Why Should You Encrypt Data?By Breanne Wilson, CyberShield Global Contributing Writer
When it comes to small to medium sized business owners, some have a lot of knowledge surrounding “data encryption”, while others may not know a thing.
If you find yourself scratching your head when you hear this term, not to worry!
The fundamental concept of encryption isn’t difficult to grasp. We’re here to educate you about the basics of this security practice and why it’s extremely important for many reasons.
We know you’ve got a business to run and you’ve got customers to serve, so we’ll give you a brief (yet helpful!) overview below.
What is Encryption?
According to trendmicro.com,
“Encryption is a system of mathematical algorithms that encodes user data so that only the intended recipient can read it.”
When do you use encryption?
Encryption is valuable when information exists in two states:
1) In transit --> when you send information through a website, through an email or when you want the information to exist anywhere other than your actual device.
2) At rest --> when information is stored on your device’s hard drive, or on a removable device, i.e. a thumb drive.
Traffic coming to and from a website is a very common form of information that's encrypted.
You can tell a website’s information is encrypted when you see a website address that starts with “HTTPS” (instead of “HTTP”) and you see what looks like a lock icon to the left of the URL.
The “S” means “Secure” to reassure website visitors that information flowing from your computer to the website is safeguarded through…..you guessed it – encryption!
Types of encryption
We’ll highlight three different types of encryption below: data encryption, file encryption and device encryption. As a small to medium sized business owner interested in maintaining the highest form of security for yourself and for your customers, here’s what you need to know.
1. Data encryption
When you encrypt data, you basically translate the data into an alternative form that’s not readable. In order to access and understand this data, the person trying to read it has to have a decryption key or a password.
Data that’s not encrypted is called “plaintext”, while data that’s encrypted is called “ciphertext.”
2. File encryption
When you hear the term “file encryption”, this refers to securing, or encrypting, specific files.
For example, you could have 100 files on your computer, but you choose to encrypt 75 of those files. When you encrypt a file, you’re translating this file into a language that only you can read.
If someone were to walk by your computer and spontaneously open that encrypted file, they simply wouldn’t be able to read it.
3. Device encryption
Device encryption is what it sounds like – ensuring the information on your smartphone, for example, is not readable without a PIN or password that has to be entered on the lock screen.
As soon as you correctly enter that secret code (or pattern, in some cases) the information is automatically decrypted so it’s readable.
If you or your employees store any business related data on your phones, it’s essential to make sure your phones (and tablets!) are encrypted by securing them through a lock screen.
Which industries should be encrypting Personally Identifiable Information (PII) and Personal Health Information (PHI)?
Now that we’ve explored the various types of encryption, let’s explore two types of information that absolutely need to be encrypted: PII and PHI.
According to gsa.gov, Personally Identifiable Information (PII) is:
“Information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.”
According to hhs.gov, Protected Health Information (PHI) is:
“PHI stands for Protected Health Information. The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information.”
Specific industries should absolutely be securing this type of information to protect their customers. And it doesn’t just make good business sense to do so – it’s the law!
Any companies in the healthcare industry need to protect patient data, comply with legal privacy standards and ensure their systems can run properly. It’s essential that these companies take proactive action so keys and certificates aren’t compromised online.
Small, medium and large financial businesses need to keep customer account numbers, social security numbers and more safeguarded through data encryption as well. With so much banking and countless financial transactions done online, safeguarding this data from hackers is a top priority.
Organizations operating in the legal space, regardless of how small or large they may be, have an ethical obligation to protect their clients’ data. Many hackers try to get lawyers to download malware onto their computers so they can gain access into law firm networks.
Now that we’ve reviewed the types of encryption, the kinds of information hackers often go after and the specific industries that need to secure this private data, here are a few more tips you can easily follow to secure your business’ information on your computer.
Enabling BitLocker within Windows OS
BitLocker is available on some versions of windows. Its purpose is to encrypt all of the information on the drive that Windows is installed on
- Click Start > Control Panel > System and Security > BitLocker
- Select Turn on BitLocker.
- Bitlocker will then scan your computer to see if it meets system
- Click Next.
- If it instructs you to shut down and restart your computer, please do
- Follow the Bitlocker setup wizard steps.
- Once you see the startup preferences on the screen, select Require
PIN at every startup.
- Enter a pin number and confirm it. This means you will have to enter
this code every time you start up your computer.
- Print out your recovery key and keep it in a locked, secure place and
- Restart your computer so the encryption process can begin.
Enabling FileVault within MAC OS
According to support.apple.com, FileVault “helps prevent unauthorized access to the information on your startup disk.” It is available in OS X Lion or later
- Go to the Apple menu > System Preferences > Security & Privacy.
- Select the FileVault tab.
- Select the lock icon.
- Enter an admin username and password.
- Select Turn on FileVault.
- Follow the setup steps that appear in your window.
- Once complete, your Mac will restart. You’ll then be asked to log in
using your account password. Note that you’ll have to enter this
password any time you turn on your computer.
We hope this post has helped you feel a bit more knowledgeable about the importance of encrypting your company’s data, files and devices to protect your own – and your customers’ – personal information.
Have more questions? Contact us at CyberShield Global today.
We’re more than happy to discuss our services and benefits with you.