Cybersecurity is a hot topic these days, with ransomware around every corner and data breaches and hacks on the news daily. We also hear a lot about data encryption, and although it’s a common phrase, not everyone really understands what it means.
Data encryption is a form of data security. The encryption process changes information from a readable format into an unreadable format that can only be read after decryption. The device or process that encrypts the data encodes it in a way that allows another device or process on the other endpoint to decrypt it if it passes certain security protocols. In most cases, this might be a password or encryption key.
Data encryption is used in many scenarios in cybersecurity to protect private and sensitive data. For example, your iPhone includes encryption, so as soon as your phone goes to sleep, all the data is encrypted until you properly enter the passcode or use a biometric like your fingerprint or face scan to access it again. That way, no one can use your iPhone and access your data without your permission.
Another good example is when you log onto your mobile banking app or website and initiate a bank transfer. The data for that transfer is encrypted with end-to-end encryption so that no one can steal your bank account information or the funds along the way. Financial institutions use a variety of data encryption solutions for authentication and data protection.
Email systems are often encrypted so that you can safely send private information without worrying about a skilled hacker stealing the data while it is in transit. Encryption protects your personal data like social security numbers and credit card details, basically from identity theft.
Data encryption makes it very difficult for hackers and cybercriminals to use or access the information. Another function of data encryption is it allows the recipient to validate that the data came from a secure point of origin using encryption algorithms. Many people use the military data encryption standard (AES - advanced encryption standard), which is currently the strongest form of encryption. The U.S. government uses AES as its disk encryption process.
Many different algorithms are used for data encryption, and outdated modes are often updated to secure information better. Data encryption may be performed on a device (storage device, cloud service, hard drive, computer, tablet, IoT device, phone, etc.) or a process like cloud computing or email to secure data and protect sensitive information.
Data encryption works by running data through a mathematical algorithm that renders it unreadable (it may look like gibberish to the untrained eye). The result is called ciphertext. The software or process used to encode the data includes a decryption key. That key must be used on the other end to decode it properly; without it, the information is locked in an encrypted state forever. Encryption software controls the different keys and manages the cryptography and scrambles the plaintext data, and then unscrambles it.
There are two types of encryption used in the world today. McAfee describes the encryption methods as:
1. Symmetric Encryption: With symmetric key algorithms, the same key is used to both encrypt and decrypt the data. This allows fast and efficient encryption and simpler key management, but it is critical that the single key only be available to authorized users since that single key allows someone to access the data as well as to modify and re-encrypt the data without detection.
2. Asymmetric Encryption: Asymmetric key algorithms use two mathematically related keys, a public key and a private key. The public key is used to encrypt the data, while a corresponding but the separate private key is required to decrypt the data. One benefit of asymmetric encryption is that a more widely known public key can be used to encrypt data, but only those with a private key can decrypt and access the data.
Hackers often use a technique called brute-force attacks, where they try thousands of random keys to decode data. Sometimes they get lucky, but most often, the data remains encrypted and unreadable to hackers—the key size matters. Larger keys are much harder to break. Key length matters.
Another way criminals try to decrypt data is through cryptography, where they look for vulnerabilities in the cipher. If the cryptographic software or functionality is subpar, these threat actors may succeed in breaking down the code. Usually, though, encryption prevents unauthorized access.
Data encryption has become very prevalent in our lives, but you may not even be aware of it. Some things to look for to ensure that your data is encrypted are: