Noitneverp ssol atad fo tra eht dna noitpyrcne. (Encryption and the Art of Data Loss Prevention)

Technology brings your staff closer, enables the sharing of files and information, and even allows off-site employees to work seamlessly together. But that convenience comes with a cost—with connectivity comes risk; with innovation comes vulnerabilities. Networks can be hacked, data can fall in the wrong hands, privacy can be intruded, ransomware enacted and more. The results can be devastating to the organization, employees, vendors and customers.

In fact, we’ve talked quite a bit about the risks out there, such as in our two-part series about phishing, Part 1 and Part 2, and our discussion about ethical hacking.

That’s why safeguards are necessary and why you always need to ask: how do we open the door for those who need it, while slamming it shut on those who don’t? And how can we add and enforce these security measures across all devices, even personal ones?

One affordable and comprehensive way to keep information away from those with malicious intent is with data encryption, which can safeguard files by rending information virtually useless when stolen.

How Encryption Works

Encryption scrambles text to make it unreadable by anyone other than those with the keys to decode it. As an article from web development freelancing company Upwork puts it, “If good encryption is capable of hindering investigations by FBI experts, consider what it could do for you and your company’s sensitive information.”

Encryption uses algorithms to turn plain text into an unreadable, jumbled code known as ciphertext. To decrypt the ciphertext, you need an encryption key, which is something only you or the intended recipient has in their possession.

Despite a code’s complexity and length, any code can be broken and hackers may attempt to break them using brute force: basically, programming a computer (or computers) to make random guesses over and over again. But sophisticated algorithms can take a very, very long time to break. For example, according to mathematics presented by eetimes, an online electronics industry magazine, it would take the most advanced computer system more than a billion billion years to crack an AES-128 key encryption (AES stands for Advanced Encryption Standard, as is the algorithm used by the U.S. Government and many organizations). By the way, that’s quite a bit longer than the age of the universe. The same article posts these numbers:

If you assume:

  • Every person on the planet owns 10 computers.
  • There are 7 billion people on the planet.
  • Each of these computers can test 1 billion key combinations per second.
  • On average, you can crack the key after testing 50% of the possibilities.
  • Then the earth’s population can crack one AES-128 key encryption in 77,000,000,000,000,000,000,000,000 years.

At Rest vs. In Transit

Encryption is traditionally put into two buckets: data ‘at rest’ and ‘in transit.’ The former is for files on your computer or network that can be stolen, while data ‘in transit’ refers to emails and Internet information, including online shopping. For instance, did you know the ‘s” in the familiar ‘https://’ at the beginning of most URLs stands for ‘secure?’ When you see this, it means any data that might be shared, such as credit card numbers, is being encrypted (these letters should also be preceded by a padlock symbol). Even iPhones are encrypted to protect their data if they’re lost or stolen—something that has made headlines when organizations like the FBI or the NSA need access to them for investigations.

Look for our next blog post where we delve further into the types of encryption and encryption keys commonly used.

Safety First

Data encryption is one way to protect your files, but it’s not the only one. The most important thing is to act, and act now. The longer you wait to make changes, the more you put your organization and your staff at risk. At Single Path, we will help you determine the best ways to protect your organization, how to safely share files, how to protect your data and much more. With Single Path security offerings you get everything you need—a comprehensive and customized plan that fits your needs.

Ask us how to get started!