What is data encryption?
Data encryption is the process of translating data from one form into another form so that only people with the proper password, or decryption key, can access it.
Data Encryption Dictionary
Cipher (verb): the act of encoding something into secret language.
Decipher (verb): the act of converting a code into normal language.
Algorithm (noun): a set of rules to be followed in calculations or problem-solving operations, especially by a computer.
Key (noun): a secret, like a password, that is used to encrypt or decrypt information (in the context of data security).
Types of Data Encryption
The simplest form of data encryption is symmetrical, which involves the use of one single secret key to cipher and decipher. Symmetric encryption is the oldest and most well-known within the security industry: it uses a secret key (a number, word or alphanumeric string) and is blended with the plain text of a message to encode the content. It is essential that both the sender and the recipient know the key that was used to encrypt. While it is convenient that all parties use the same key, the fact that it must be exchanged is often considered symmetrical encryption’s biggest disadvantage.
Common examples of symmetrical encryption include:
A relatively new form of data encryption, asymmetrical encryption (also known as public key cryptography) uses two different keys to encrypt plain text. One public key is made freely available to anyone who may want to send a message to a person (or organization) and one private key is only known by that person receiving the message. So, any message that is encrypted using a public key can be decrypted using a private key and any message encrypted with a private key can be decrypted with a public key.
An important item to note is that anyone with the secret key may use it to decrypt messages generated using the public key, which is precisely why two related keys are used. This method of encryption is much more effective for information that is transmitted during communication and is often used in day-to-day communications made over the public Internet.
Common examples of asymmetrical encryption algorithms include:
- Elliptic curve techniques
Why is data encryption important for enterprises?
Modern enterprises handle large amounts of sensitive and private information on a daily basis, and as workers move outside the corporate firewall it is critical that data traveling across public and private networks is secure. Encryption solutions are valuable for enterprises because they can protect devices, email and data itself, while providing IT teams with control and monitoring capabilities.
Consider the challenge of protecting data and preventing data loss as employees use external devices, removable media and web applications across unsecure networks and the corporate cloud. With this possibility of sensitive data being outside the company’s scope of control there is an increasing possibility for data theft and mobile malware.
Additionally, email encryption is another critical component of a data loss prevention strategy. Not only is encrypted email required in some industries for regulatory compliance, it may also the only viable solution for remote workforces, BYOD programs and outsourced projects.
Spending time arguing about ‘encryption is bad and we ought to do away with it’ – that is a waste of time. Encryption is foundational to the future.
Admiral Michael S. Rogers
Commander, US Cyber Command & Director, National Security Agency
Data Encryption Best Practices
1) Identify Sensitive Data
Take inventory of where sensitive data is located in every department and in every layer of the corporate data stack. Start with the on-premise data center and move offsite to examine external servers and cloud storage facilities.
2) Implement Scalable Encryption
Make sure that the encryption solution you select is capable of being scaled (quickly and efficiently) across the entire data infrastructure.
3) Don’t Forget about Encrypting Networks
Traffic that flows across networks and between data centers should also be encrypted. Implementing a secure mobile VPN, like NetMotion Mobility®, provides reliable remote access for workers regardless of their physical location.
4) Manage Encryption Keys
Manage and store encryption keys centrally, but in a separate location as the actual data the keys encrypt. Isolated and disconnected key management ensures provides additional security from theft and misuse.