What is data encryption?
What is data encryption?
For most people, locking the door to your house when you are going somewhere or locking up their business when they leave for the day is a common sense security measure they might not even recognize as such. Data encryption is similar to locking the door. It is the process of locking your data so that only you can access to it: encryption makes your data inaccessible to anyone unless they possess the right key. The key unlocks (decrypts) the data and allows you through the door.
Why is data encryption a good idea?
Data encryption allows you to control who has access to your data in a very secure fashion. Only someone who has the correct decryption key will be able to access the information stored within data.
When using modern and robust encryption technology (such as the Advanced Encryption Standard or AES), even if someone else were to get access to the hard drive where your data is stored they would not be able to access the information on the drive. In this situation you can think of encryption as akin to invisible ink. If someone intercepts the piece of paper that the information is written on, they cannot access the meaning contained on it without an additional step. Encryption presents a meaningful, largely insurmountable obstacle to anyone trying to access your data and backups without your permission, such as bad actors and ransomware hackers, as long as you are careful to protect your keys.
Does all my data need to be encrypted?
Encrypting your data is always safer than not doing so, but it might not always be efficient for your workflow. Instead it might be simpler to encrypt just your most sensitive data. Prioritize data that you would never intentionally share with a business competitor or enemy. Examples of data you may want to encrypt include customer data that you are responsible for, financial data that is only for certain eyes, competitive data that forms your business advantage, and intellectual property such as source code.
Encrypting the working folders for your business data and decrypting them only when you are working on them or need to read something off of them is one small step you can take that will significantly improve your security posture, making recovery from ransomware and other cyberattacks far easier. Additionally, ensuring that cloud backup services and/or collaboration platforms you do business with encrypt data at-or-above the level you do is a strong decision.
Best Practices for data encryption
Treat implementing encryption in your business like you would any other policy change. It will come with a learning curve. There might be a lot to learn up front, but you will eventually integrate encryption into your workflow and become efficient and data resilient because of it. Research different tools and standards and see what fits your needs.
Modern operating systems now have settings to encrypt the entire filesystem, or even the filesystem and individual disks separately (leveraging layered encryption is not an uncommon tactic). An advantage of this is that it makes it easier to get started with encryption and provides additional security. This additional security measure means that even if someone gets a hold of your actual hardware, they will not be able to recover any data without your decryption key.
There are ready-made solutions that can help you encrypt specific data in specific contexts. For example, if you are working with a vendor to process customer payments, you can work with them on an implementation where the transactions are encrypted using HTTPS, and credit card data is not stored in a human-readable format. If you purchase backup software make sure that they have strong encryption for the stored data, so that you will automatically have encrypted copies of critical data. This enhances your data resilience and security, helping provide effective recovery from ransomware and other significant cyberattacks.
It has never been easier to get started with encryption, and the advantages are many for keeping your business safe while remaining competitive. Institutional knowledge about encryption has improved dramatically and you can easily find tools to work encryption into your processes, and most vendors will support it off the shelf.
To learn more about industry standard terms in the data resilience ecosystem, review CrashPlan’s glossary.