At the recent Cebit trade show, a flurry of vendors touted products with data encryption capabilities. Among them, Symantec unveiled its Endpoint Encryption product in an attempt to lock down data on USB drives and other removable media. Clearly playing off growing unease over lost data, Endpoint Encryption aims to secure data on desktops, laptops, and other removable devices.

In addition to hard drive encryption, the software package uses AES-256 bit encryption to encrypt files copied to USB drives, iPods, CDs, DVDs, and other forms of removable media. Endpoint Encryption comes in three formats: a full disk edition, a removable media edition, and a version that combines disk and removable media encryption.

It's these sorts of products that were on the minds of vendors who debated the pros and cons of crypto at the system, device, and file levels last week at the Data Protection Summit in Irvine, Calif.

There were the familiar entreaties to make sure keys are escrowed in a way that makes them easy to access over the long term. There was the call to use standards-based technologies (and the retort: "Standards are wonderful; every vendor should have one"). And there was a familiar refrain to avoid obsolescence as companies add to their storage security arsenal.

10 'NEED TO KNOW' IDEAS

Most interesting, though, was one CTO who actually took on the challenge of the session's title: "Top 10 Things You Need to Know About Drive Encryption Today." Warning he wouldn't be nearly as funny as David Letterman, Chris Burchett, CTO of Credant Technologies, nonetheless enumerated some major-and less obvious-aspects of contemporary encryption wisdom:

NO. 10: When your boss says, "Encrypt all endpoints," think "all platforms."

NO. 9: "All endpoints" also may include devices you don't own-partners' devices, USB drives that people may leave behind, and the like.

NO. 8: Encrypting data is "managed corruption," so keep in mind the managed part. Customers want to avoid decrypting and re-encrypting data, thus exposing it unnecessarily. Treating all enterprise information in a more holistic way is the security industry's biggest challenge.