The Short Story on Encryption

Posted by on May 1, 2017

Up until now, companies have relied on such security methods as firewalls, strong passwords, two-factor authentication and anti-malware to block hackers. However, at Hungate Business Services, we feel application of encryption may be the only true way to protect important or proprietary data from hackers.

Encryption is the process of taking a file and scrambling the contents to such a degree that it’s literally unreadable. Only users who have been given a secret key or password for unlocking the file can decrypt it.

One form of encryption commonly seen on the internet is https, which stands for Hyper Text Transfer Protocol Secure. Any web address appearing in your browser beginning with https (instead of just http) indicates that encrypted information is being sent and received. Some web browsers – such as Internet Explorer, Firefox and Chrome – also display a padlock icon in the address bar to indicate an https connection is in effect.

Unfortunately, the website Yahoo.com failed to address this issue adequately, resulting in major data breaches. One event occurring back in 2013 was recently (December 2016) determined to have affected one billion Yahoo accounts – making it the largest data breach in history.

What’s Encryption, and Who Should Make the Investment?

All encryptions are based on mathematical algorithms, and the strength of their protection is based on the number of “bit blocks” they contain. For example, AES (Advanced Encryption Standard), which is the method used by U.S. government organizations, encrypts and decrypts data in 128-bit blocks, using 128-, 192- or 256-bit keys.

Other common encryption types include Triple DES (Data Encryption Standard), RSA (a public-key encryption algorithm), Blowfish and Twofish.

At Hungate, we believe any business or organization that handles private, confidential or sensitive information should invest in encryption software as part of general cyber protection. In particular, any type of financial office, educational institution or law office has a strict obligation to protect all confidential and privileged client data. In addition, healthcare entities are required to do so by virtue of federal and state HIPAA statutes. In 2013, the Department of Health and Human Services modified federal HIPAA rules to say that use of encryption systems was a reasonable and appropriate method for managing risks related to protecting patient health information.

In addition to these, any business that wishes to protect proprietary information, company-developed technology or research and development efforts should consider using encryption protection.

To get help determining if your business or organization’s data should be encrypted, call 276-243-4026 or email our help desk at [email protected]. We will work with you to establish best practices in this area of network computing.