Myth #1: “We use a private network” is often stated as the reason for not protecting data as it travels over third party networks.
Truth#1: MPLS isn’t really private. Organizations using a Multiprotocol Label Switching (MPLS) network may believe that encryption is not needed because the network is marketed as “private.” Because MPLS is really a shared network that mimics privacy by logically separating data with labels, the logical separation offered by MPLS isn’t secure and isn’t adequate for data protection. A “private” MPLS link actually traverses a network that also carries traffic from thousands of other users, including traffic from other carriers.
Myth #2: MPLS provides some level of security.
Truth #2: The truth is that MPLS offers no protection against misconfigurations. Human and machine errors as well as OS bugs can result in MPLS traffic being misrouted. It also don’t protect from attacks within the core. MPLS is vulnerable to all traditional WAN attack vectors. Additionally, there is no detection of sniffing/snooping. Think an alarm will go off when a high-tech hit man is stealing your data? Think again. This data is left in the clear and can be access, replicated, or used by anyone who gains access to it.
Protecting data in motion has become a high priority as more organizations realize how easy it is for attackers to pick data from the stream. Regulations such as HIPAA and PCI also require that files be secured when stored on the network and while in transit, leading to a need for encryption services. Secrets aren’t secret on the Internet unless they’re securely encrypted. For more myths, truths, and ways you can protect your data in motion, download our Group Encryption White Paper.