Encrypting Your Data
Home > 
Encrypting Your Data
< back

Encrypting Your Data

Encryption is a process for scrambling and transforming data from an easily readable and understandable format (such as Plain Text) into an unintelligible format that seems to be useless and not readily understandable (known as Cipher Text).

Encryption techniques are used to protect data and enforce confidentiality during transmission and storage. Encryption is also used for e-commerce, wireless network security and remote access to prevent spoofing and eavesdropping. Data, files, emails, even whole hard disks can be encrypted.

Many schemes exist for the encryption of files, such as using a program's own encryption feature, an external hardware device, secret key encryption and public key encryption. These encryption schemes often involve the use of mathematical algorithms that are often called cryptographic algorithms, and the use of keys that are codes generated by these algorithms.

The primary use of an application's (e.g. word processor) encryption scheme such as password-protection is to hide a file or a column from curious individuals; however, this type of encryption can be easily broken, and hence it is not recommended for protection of sensitive information.

An alternative is to use an external encryption hardware device such as an encryption modem or router, but they must be correctly configured before use. Do not rely on the default settings as they come from the manufacturer, as they are sometimes not secure.

Secret key encryption shares the use of a single key. Both the sender and recipient use the same key and an encryption algorithm for encoding and decoding. Exchanging of the keys is necessary between the sender and the recipient.

Public key encryption involves the use of two keys, one public key that is made known to the recipient and the public, and one private key that is kept secretly by the owner. Most often the sender will use the recipient's public key to encode the data or message while the recipient will use his/her own private key to decode the data or message. There is no need to share the same key.

If keys are used for encryption, the keys used for performing encryption (secret key) or decryption(private key) must be kept secure and should not be readily accessed by unauthorised users. The stronger the encryption, the harder it is for a hacker to decrypt the codes. In general, the more bits of the key length used for encryption the stronger it will be. This means that a 2048-bit key length is often recommended over a 1024-bit key length, if same encryption algorithm is used.

There are encryption tools in the market that are used for different purposes. These tools can be in the form of software or hardware. Some are suitable for encrypting documents for storage, while some are good for transmission across a network, such as encrypting emails. The configuration and setup of these tools requires technical knowledge. In some countries, the encryption software or hardware requires an export license or approval for use. The selection and use of encryption software or hardware must be considered carefully to avoid breaking foreign regulations.

The following should be considered when selecting encryption tools:

Purpose of encryption e.g. files, emails or storage media
Operational requirements
Handling of temporary files
Ease of deployment
Ease of use
Key management and recovery
Future access needs to the information by other staff or trading partners

If you consider employing data encryption, you should consult IT service providers and experts who possess the necessary knowledge.

The following links provide more information about encryption: