We live in an age where the value of information has become as important as money and power. Every day, literally millions of important information are transmitted back and forth through the information highway that is the internet. Not to mention seemingly unimportant personal information that we share about ourselves with our friends in social media.

People have become so accustomed to sharing data online, and don’t even bat an eyelash when they have to enter sensitive information like bank account numbers, or credit card numbers. What is the secret to this trust? The answer lies in data encryption. But what is it? And how does it help keep data safe?

Business data encryption

Encryption 101

Fans of the American Novelist Dan Brown in his Novel Angel and Demons might already be familiar with encryption when Professor Robert Langdon had to decipher several seemingly normal words using a cipher ( or a code breaker) so that he can stop the Illuminati from destroying the Catholic Church.

The ancient Greeks used a scytale, one of the earliest form of cryptography. This involves a cylinder with a strip of parchment containing a written message wrapped around it. To ‘encrypt’ a message, the sender just has to write across the leather parchment. To decrypt it, all that one must do is wrap the leather strip around the rod, and read across to find out the message.

That’s what encryption is in a nutshell – shuffling the message which can only be unshuffled by someone who possesses the code breaker.

Of course, nowadays, modern-day encryption and decryption methods are so much more complicated than the ones that were used during ancient times. Nowadays, superior computing power shuffles the messages which need a lot of computing muscle to decode. What was once known as ciphers in ancient times are now called algorithms. Algorithms are guides for encryption, and a decryption key is needed to interpret the message.

HTTPS
photo credit: Christiaan Colen / Flickr

Security Online: HTTPS and SSL

Chances are, you’ve come across SSL and HTTPS, but you just haven’t noticed it. The next time that you are on your bank’s page or when you are on the checkout page of any website, notice that an S would be added at the end of the usual HTTP:// (name of the website). The S stands for secure.

Let’s very quickly just go thru how this works. An HTTPS page utilizes either SSL (Secure Sockets Layer) or TLS ( Transport Layer Security), both of which uses an asymmetric PKI (Public Key Infrastructure) System. This kind of system uses two ‘keys’ that are known as a ‘public key’ and a ‘private key’. The public key is distributed to all users, and the private key is in the case of a website is forever hidden and protected inside the web server. Data that has been encrypted by the public key needs a private key to unlock it.

A website running an HTTPS connection will first send its SSL certificate to the browser that you are using because the public key needed to initiate the secure connection is contained in the SSL. When everything is ok, the website will start the SSL handshake. This “handshake” will start the exchange of shared secrets that are required to create a unique connection between your connection and the website. You know that the whole thing is a success when you see a padlock icon in the address bar.

Encryption algorithm types

Types of Encryption Algorithms

There are a few famous encryption algorithms that are used all throughout big industries to protect valuable information from prying eyes. Let’s go thru some of the most popular ones.

Triple Des

This type of data of encryption utilizes three single keys that are composed of of56 bits each. DES encrypts the 56-bit keys three rounds making it a 168-bit key. However, data is easier to hack because DES the data is encrypted in shorter and blocks, and encrypting it three times makes it slower. Triple DES was designed to replace the original DES.

RSA

RSA is known as public key encryption and is the encryption used to secure data that goes over the internet. It uses an asymmetric algorithm meaning it needs a public key to encode the message and private key to decode it. RSA are the initials of the last name of its three creators- Rivest, Shamir, and Adelman.

Twofish

Twofish like its previous incarnation Blowfish is an unpatented and open source encryption meaning. It uses a symmetric cipher in 3 keys – 128-bit, 192-bit, and 156-bit. This type of encryption encodes data in groups of 128 bits in rounds of 16. This is applied no matter how big the size of the Key. Twofish was created by Bruce Schneier.

AES

AES or the Advanced Encryption Standard is asymmetric encryption and is considered to be the safest of all the encryption algorithms. This type of encryption is so secure that even the United States Government uses it to secure its confidential information.

The AES is a block cipher that uses three keys depending on how secure the user wants the encryption to be: 128-bit and 192-bit for most of the encryption and 156-bit for the super secure encryption.

Cloud security

What Encryption Means for Your Business

It’s great to know what encryption is, but what does it mean for your business? For one thing, no matter how big or small your business is, encrypting your data provide security for your data at all times. This can protect your important data especially when it’s being moved from one area to another – for example transferring files in a USB drive, or an external hard drive etc. Encryption also protects files being uploaded in the cloud, especially if you are using cloud based software programs like small business construction project management software, or any other SaaS based software.

Remember, it’s better to be safe than be sorry.

Encrypting data also helps maintain data integrity. Unscrupulous individuals can also alter data so that they can create fraud. With encryption, hackers might be able to change data that is encoded but the receiver of that information will be able to see the information has been corrupted.

There are many other ways that encryption can benefit your company, but it all boils down to one thing: security. Security for your data, for your personal information, and for your company as well. And while the chances of your company being attacked by a hacker might be slim, it can still happen. Encryption is one way of protecting yourself and your company. Remember that an ounce of prevention is worth a pound of cure.