical and sensitive data stores, including public clouds, in order to protect themselves in the event of a data breach. “
  • Tick Privacy Compliance – “A combination of privacy, data residency and compliance issues, internal security audits, and growing threats of hacking is driving the requirements for enterprises to develop a data security governance strategy to prioritize critical and sensitive data protection.”
  • Tick COVID-19 Cloud Adoption – “Recently, COVID-19 has forced clients to leverage more cloud services, thus revealing more data silos that require data protection and management.”
  • Tick Hybrid and Multicloud - "By 2023, 40% of organizations will have a multisilo, hybrid, and multicloud data encryption strategy, up from less than 5% today."
figure1 (2)

Strategic Planning Assumptions

Data encryption strategy

Group 1383
"By 2023,  40% of organizations will have a multisilo, hybrid, and multicloud data encryption strategy, up from less than 5% today."

Crypto and key orchestration

Group 1384
"By 2024, 35% of organizations will leverage a crypto and key orchestration platform to handle a variety of secrets, and crypto-management up from 0% today."

Recommendations*: 

multicloud

"Data Security Governance"

Employ data security governance principles by focusing on sensitive data protection and privacy , conducting , deleting unnecessary data, and consolidating data silos, whether they are on-premises or in the cloud, to ensure project alignment with business objectives.

hardware

"Crypto Operations"

Focus on establishing the operational configurationof an EKM deployment that address access, backup, long-term storage and crypto-agilibilty, and start with default vendor settings rather than initially focusing on the "bits and bytes" settings business objectives.

enterprise

"Minimize Data Security Vendors"

Minimize the number of encryption vendors, where possible, to simplify key management operations by leveraging multiple products from a single vendor that can be applied to multiple data protection use cases business objectives.

containers

"Apply Crypto to All Data Protection"

Develop a formalized EKM process that is applicable to all data protection use cases to simplify operations, minimize cost of ownership and reduce the overall risks to data security and privacy.

Trusted by

* Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner, Develop an Enterprisewide Encryption Key Management Strategy or Lose the Data, David Mahdi, Brian Lowans, 29 September 2020

© 2021 Fortanix, Inc.