Originally posted in 2012 – updated in 2020
Encryption means “hidden.” Specifically, encryption is used to keep confidential information private by scrambling all of the ones and zeros to make them appear like gibberish unless you have the key used to perform the scrambling. This key (a special code) is kept private so that you are the only one that has it. With the key, your information looks just like you would expect it to look. Without the key, the data is worthless, it’s meaningless. There is a certain amount of technology behind the scenes where you often may not know the actual key used to perform the encryption, but this key is essential both to keep the data private and to allow you to access it.
Encryption at Rest versus Encryption in Transit
There are two major types of encryption:
- encryption at rest
- encryption in transit
Encryption at rest means that information is saved to a hard drive by a computer program that uses a key to scramble the data just before it actually writes the information. Some common examples of encryption are encrypted laptop hard drives and encrypted mobile phones. Laptops and mobile phones are very portable and easily stolen, so they are commonly encrypted to ensure that your data won’t be compromised if they are lost or stolen. A thief may steal the device, but they won’t have the key so it will be worthless. The most common type of laptop encryption uses Microsoft Bitlocker to perform this encryption and the unlocking happens automatically by using your password to log into the PC. Unless someone knows your password, they generally won’t get access to the information on the laptop, so make sure you are using a good password and never write it down on a sticky note that might get stolen along with the laptop.
Encryption in transit is data that is being transmitted, generally over the internet. When you log into your bank’s secure website to manage your account, you are using encryption to keep the information strictly between you and your bank. This is used to protect email being transmitted via Office 365 as well. There are many places where encryption in transit is required to keep your information safe.
How Do You Know Something Is Encrypted?
When you go to a secure website, you will generally see a lock in your browser to indicate that the website you are working with is encrypted. The web address will also technically start with “https” instead of just “http.” The ‘s’ is used to indicate that the site is secure. Most modern mobile phones will be encrypted by default so long as you supply a PIN. However, you will want to verify that by reviewing the phone settings. Many modern laptops have the native ability to be encrypted, but will generally not be encrypted by default. If you have sensitive information on that laptop, this can be very dangerous.
Managing technology and security involves many things. Checklists are helpful to ensure that you are doing all the things that you need to be doing. Ask your IT provider about encryption. If they are already talking with you about encryption that is a good sign that they are keeping up with the times and are being proactive. If they have not spoken with you about encryption that is a red flag that your IT provider might not be doing all that they should be doing to take care of your security. Ask about what you are doing with regards to encryption at as well as encryption in transit. If you want to be serious about security, set aside at least one meeting a year to review your security, review your checklist. What are your top threats? What are you doing to manage those threats? Encryption should be one of many things on the list of things that you review.