Saltar al contenido

Data encryption: why you should use your company’s encryption

Data encryption: why you should use your company's encryption

Encryption it may not seem like an attractive topic. Investing in an encryption framework does nothing for your results and implementation is associated with slow and intrusive processes that make employees and managers tremble. But using encryption can save you business from many problems.

Encryption, who needs it?

You can imagine that only organizations working on confidential projects need to worry about encrypting their data. However, while your employees may not carry top-secret plans, their systems may still contain data that requires protection.

According to him GDPR , companies must report any breaches of their system. If you have customer data stored on your computer, using encryption reduces the likelihood of a breach Yes , thus, it means that you are less likely to face a hefty fine .

encrypting_your_data _-_ laptop_harddrive

Aside from legal considerations, protecting customer data is just a good business sense. «We all have an expectation of privacy,» said Anthony Merry, data protection officer. Sophos . «We have all seen reports of high-quality data breaches in the newspapers. Customers know that if you have a data breach, their identity can be stolen as a result. You can increase customer satisfaction by making sure your data is protected. «

In addition to accidental loss, encryption can also be a valuable defense against hacker attacks. «We’ve seen a growing amount of malware trying to steal data,» Merry warned. «A data breach is not just data that leaves the organization, but data that appears in a form that an attacker can use. If a hacker enters your files, but only in an encrypted form, he can’t do any harm. «

Why do you need encryption?

By far the most important data security measure you can take is to apply full disk encryption to all mobile devices. «Suppose someone steals your encrypted laptop,» Merry explained. «If you don’t have your username and password, you simply can’t access the data on it. I can’t snatch it. I can’t even access the files if I remove the disc and try to mount it from another system. «

iphone_xs_front

File-level encryption also has a role to play. “We attach files to emails, copy data to USB sticks and send them; there are many ways to share data and, as end users, we do it instinctively, ”said Merry. «For example, suppose I copy a leaves from excel calculation from work on my USB stick so I can work on it at home. A USB stick is easy to lose: take the keys out of your pocket and the USB stick falls off. As for the law, if someone can take that USB stick and use the data on it, it is a data breach. It is the same type of situation if you store potential secret or proprietary information in Dropbox , because he doesn’t know who could access it «.

«Although your employees may not carry top-secret plans, their systems may still contain data that needs protection.»

Tablets and smartphones are also worth thinking about. «With the company’s devices, you can choose to manage all aspects of security, including the applications that users install,» Merry said. Or you can have a BYOD scenario. In this case, you can say, «It may be your device, but if you’re going to have company data, you need to protect it.» Devices, such as mobile phones, have built-in encryption that you can enable. «

Desktops and servers are less likely to get out of your pockets, but if you’re unlucky enough to be the victim of theft, you could be in for a data loss disaster. «Thefts happen in companies, even in big companies with big data centers,» Sian John warned. «And encryption is so easy to activate now that it’s worth doing.»

Encryption can also provide a secondary benefit when it comes time to remove old hardware. «When you go to recycle your computers at the end of their useful life, make sure you destroy the data on them,» John added. «If you use encryption, it’s easy to delete that drive so it can’t be recovered.»

Performance and management

Are data encryption and decryption without an impact on the processor, which means that your systems will consume more power and run slower? «The focus has been on accelerating encryption, so it has no impact on their systems,» John said. «From the user’s perspective, there is a registration process when you first unlock the system, but since then it’s perfect, you don’t even know it’s there.»

«Modern Intel processors have a set of instructions called AES-NI,» Merry added. «Basically, they speed up the hardware of the encryption in the processor.» Similarly, some storage devices include their own encryption processor, which handles encryption and decryption at the controller level. As a result, the operating system doesn’t have to do the job itself, it doesn’t even know that your data is encrypted.

Intel processors open to security exploit the vulnerability

«Companies that want to implement encryption should not buy new servers or hardware,» Merry concluded. «Encryption should not have a perceptible impact on system productivity or performance. It means we can keep our users productive while keeping our data safe. «

Avoiding traps

Encryption is not a technology that you can simply implement in your organization – you need to constantly apply it to make sure that data is not leaking. «Companies should have a data protection strategy,» Merry advised. Look at what employees do, how they use data, and how data flows naturally inside and outside an organization. Then come up with a plan and communicate it – individual employees need to know the company’s data protection strategy and what it means to them. «

And it’s important to plan ahead. As Sian John warned: “If you are implementing encryption in a corporate environment, consider additional decryption keys. A great deal of effort has been made to facilitate recovery if a user forgets their password or leaves the organization. You can have a master key to decrypt your computer after it is gone. You don’t want to set up a system where employees encrypt things you can’t return to. «