bank of computer servers
Fraud Protection

Should Your Business Encrypt Its Data?

If your company stores sensitive customer, personnel or organizational information digitally, then you may want to consider adding encryption to your data security arsenal. Find out how encryption can be used, what it can offer and whether it’s right for your business.
Anish Bhimani, Chief Information Officer, Commercial Banking
March 8, 2016

Encryption, once the stuff of spy novels, is fast becoming a staple of information security and commerce around the world. Until recently, only government entities and large corporations used encryption technology to protect sensitive information—but the proliferation of hackers and cybercriminals have made encryption a necessity for businesses of all sizes and across all industries. Many industry regulators also require certain data to be encrypted, both in storage and in transit.

While a multimillion-dollar company or municipality might use encryption to protect the details of a new product or large purchase, the average business owner can use it to protect anything from personnel information to the cardholder data collected at the point of sale.

What Is Encryption?

Encryption is the process of turning any text or data, known as “plaintext,” into a coded form, known as “ciphertext.” This is done through the use of mathematical algorithms, based on secrets, or “keys.” Only someone with the right keys, and the right tools, can decrypt the data.

Encryption itself isn’t new—it’s been used for thousands of years to protect things like trade secrets or to allow armies to maintain secrecy in the field. And while encryption is still used for those purposes, it can also play a vital role in the secure processing of financial transactions and the protection of company and consumer data.

What Can You Encrypt?

The short answer is: almost anything that’s stored digitally. But with so much data, how do you decide? Things like passwords, email messages and cloud databases can be safeguarded with encryption. But companies may not even think about protecting other sensitive information, like tax records, performance reviews, employee social security numbers and intellectual property.

What Should You Encrypt?

Whether you're thinking of your personal laptop or your company's network, the basic considerations are the same:

  1. Would you put this information into the shredder if it were on paper?
  2. Would there be negative ramifications for your business or its reputation if this information were leaked or stolen?
  3. Would there be negative ramifications for your customers if this information were leaked or stolen?

If the answer to any of those questions is “yes,” think seriously about encrypting it.

Does Encryption Address All of Your Security Issues?

Encryption is a very strong tool in a company’s security toolbox. However, it's only one part of a broader security program. If you're going to encrypt information, it's equally important (if not more so) to provide good controls over the keys used to encrypt that information. It doesn’t help to encrypt the data if everyone has access to the keys to read it.


Related Services

Fraud Protection


Weekly insights on the economic issues that matter most to your business.



Find out how we can help your business.

Contact Us


Copyright © 2018 JPMorgan Chase & Co. All rights reserved.