Encryption, once the stuff of spy novels, is fast becoming a staple of information security and commerce around the world. Until recently, only government entities and large corporations used encryption technology to protect sensitive information—but the proliferation of hackers and cybercriminals have made encryption a necessity for businesses of all sizes and across all industries. Many industry regulators also require certain data to be encrypted, both in storage and in transit.
While a multimillion-dollar company or municipality might use encryption to protect the details of a new product or large purchase, the average business owner can use it to protect anything from personnel information to the cardholder data collected at the point of sale.
Encryption is the process of turning any text or data, known as “plaintext,” into a coded form, known as “ciphertext.” This is done through the use of mathematical algorithms, based on secrets, or “keys.” Only someone with the right keys, and the right tools, can decrypt the data.
Encryption itself isn’t new—it’s been used for thousands of years to protect things like trade secrets or to allow armies to maintain secrecy in the field. And while encryption is still used for those purposes, it can also play a vital role in the secure processing of financial transactions and the protection of company and consumer data.
The short answer is: almost anything that’s stored digitally. But with so much data, how do you decide? Things like passwords, email messages and cloud databases can be safeguarded with encryption. But companies may not even think about protecting other sensitive information, like tax records, performance reviews, employee social security numbers and intellectual property.
Whether you're thinking of your personal laptop or your company's network, the basic considerations are the same:
If the answer to any of those questions is “yes,” think seriously about encrypting it.
Encryption is a very strong tool in a company’s security toolbox. However, it's only one part of a broader security program. If you're going to encrypt information, it's equally important (if not more so) to provide good controls over the keys used to encrypt that information. It doesn’t help to encrypt the data if everyone has access to the keys to read it.
Weekly insights on the economic issues that matter most to your business.