It’s no secret that we at DataShield are large proponents of data security. Not only are data breaches incredibly expensive, but there are also laws regarding data security that need to be followed if businesses want to avoid large fines.
And while we are obviously advocates of shredding hard drives once it’s time to get rid of your computer, doing that only guarantees the safety of your data once it’s time for new hard drives. So what about all the time in between?
Enter data encryption: a highly recommended way to keep your data out of the wrong hands the entire time it’s on your computer.
What is encryption?
Encryption is a technique for transforming information on a computer in such a way that it becomes unreadable. So, even if someone is able to gain access to a computer with personal data on it, they likely won’t be able to do anything with the data unless they have complicated, expensive software or the original data key.
The basic function of encryption is essentially to translate normal text into ciphertext. Encryption can help ensure that data doesn’t get read by the wrong people, but can also ensure that data isn’t altered in transit, and verify the identity of the sender.
3 different encryption methods
There are three different basic encryption methods, each with their own advantages (list courtesy of Wisegeek):
Hashing creates a unique, fixed-length signature for a message or data set. Each “hash” is unique to a specific message, so minor changes to that message would be easy to track. Once data is encrypted using hashing, it cannot be reversed or deciphered. Hashing, then, though not technically an encryption method as such, is still useful for proving data hasn’t been tampered with.
- Symmetric methods
Symmetric encryption is also known as private-key cryptography, and is called so because the key used to encrypt and decrypt the message must remain secure, because anyone with access to it can decrypt the data. Using this method, a sender encrypts the data with one key, sends the data (the ciphertext) and then the receiver uses the key to decrypt the data.
- Asymmetric methods
Asymmetric encryption, or public-key cryptography, is different than the previous method because it uses two keys for encryption or decryption (it has the potential to be more secure as such). With this method, a public key is freely available to everyone and is used to encrypt messages, and a different, private key is used by the recipient to decrypt messages.
Any of these methods would likely prove sufficient for proper data security, and a quick Google search will reveal the multitude of software available for data encryption. Data encryption is a necessity (both for legal reasons and otherwise) when transmitting information like PHI, so no matter what method you choose, make sure you’re doing everything you can to protect data.
Don’t stop with encryption
Don’t just stop with encryption, though. DataShield offers compliance consulting to ensure that all of your business’ data and policies are up-to-spec for local and federal laws.
Contact us today for more information on how DataShield can help your data stay safe through its entire life cycle, from its conception to its destruction, when your computer is finally thrown out.