17413 107 Ave NW #100, Edmonton, AB

Encryption Explained

Encryption

Encryption Explained

The science of encryption is the answer to the fundamental human need to masquerade and protect sensitive information from prying eyes. Although the technology has witnessed a drastic change over the ages, the concept behind encryption has remained unchanged. At its most basic, encryption involves substituting the original information with codes that can be deciphered only by authorized parties. From the first hieroglyphics of Ancient Egypt appearing almost 4000 years ago and the Scytale used by Spartan military in 700 BC, to Thomas Jefferson’s Jefferson wheel in 1797 or the Enigma machine popularized by the Nazis during the second world war, encryption has taken different forms over the centuries. However, one of the major breakthroughs that continue to inspire the modern-day science of encryption came in 1961 when MIT’s CTSS (Compatible Time-Sharing System) developed the first-ever username and password methodology of user authentication. Some of the more recent developments in the encryption technology include the introduction of AES (Advanced Encryption Standard) in 1997, the launch of reCAPTCHA in 2007 and the emergence of personal data lockers in 2012, all of which are used widely to this day.

 

What Distinguishes Encryption from Cryptography

To fully understand encryption, we must first define its parent category: cryptography. Although often confused with each other, encryption and cryptography are inherently different. Here is what sets the two apart:

Cryptography is:

  • The concept of securing sensitive information by converting it into a secure format for the purpose of transmission across insecure networks.
  • A field of study that concerns with creating codes through the application of the encryption and decryption techniques.
  • Finds widespread application in digital currencies, electronic commerce, chip-based card payments and military communications.

Encryption is:

  • Described as the primary application of cryptography and involves concealing confidential data in a way that renders it unintelligible for unauthorized users.
  • The process of encoding a piece of information by using an algorithm for encrypting and a secret key for decrypting it.
  • A critical aspect of modern data security and is used for securing digital signatures as well as the data stored on smartphones and other mobile devices. It is widely used for safeguarding confidential electronic data including emails, folders drive and files.

 

Types of Encryption You Should Know About:

There are two main ways in which data encryption is carried out today, namely shared secret encryption (symmetric cryptography) and public key encryption (asymmetric cryptography).

 

Shared Secret Encryption

As the name suggests, this form of encryption employs the use of a single secret key that is required to encode the data into unintelligible gibberish. The intended receiver can then use the same secret key (shared by the sender) to decrypt and decipher the data at their end. Since it uses a single private key, symmetric encryption is faster than asymmetric cryptography. However, since the secret key needs to be shared between the sender and the receiver, there are relatively high chances of hackers intercepting the key and gaining unauthorized access to the coded information.

 

Public Key Encryption

Asymmetric cryptography employs public-key encryption that splits the key into two smaller keys — one public and the other, private. While the public key is used to encrypt the message, the receiver must use their private key to decrypt it at their end.

The fact that there is no prior exchange of secret keys for decryption, makes public key encryption more secure as compared to shared secret encryption.

 

Cyberthreats and Security Risks to Data Protection & Privacy on the Rise

Did you know that the average cost of a data breach is $3.86 million globally? These costs can almost double when broken down by country, industry or business size, jumping to an average of $8.64 million in the United States or $7.13 million for the healthcare industry. As well, 80% of the data breaches included records containing customer PII (Personally Identifiable Information), and that the average cost of each compromised record was $150. You might be wondering how this impacts you? It means a single data breach could result in a significant hit to your company’s profits and could also result in your brand reputation being tarnished or irreparably damaged. Most businesses deal with loads of sensitive data every single day. Unless adequately secured, this confidential data can be exposed to the risk of being accessed by unauthorized users. Although no business is entirely immune to security breaches, implementing data encryption is your best bet when it comes to protecting your confidential information and safeguarding your reputation as well.

