By Hector Silva, Ciena's chief technology officer for Latin America
Security and compliance have become a recurring topic in meeting rooms. This is not surprising, given the digitalization of the world economy, the growth of the cloud and a growing list of potential liabilities for the lack of protection against data breaches. In response to growing financial and reputation risks, and also partly due to new threats - such as fiber cable intrusion - companies are evaluating their security strategies to ensure they are doing everything they can to protect data and privacy. of customers.
As cloud services continue to grow, more mission-critical data is “in transit” (that is, outside company walls and between endpoints). Companies need to make sure that when using the cloud, their data is secure. So it is no longer enough to simply protect data “at rest” in the data center. There is now an increasing number of institutions that wish to have the ability to protect information “in transit” or before it enters a fiber and leaves its source.
New regulations and tougher penalties
Legal departments around the world are making sure that their boards of directors understand the new challenges. Currently, in the United States, several regulations (for example: SEC, HIPAA, Sarbanes-Oxley and GLBA) require that customer information be encrypted, with fines of up to $ 1 million per day. In fact, 29 states have passed laws that require entities to destroy, eliminate, or otherwise make personal information unreadable or undecipherable.
In Latin America, data protection laws vary and are in the process of being defined in many countries, including deliberations on various types of fines. In Mexico, for example, "violations of the law can lead to fines of up to $ 1.5 million for serious violations". In Chile, the authorities will be able to “impose fines of up to 432 million Chilean pesos for violations”. In Brazil, the process to make the personal data protection law feasible is underway. The draft law, completed in November 2015, provides for punishments for those who violate it.
The fact is that governments around the world are launching new security regulations with heavy penalties. As a result, Latin American companies need to consider implementing new holistic security solutions that ensure that their data is secure.
What does this mean for operators?
The ability to provide an integrated ultra-low latency and agnostic protocol encryption solution in the optical transport layer ensures that the entire data channel is encrypted, no matter which application or device has generated the signal. This type of resource can be an important differentiator, especially for financial services and other sectors supposedly willing to pay premiums of 15 to 20 percent above current values for greater protection of their most sensitive data.
With the recent announcement of the first coherent encryption solution with 100G / 200G transport speeds, it is clear that the ability to offer a more holistic and cost-effective approach to security is now within reach. This is because upper-tier solutions often require separate encryption boxes for each application. These, in turn, can be expensive, difficult to deploy and complicated to manage, given the proliferation of BYOD and the variety of applications that can run on a network.
In addition, by encrypting at the transport layer, a truly integrated solution will allow the encoding of a wide variety of traffic types, ensuring transparent encryption for the speed of the network, which means that the process does not reduce the rate of traffic transfer of the signal, nor does it modify its content.
Global high-level threats demand the protection of mission-critical data in all geographies
The flow across information boundaries in large global organizations across geographies brings to the fore the idea that cryptography in the optical layer will become more relevant in Latin America. Protection against growing high-level threats requires, and will always require, secure access to mission-critical data, especially in organizations with zero tolerance risk standards.
Fortunately, Latin American companies can be sure that protecting data in transit does not have to be complicated, limiting or expensive. Upper layer solutions are available and useful, but optical layer encryption offers an additional level of protection.
As cloud services continue to grow, more mission-critical data is “in transit” (that is, outside company walls and between endpoints). Companies need to make sure that when using the cloud, their data is secure. So it is no longer enough to simply protect data “at rest” in the data center. There is now an increasing number of institutions that wish to have the ability to protect information “in transit” or before it enters a fiber and leaves its source.
New regulations and tougher penalties
Legal departments around the world are making sure that their boards of directors understand the new challenges. Currently, in the United States, several regulations (for example: SEC, HIPAA, Sarbanes-Oxley and GLBA) require that customer information be encrypted, with fines of up to $ 1 million per day. In fact, 29 states have passed laws that require entities to destroy, eliminate, or otherwise make personal information unreadable or undecipherable.
In Latin America, data protection laws vary and are in the process of being defined in many countries, including deliberations on various types of fines. In Mexico, for example, "violations of the law can lead to fines of up to $ 1.5 million for serious violations". In Chile, the authorities will be able to “impose fines of up to 432 million Chilean pesos for violations”. In Brazil, the process to make the personal data protection law feasible is underway. The draft law, completed in November 2015, provides for punishments for those who violate it.
The fact is that governments around the world are launching new security regulations with heavy penalties. As a result, Latin American companies need to consider implementing new holistic security solutions that ensure that their data is secure.
What does this mean for operators?
The ability to provide an integrated ultra-low latency and agnostic protocol encryption solution in the optical transport layer ensures that the entire data channel is encrypted, no matter which application or device has generated the signal. This type of resource can be an important differentiator, especially for financial services and other sectors supposedly willing to pay premiums of 15 to 20 percent above current values for greater protection of their most sensitive data.
With the recent announcement of the first coherent encryption solution with 100G / 200G transport speeds, it is clear that the ability to offer a more holistic and cost-effective approach to security is now within reach. This is because upper-tier solutions often require separate encryption boxes for each application. These, in turn, can be expensive, difficult to deploy and complicated to manage, given the proliferation of BYOD and the variety of applications that can run on a network.
In addition, by encrypting at the transport layer, a truly integrated solution will allow the encoding of a wide variety of traffic types, ensuring transparent encryption for the speed of the network, which means that the process does not reduce the rate of traffic transfer of the signal, nor does it modify its content.
Global high-level threats demand the protection of mission-critical data in all geographies
The flow across information boundaries in large global organizations across geographies brings to the fore the idea that cryptography in the optical layer will become more relevant in Latin America. Protection against growing high-level threats requires, and will always require, secure access to mission-critical data, especially in organizations with zero tolerance risk standards.
Fortunately, Latin American companies can be sure that protecting data in transit does not have to be complicated, limiting or expensive. Upper layer solutions are available and useful, but optical layer encryption offers an additional level of protection.
EN 
PT 
