What is encryption?
Why your business needs it – and what you should know
As an increasing amount of sensitive data is now stored and communicated online, so cyber crime continues to rise.
Fortunately there are many ways in which businesses can protect their information; with encryption technology high up the list.
Encrypted data is known as ‘cipher text’ and can only be decrypted with a ‘key’ or password. While encryption cannot protect against all cyber attacks, it does make data theft harder for hackers. Even if they ‘get’ the data, if it’s encrypted it’s meaningless to them.
You wouldn’t send a postcard with private information on it through the post where potentially anyone could intercept and read it, so why would you do the same with sensitive information in an email?
- Unfortunately, encryption doesn’t prevent interference, but unless the recipient has a key, all they will see is unintelligible content. It usually takes considerable skill and resources for to crack encrypted data
- Encryption can protect data when at ‘rest’ (i.e. when stored on your laptop or USB stick) as well as during transport (i.e. e-mailing it). Data tends to be most vulnerable to unauthorised users when it’s moved from one location to another and via networks
- Encryption can be extremely effective as it can keep personal information private and secure. But while it may reduce the opportunity for criminals to view personal information, it can also work in their favour. Government agencies find surveillance harder when encrypted information is used and in the case of terrorism plots, early detection is crucial. This has called into question how powerful encryption should be and if limits should be imposed
- Many industries have strict compliance requirements to help protect those whose personal information is stored by organisations. The use of encryption technology is now expected
- Data encryption can become complex for IT admin to manage, as the more data encryption keys are used, the more difficult maintaining data keys can be. Companies should decide which members of staff require a key as well as teaching them when encryption should be used. Remember: If you lose the key to an encryption you lose all the data associated with it.