Keeping corporate secrets - the data centric security approach

Just read the eWeek summary for the new book Blown to Bits... (btw, what's up with tag lines and subheadings in books - these seem to be filling up the font page!). The authors discuss the right mix of people, process and security technology that organizations can use to prevent such breaches...

Interestingly enough, the trends they talk about are very data-centric - "Secure the message as well as the medium" and "Address data at rest, in flight and in use"...

In particular I like this paragraph...

"Even with SSL (Secure Sockets Layer) and VPN, strong passwords, fire walls and a flood of security patches, the medium (the network and the attached servers) should be considered inherently insecure. The greatest security comes from protecting the data itself. Even a gargantuan data breach will be of no real consequence if the data is undecipherable."

Could not have said it better - and I could not agree more...