via Enterprise Security Magazine
As data breaches continue to make headlines, more businesses rely on encryption technologies to safeguard their critical assets, both at rest and in transit.
Data encryption is the process of converting data to another format or code to restrict access to the data to those who possess the correct decryption key (or password). Encrypted data, also known as ciphertext, is one of the most common and widely used data security methods. If a data breach involving ciphertext occurs, the attackers will still be unable to view the data.
The Most Frequently Used Types of Data Encryption
Asymmetric encryption utilizes pairs of keys. This means enterprises have two keys, one of which encrypts and decrypts. Often, but not always, the keys are interchangeable.
Symmetric encryption is a type of encryption in which a single key is used to encrypt and decrypt data. The entities communicating via symmetric data encryption must exchange the key between themselves for it to be used for both encryption and decryption.
The Advantages of Using Encryption Technology to Secure Data
The following are some straightforward reasons why an organization may benefit from implementing a suite of encryption technologies:
1. Encryption is a low-cost technology to implement
Almost every device and operating system on the market today include encryption technology. For instance, Microsoft Windows includes a BitLocker program that encrypts entire hard disc volumes.
Additionally, iPhones and Android phones include various encryption features, and there are numerous free encryption programs available. Among them are LastPass—a freemium password manager that securely stores encrypted passwords online; HTTPS Everywhere—a browser extension that enhances web browsing security; and TunnelBear—a free virtual private network (VPN) with a 500mb monthly usage limit.
2. Encryption May Help Organizations Avoid Regulatory Penalties
Although there are no explicit requirements for encryption in regulations such as the GDPR, “security measures and safeguards” must be implemented to protect the privacy of data subjects—assuming they are EU citizens. Specific data protection laws, such as HIPAA (Health Insurance Portability and Accountability Act of 1996), require the encryption of confidential data. As such, if a portable device or external hard drive containing unencrypted ePHI is lost or stolen, the organization responsible for the data may face fines.
3. Encryption Can Ensure the Safety of Remote Workers
According to a report by Shredit, 86 percent of C-level executives believe that when employees work remotely, the risk of a data breach increases. This is unsurprising, given how many remote workers store sensitive data on their devices and how little control companies have over accessing and sharing this data.
According to a survey conducted by information security firm Imation, “two in five respondents reported that they or someone they know had lost or stolen a device in a public place,” and many devices are not encrypted. Once again, all confidential data should be encrypted, and remote workers should use virtual private networks (VPNs) to prevent cybercriminals from intercepting and spreading malware over unsecured public Wi-Fi connections.
4. Encryption Strengthens the Data’s Integrity
While encryption does not guarantee the integrity of our data at rest, it can be used to verify the integrity of our backups. Additionally, we can ensure the integrity of our data during transit by utilizing digital signatures. This prevents hackers from intercepting communications and altering data, as the recipient can easily detect such actions.
As data breaches continue to make headlines, more businesses rely on encryption technologies to safeguard their critical assets, both at rest and in transit.
Data encryption is the process of converting data to another format or code to restrict access to the data
