Your Unencrypted Data Is Not Safe
Pretty Good Privacy (PGP) is an encryption standard that is widely used today. Originally it was designed to be able to safely send private email correspondence, and it still excels at that. It has, however, also moved into wide adoption for the encryption of data besides emails.
Virtually no computers that are connected to a network are safe from outside attack. Most people’s data is stored and transferred in plain text, and this is especially true for email data. So what if I, as a secret agent (or person with moderately sensitive data), wanted to exchange classified intel with my spy colleagues? PGP is a pretty good option–the gist of it is that it takes your plain text email:
Agent O'Hare-- The rabbit has left the hutch. Rendezvous at the carrot farm at zero dark thirty the second day after the bunny hops.
And turns it into unreadable nonsense (encryption):
-----BEGIN PGP MESSAGE----- Version: BCPG C# v1.6.1.0 hIwD47Ab2Zed4z4BA/97/kJKMd2xihaASs1wa8Hx+4gWV99Ieb5GBU67vy7JJwW+ 8sHslKXSNBzUWlz4Mq5Oh5tZ5uniaHI9Hl0S4hrv2Y3l/GCKiZhVyOgEm/bd8dxQ +3X1Y1Lirqm4iYDCIc+zAxRxzQISINdW6mXOY/qnIHVORHNp2l4bt4r9l7lo7smI AqdU94pc6tVn+SaquTFGU72Nl/hgHvt8bWMUfUndhlMESytIV9vICw2IMVpOxP8w vl07YNML0+sGdvVHvrPiglH1lypdHWL4o1j4EW57Rrux5mrMRM+OTRgYBzPtDziu esen8dD/7hA4V+iAPvUe5CoidFhfcW0MGaLdm1EQsLOL7z3vC+asaw== =8QAl -----END PGP MESSAGE-----
Only the person receiving the email has the proper code to turn the nonsense back into plain text (decryption)–which is called their private key.
How Does PGP Work?
When you start using PGP, you enter your email and a password into a generator, and in return you get two keys: one public, and one private. At this point, anyone can send you an encrypted message by using your public key (which you can freely provide to anyone) and some PGP software. However, that key will only encrypt messages–to decrypt them, the private key is required. Of course, you don’t provide that to anyone! It’s true that keys can be stolen — but if you never send your private key, what it can never be is intercepted during transmission!
RELATED:Are you ready for the McAfee E-Business Server End-of-Service? Learn about your replacement options.
Another feature of PGP is to allow someone to digitally sign something they wrote, whether they encrypt it or not. This allows identification of identity, which has obvious benefits. Additionally, because of the way the technology works, it also verifies that the content is the original content–if it is tampered with or altered in any way, it will not pass the signature verification–a great side-effect, since tampering with data is one method that hackers can use to try and decrypt intercepted emails!
At ASPG, our product MegaCryption uses a signature method to verify that sensitive data records have not been tampered with, in addition to encrypting the data. It supports OpenPGP, along with a host of other encryption standards like AES-128, AES-256, Blowfish-16, CAST, DES, and Triple-DES–with the end result being the same: Safe, encrypted data.
If you need encryption to protect sensitive data for your enterprise company, please request a trial.
