Data encryption grows more sophisticated with each passing year, and still it seems as though it’s not fast enough to keep up with the increasing capabilities of cyber criminals. Add in the capacity for human error, and you start to get a better of idea of why data protection needs to be taken seriously*.
The first recognised worm (a type of computer virus) infected computers across the United States in 1988, exploiting weaknesses until it morphed into a highly damaging virus that led to repair bills in the millions of dollars. This was 30 years ago; so it’s not difficult to follow the timeline and see how technological developments, while essential, have also given rise to unprecedented challenges in keeping data safe from attack.
The Data Protection Act was first drafted in 1984, and the last sizeable revision was noted at the turn of the new millennium, so 2018’s GDPR was a much-needed update to a policy that struggled to address the growing concerns of both businesses and private citizens. While this policy has gone a long way to reassure people that they can expect a certain level of transparency when they share their data with a business, there isn’t always the guarantee that personal information will not be intercepted. All it takes is a lost flash drive or stolen laptop; and with more people than ever doing business on the move, it’s a very real risk that we face every day.
This is where data encryption makes its mark; in a world where the cost of data breaches rises year on year*. The concept is simple; data is translated into a secret code which can then only be accessed with a decryption key or password.
How does encryption work?
Used in conjunction with other security measures, encryption will secure clean data while still allowing it to be transferred to other parties. Once a file is encrypted, it becomes difficult for outside parties to break in and get access to sensitive personal and business information.
As a business owner, one of the most important things you can do to protect yourself from massive data breaches and financial losses is to invest in complete encryption of your devices and networks.
There are two types of encryption – software and hardware. Software encryption relies on a password; using the right one will grant access to the data. It is relatively cheap to implement, but it is only as secure as the device it is used on. Hardware encryption typically uses a separate processor that is dedicated to authentication and encryption – while it still uses a key for decryption, this is randomly generated. Hardware encryption is more expensive than software encryption; but with it comes more sophisticated protection and faster processing speeds. Increasingly devices are using biometrics – like mobile phones with fingerprint log on.
Origin carries two types of portable, encrypted device. Both use hardware encryption for maximum protection.
USB and external hard drives. Portable data storage devices are convenient to use, especially when you have to move data from one location to another (one office to another, one office to a client, from client to office, for example). Increasing emphasis on employee mobility requires the use of convenient devices that provide a secure environment. Origin Storage offers the best in class encrypted USB keys – DataLocker’s K300 and Origin’s SC100 are great examples – and also up to 6TB encrypted external hard drives – like Datalocker’s DL3 and the Aegis Padlock DT from Apricorn. Almost all of Origin’s encrypted devices can are compatible with SafeConsole central management; software (either cloud-based on local) that gives administrators an overview of all managed devices while enabling them to keep track of the encryption settings.
Complete hard drives. An SED is a self-encrypting hard drive with a circuit built into the disk drive controller chip that encrypts all data to the magnetic media and decrypts all the data from the media automatically. SEDs encrypt all the time from the factory onwards; performing like any other hard drive with the encryption being completely transparent or invisible to the user.
Protecting your data – quick tips
- Know exactly what sort of data you hold and why you are holding it.
- Make the time to regularly audit the content you have, both stationary and in transit to automatically identify sensitive material.
- For highly sensitive data use item-level encryption to ensure that only properly qualified users are able to read the content.
- AES 256-bit is the gold standard for data encryption.
- Keep the keys to yourself so that third parties must request data access through you instead of potentially working around you to access data.
- Enabling users to manually classify content as sensitive when it goes into a system ensures that security restrictions are set from the word go.
- Make sure all content has the same security restrictions, regardless of device.
If you’re looking to implement managed encryption as part of your data loss prevention strategy, you might be eligible for an evaluation from Origin. You can make a request here.
*This is a re-write of an article originally posted by Origin in 2015, with updated information and corrected item details.