The last time we addressed encryption, it was to explain why it’s so important for small businesses to include it in their arsenal of security tools. We talked about the rise of malware attacks, the need to protect your data with more than just passwords, the growth of threats to data in the cloud, and the risk that a data breach can pose to your business reputation. Now it’s time to get down to the nitty-gritty of how exactly encryption keeps your data safe, and where specifically it’s advisable to apply it in your business.
First things first: How encryption works
Encryption in the digital world works in essentially the same way that cryptography does in the analog world – by scrambling information so it’s incomprehensible unless you have a key to decode it. Back in the pre-digital World War II era, scrambling classified content was a manual effort; today, we use algorithms to accomplish essentially the same goal.
Once data is encrypted, you need an encryption key to decrypt it. That way, even if hackers manage to gain access to your data, they won’t be able to read what they find because they won’t have the key. It’s possible to use a software program to guess the encryption key, but that takes time that most hackers don’t want to spend. (We’re talking months, not hours.) The more sophisticated the encryption algorithm, the longer it will take to crack the code.
So, that’s how encryption works in a nutshell. The following are the three areas where your business will likely benefit from it most.
1. Email: Keep sensitive information secure
The average office worker gets more than 100 emails a day, many of which contain sensitive business information. A strong, well-enforced password policy will go a long way toward keeping email content out of the wrong hands, but if hackers do somehow gain access, encryption will keep them from being able to do anything with the data.
For full email security, it’s important to encrypt not only your messages, but also your connection. Microsoft Outlook offers built-in encryption capabilities, and there’s also third-party email encryption software available that works with Outlook, Gmail, and other email types. As for securing the connection between your email provider and end-user devices, you can have your IT team set up SSL or TLS encryption – the same protection mobile banking apps and online retail stores rely on to keep customer transactions secure.
And what about the files you send out as email attachments? They can be encrypted, too, using resources such as built-in Microsoft Office tools for Word, Excel, and PowerPoint documents, or native Adobe encryption for PDFs. These methods all require the recipient to use a password to decrypt the files.
2. Computer: Lockdown your hard drive
Password-protected PCs and Macs are fine for keeping people from accessing a computer’s hard drive (and all the data on it), but what if someone steals the whole computer, pulls the drive out, and plugs it into another computer that’s not password-protected? That possibility makes a good argument for encrypting the whole hard drive.
Both of the most widely used operating systems out there today – Microsoft Windows and Apple OS X – include system-level data encryption for this purpose. The Windows encryption feature is called BitLocker, while Apple’s is FileVault. Your IT team can install these solutions to prevent someone who finds a way to access your hard drive from being able to read the data that’s on there.
3. Internet and cloud: Encrypt your data everywhere
Encrypting your hard drive will work against attackers who have physical access to computers in your organization, but it won’t help with attacks on internet traffic going to and from your business, nor will it prevent attacks on data that you’ve stored in the cloud. If you’re running a small business with mostly remote workers, data vulnerability over the Internet or in the cloud can present a serious security risk. But don’t worry – encryption solutions work in those environments, too.
Internet traffic is typically encrypted by setting up a virtual private network, or VPN, for your business. There are a number of different ways to do this, but the common denominator among all VPNs is that the data moving through them is encrypted. Meanwhile, in the cloud, major application providers use encryption to protect your data in transit or while it’s on their servers. You can go even further and add a second layer of encryption using a third-party encryption solution.
At MyITpros, we’re here to help you find the best way to make encryption part of your data security plan. If you’d like strategic guidance in this area, are ready to add encryption capabilities, or just want to get a better understanding of encryption and its benefits, please contact us.