What There is perhaps no more basic security mechanism than data encryption. Encryption is used in so many useful security solutions that it has become a staple for ensuring that unauthorized access to data is not possible. From encrypting data that is sitting on a disk to encrypting the data that traverses over the wire from a network perspective, data must be secured using encryption mechanisms to ensure that it is safe during all stages of the process, both in-flight and at-rest.
Recently, it was discovered that Facebook had stored millions of passwords of its users in plain text, going back for years. Without password encryption enabled, It was learned that thousands of Facebook employees had unlimited access to the passwords of millions of its users.
It underscores the risks involved when storing any kind of sensitive information in plain view for others to see, even if these are employees. What exactly is data encryption? What is the importance of data encryption when it comes to data security? What types of data do organizations need to ensure are encrypted, even including what often missed types of data?
What is Data Encryption?
We often hear about encryption in a “bad light” when it comes to encryption being used as a means the attackers use to extort money from victims, a.k.a, Ransomware. However, when used for a good purpose, data encryption works for the good of businesses to protect their data. What exactly is data encryption and how does it secure your data?
Authorized users, systems, and processes possess a cipher key which is the cryptographic specialized key that is able to unlock the unreadable data and turn it back into the plain, readable data that is able to be consumed normally.
We can think of it as the key to your home. Only you and your family members are able to unlock the door to gain entry. Others, without the key, are prevented from entering.
Conceptually, in the same way, those that are unauthorized, whether it be users, systems, or other processes that do not possess the encryption key, are prevented from gaining access to the data. This is a huge benefit to data encryption as it helps to guarantee the safety and security of the data it is protecting. The importance of data encryption cannot be emphasized enough. Let’s see why.
What is the Importance of Data Encryption when it comes to data security?
While this has already been alluded to, let’s think about the importance of data encryption when it comes to data security. Among other things, data encryption helps to ensure that data is secure, regardless of whether or not it resides on sanctioned infrastructure. What does this mean?
An aspect of data security can certainly be ensuring the systems that contain the data themselves are secure and unauthorized users do not have access to these systems.
No security solution can guarantee that a system is impenetrable and unable to be compromised. This is where taking the extra step of encrypting data comes into play. Even though proper security control mechanisms are put in place on the actual sanctioned systems housing the data, additionally using data encryption ensures that even if the data leaves these sanctioned systems, it cannot be read.
One example would be a user who may have access to the storage location where sensitive data may be stored on a server. If the data is not encrypted, the user could potentially simply copy the data to a removable drive, take it to another location, mount the drive, and copy the data to another system for viewing.
However, if the data is encrypted properly, the user may still be able to copy the data from a sanctioned server over to a removable drive, but would only have unreadable data when attempting to view it.
This makes data encryption extremely important when it comes to the security of data in general. Data encryption needs to be considered from two different standpoints – data encryption at-rest, and data encryption in-flight. What is the difference?
Data encryption at-rest is the type of encryption we have already been referring to. This is where data is encrypted using a key so that it is unreadable when accessed on disk. However, data needs to be encrypted also in-flight as it traverses the network wire.
If data is only encrypted when it lands on the disk and not when it crosses over the network, an attacker could potentially sniff the network traffic and gain access to the data as it traverses the network. This could still lead to data compromise. Effective data encryption would mean ensuring that data is encrypted both at-rest and in-flight to cover the entire range of potential compromise.
When thinking about how important it is to encrypt data – it cannot be emphasized enough. Data encryption is a must.
It is crucial. It is imperative – period. Businesses who fail to implement proper encryption of their data are asking for data leak disaster and compromise of sensitive information. The damage to the business if a data leak event happens can be catastrophic to the point that a business can’t survive the economic, brand reputation, and customer confidence effects that may result.