 

Backup Encryption is the Way to Go

With multi-national enterprises like Target, Yahoo and Equifax undergoing major data breaches in the not-so-distant past, you can never be too sure of the fact that your privacy is not at stake. Keeping that in mind, it is worthwhile to note that along with encrypting their original data, many users now are also opting for encryption of their data backups. Here’s some things to consider:

 

Pros of Encrypting Your Backups

  • Encrypting the backup data stored on a local hard drive can prevent unauthorized access in the event of a theft.
  • Most of the businesses today have moved to the cloud for storage of backup data. However, the data stored on the cloud may not be as secure as you might think. Encrypting your backup data stored on the cloud is a great strategy for strengthening your cybersecurity.
  • By encrypting your backups, you can enjoy peace of mind knowing that every last piece of data associated with your business is fully encrypted and secure.

 

Cons of Encrypting Your Backups

While data encryption is designed primarily to benefit the user and rarely has any drawbacks when implemented properly, one of the risks associated with encrypting your backup data is the loss of the decryption key. It goes without saying that you need to keep your decryption key secure (just like your other passwords) and handy for easy access to your data backups.

 

Implement Data Encryption Now to Ward Off Cyberattacks. Why?

 

1. It is the Last Line of Defense:

Cyberattacks such as phishing and social engineering that thrive on human error or negligence can be efficiently thwarted with the help of encryption. So, even if the attacker is able to reach within your network, it’s impossible to access the encrypted data without a decryption key.

2. It Protects Your Data on the Go:

With the popularity of remote work, data stored on portable devices such as tablets, USB flash drives, laptops and smartphones becomes especially vulnerable to cyberattacks as soon as the device leaves the office network. Encrypting this data is the safest way to ensure that even if your device gets stolen, the data will remain unintelligible and unreadable without a decryption key.

3. It Helps You Stay Compliant:

In a world where you need to stay compliant with laws and regulations to steer clear of hefty penalties, implementing data encryption is a great option to not only protect your critical data from cyberthreats, but also to abide by the applicable compliance standards. For instance, the European Union’s General Data Protection Regulation (GDPR) recommends the use of encryption as an effective tool against breaches.

 

Sources:

 

 

Read more about our other projects and applications here!

Like what you see? Follow us on Twitter, or subscribe to our newsletter.

Framewerx Projects
Shopwerx in Acheson, AB
Real-time usage in the field

Our client-facing steel progression web application: Shopwerx, used by one of our client’s workers. 

Client Testimonials
Steve Brittain
Steve Brittain
Municipal Manager, Select Engineering Consultants
Read More
Dan and his team have been able to meet all Select Engineering challenges with minimal disruption to the business; from fast access to corporate resources thanks to our DaaS solution, to collaborating with internal and external parties utilizing our manager VoIP phone system or accessing SaaS solutions using the fully integrated security solutions.
 Daniel Elliot
Daniel Elliot
Operations Lead, Omni-McCann Geoscience
Read More
Framewerx rescued my company from obsolete digital file management and brought us into the 21st century with cloud services in an efficient manner. Kalyn and his team at Framewerx were able to provide solutions for merging two corporate entities with vastly different digital file management and email servers in a seamless manner while providing top quality support during and after the transition to all employees. They provided training so that everyone understood new operating protocols and software changes. Framewerx has been very responsive and has always been keen to work with us to understand our business, IT needs, and financial restrictions. We continue to work with Framewerx for all of our IT, phone system, and data storage needs.
 Karim Mouait
Karim Mouait
Vice President, Cornerstone Insurance Brokers Ltd
Read More
We used Framewerx to transition our traditional office to a virtual one. This included VOIP, call recording, video conferencing, VPN, remote working from home accommodations etc. Dan and his team did a fantastic job. They are extremely responsive and client service oriented.
 Kimberly Maber
Kimberly MaberManaging Partner, Brunsdon Lawrek & Associates
Read More
I have worked with Kalyn and his team for many years. He has readily handled all of our IT needs, from designing our IT strategy to our day to day computing requirements and support. Kalyn takes the time to listen to and understand our needs, delivering cost-effective and innovative IT solutions for our small business. I highly recommend working with Kalyn at Framewerx.
Services we provide

Inventory Management

Inventory Count Tool

Enhance inventory auditing and future reconciliation efforts with a versatile mobile and web-based application.

Fabrication & Progression Management

Shopwerx

Efficiently oversee and optimize the fabrication process of steel components, meticulously tracking and managing the progression of fabrication tasks from staging, prep assembly, welding, QAQC, all the way to shipping.