Encryption is one of the vital parts of today’s IT infrastructure in every business, no matter what type or size. Yet it’s not implemented as much as it should be and the main reason is because of the word itself. For many, the word encryption is difficult to understand, tricky to apply and hard to maintain. But, I’m here to tell you, it is in fact, quite the opposite.
Encryption originates from cryptography, which is used to create and decipher codes and dates all the way back to ancient Greece. Over the course of time the need to hide sensitive information has become a big part of our existence. The Romans with their “Caesar’s cipher,” the Nazis with the Enigma machine used in World War II, and then the modern world of computers with its first ever encryption for digital information called Data Encryption Standard.
Encryption has been around for centuries, but how can it serve you? With this technology you can protect almost anything – email, data, communications or internet browsing. With the ever-growing threat from the outside world trying to violate our privacy by stealing our identity, our prized possessions, share our sensitive data and so on, we have to protect ourselves and that’s what encryption is here for.
Following on from our articles on basic data protection such as increasing your password complexity, your data and information comes next as the most logical step. After all, information is power and as such, needs to be protected. One way to ensure that those who try to violate your privacy will have a hard time achieving their goal is to apply encryption.
In today’s world, encryption technology is more than likely a part of our lives in some form already. Have you noticed the lock symbol when you access your online banking? Well, that’s because the connection between your bank and your computer is encrypted, so your password is secure and protected when you log in to your account. Did you know that your WhatsApp messages are encrypted, therefore unreadable by third parties? And there are plenty more examples.
So, what exactly is encryption and how does it work?
In simple terms, encryption is a technology that uses a special algorithm (ways and twists) and key to turn simple text (data), such as this, to a random set of characters. These characters are unreadable without the correct password, which is used to decipher (translate) the text back to a normal state. In other words, it’s a process of concealing information.
As I mentioned above, there are two parts to encryption – the algorithm and the key. The bigger the key, the more combinations that are needed to decrypt (translate) the data using brute force attack. It’s like trying to break into a safe without having the correct key combination.
The two most popular algorithms used today are 3DES and AES.
3DES – This type of encryption, also known as Triple DES is a modernised version of the original DES algorithm that was introduced in 1977 by IBM using a 56-bit key. Today this would only take a couple of hours to crack. The new and improved version is using a 168-bit key, which is much more complex and difficult to break.
AES – Advanced Encryption Standard is one of the most popular encryption types used today and is used by the United States federal government as their encryption standard. One of the main reasons is the low RAM requirements and great performance on a variety of hardware, whilst still offering high speeds. The 128-bit encryption key is used as standard, but the choice of a 256-bit key is also becoming increasingly popular. The AES encryption is used by companies like Apple FileVault and Microsoft BitLocker, both delivering hard drive encryption services to protect your data.
“To put that into perspective, cracking (breaking) a 128-bit key would require a brute force attack to test over 339,000,000,000,000,000,000,000,000,000,000,000 possible key combinations.”
Bryan Clark, makeuseof, 2015
In my past experience, when the subject of encryption found its way into a meeting, many people would automatically associate it with something very difficult to implement, something that would require too many resources and something that could potentially affect the performance of their systems. The view would then be taken that this could lead to higher IT infrastructure costs and that resource wasn’t available in this year’s budget (or the next, or the one after that and so on…).
But, what if I was to tell you that integrating encryption into your day-to-day life isn’t overly complicated. In fact, it’s simple, cost effective and wouldn’t affect the performance. Would you consider it then?
You’d be surprised how easy it is to integrate encryption into your environment and how easy it is to manage it. From small companies to large business, there are countless options that will serve everything from individual needs to enterprise level, without the complexity of implementing robust solutions.
And then there is the Cloud.
There are three parts to successful encryption.
- Password – Any discussions about encryption, all start with the same topic – the complexity of your password. For most encryptions you need to set a password that will be used for encrypting and decrypting the data. It goes without saying that should you use a simple password, there’s no point encrypting the data. Passwords for data encryption should be at least 12 characters, a combination of letters (capital and lowercase), symbols and numbers, while avoiding the obvious names of pets, family, movies, etc. You can verify how strong your password is on Microsoft’s Password Checker. Anything less than strong isn’t an adequate password for today’s world of IT, let alone encryption.
- Key size – If you read carefully I mentioned the key size which is relevant to the amount of combinations needed to crack the password by force. The 128-bit key is used as standard, but if you feel extra caution is necessary, feel free to take on the 256-bit key.
- Key management – Critical to the success of data encryption is key management (password management). Handing the key/password to your encrypted data over to a third party for storage, is like handing the keys to your car or house to a stranger. Therefore, the key/password should be kept in a safe location, preferably having two backups (USB/DVD etc.) in separate places or at the very least, if saved on the same network, not saved on the same server with the encrypted data. If you lose the key to your encrypted data, you’ve lost all of your data.
There are a lot of forms on how to encrypt your data. The option to encrypt your business systems, both hardware and software, has been available for quite a while now. Not to mention the increasing importance of encryption, due to the ever growing amount of cyber threats and the integration of your business with the Internet.
Individual solutions available on the market depend on the size of your business and your budget. Whether it be integrated into your hardware or free applications and services applied to individual devices (computers, tablets, phones, etc.), all the way to enterprise level solutions that have fully manageable interfaces for all users. Such solutions are integrated into your network (installed on the server) or better still, the ones that are based in the Cloud are accessible from any location through your browser. Fully manageable solutions in most cases offer additional services such as remote management for when clients are out of the office and so on.
The difference between individual and system manageable solutions is very clear. Those applied individually cannot be managed remotely and can prove time consuming and inefficient in larger companies. Those fully integrated in your network or the Cloud can be adjusted, disabled or configured remotely not to mention giving you a comprehensive breakdown of each device, which effectively means complete control.
As a company you need to make a decision about the amount of resources you are willing to use to accommodate such a solution. There are four factors to consider:
- Do you want encryption on your computers only or do you want to encrypt additional devices?
- Do you require additional services such as theft protection, remote wipe, etc.?
- Do you have time to configure individual devices?
- Do you want a solution where you can keep track of devices outside of the office?
There’s no doubt that data encryption plays an incredibly important role in business today, but the question is, do you really need it? The short answer is yes. The long answer is debatable, but at the very least, the sensitive data should be encrypted.
Have you got any questions? Are you considering implementing encryption in your business? Please contact us to discuss the details so we can find the most suitable solution to fit your needs.
Priority One – IT Security Services in London