top of page
scaral161

Encryption



I will never forget the time at a business show someone approached the AP-Cyber booth. They admitted they were out of compliance with regulations and did not have any encryption on their data. We tried to say how it was super easy to accomplish. However, nothing we said could stop the dreaded fear of encryption.


Yes, encryption can be complicated. But for protecting your business it is nothing to fear and can be simplified. There are 3 basic instances we use encryption.


Data at Rest is one method. The reason we do this is so that if someone steals the physical media something is on, they will not have access to the data. For example, if someone steals your laptop and the hard drive is encrypted with an acceptable algorithm, no one will get access at the information. All they will see is gobbly gook. If it is not encrypted they can use password breakers to get in and eventually get access to see your sensitive information. Data at rest is also important in the cloud. You want to use servers, without having to worry about the vendors being able to easily see your data. If you certain versions of Windows you can opt to encrypt your hard drive. Super simple and easy to do. You just set your passphrase and make sure you never lose or forget it and it will go through and encrypt your drive.


Another encryption use case is data in motion. This involves when your data is being transmitted. You obliviously don't want sensitive information seen by 3rd parties as its traveling. The term to remember here is TLS 1.2 or 1.3. When your browsing a webpage make sure you have the lock in the upper left corner. Most browsers help you check that everything is ok with data in motion encryption. If the lock is broken or your browser is saying there is a problem, do not trust that site to protect your data.


The 3rd use case is not one most people will have to worry about. It involves encrypting databases and certain fields in databases to prevent unauthorized access to sensitive information stored in the database.


Whatever your use case for encryption you want to look up the algorithm being used by the company and the key length. As computing power improves, new computers can break older algorithms. You want to make sure you are not using a previously broken algorithm to protect your data. This is as simple as a google search. The key length is an important aspect of this as well. The longer the key length, the more data the computer has to work through to break the algorithm.


Encryption is essential for organizations to protect sensitive data from unauthorized access and cyber threats. It ensures that even if data is intercepted, it remains unreadable without the correct decryption key. This is crucial for maintaining privacy, securing communication, and protecting intellectual property. Encryption does not have to be difficult to implement. Just make use the tools that are already out there to help you.





7 views0 comments

Recent Posts

See All

Hashing

Comments


bottom of page