What is encryption?
Encryption is the encoding of text documents, spreadsheets and other files into an unreadable format using an algorithim. This involves a mathematical procedure that transforms the original data into cipher text. To read an encrypted file, users need to have the key to the algorithim in order to transform the file back into its original form. Without the key, the files will forever remain unreadable.
Why do I need it?
There are many reasons for using encryption. It may be that your files are commercially sensitive and you want to protect them from prying eyes. Perhaps you have a number of employees using laptops or smartphones out on the road or from home, and the risk the devices could fall into the wrong hands is too great to take. You may also want to secure data held on portable hard drives, such as USB keys. The growing size of these drives means they can now be used to store vast quantities of data, making their loss a potential disaster for any firm.
Businesses may also have certain obligations under Data Protection legislation to keep personal data on customers and clients private. If this data were to become public through the loss of a laptop or through an unauthorised user gaining access to your data, it could open up the business to legal repercussions.
Which type should I use?
You may already be familiar with encryption technology without realising it. Financial transactions conducted when shopping or banking online generally use encryption to transfer data over the public internet network, through the use of a secure server.
Encryption technology has evolved over the years as it is constantly tested and bettered. Whereas 64-bit encryption would once have been considered the most secure, this has been superceded by 128-bit, and this likely to evolve further. The number - 64 or 128 - indicates the size of the key used to encrypt the message.
There are several options for encrypting your data:
1) Whole drive encryption
You can choose to encrypt your entire hard drive, including boot sector information, to ensure that prying eyes are kept out of every sector of your drives. BitLocker in certain versions of Windows Vista, for example, will encrypt boot sector data along with the entire drive. If you don't have Vista, DriveCrypt can also take care of full disk encryption. Made by Securstar, the Plus Pack version will encrypt your operating system; it costs EUR108 for up to five licences.
2) Individual file encryption
If you have Windows 2000 or Windows XP Professional, there is an encryption program included in the operating system called Encrypted File System. EFS will allow you to choose individual files to encrypt. However, it won't secure your operating system files.
3) Secure areas on hard drives
There are applications, such as Sunbowsoft Secure Storage, that allow you to create a secure volume or drive on your PC or laptop. To read the data on the drive or volume, it must be first "mounted", using a special decryption key or password protection. Once the key or password has been used, the data on the secure volume can be accessed and written as normal. To make the data unreadable by outsiders, the drive or volume is then "dismounted", rendering the data useless to anyone without the proper access codes.
Some PC makers are already including secure hard drive areas on their machines. Lenovo, for example, gives users the option of creating a secure area on the hard drive of its Thinkpad laptops that is encrypted and requires a password or, in some cases, biometric data through a fingerprint reader. Any files contained within the secure drive are inaccessible without the password or fingerprint being correctly entered.
There are also a number of open source applications out there that can encrypt your data easily and quickly. TrueCrypt, which works on both Linux and Windows, is one such application. You can use it to set up a virtual hard drive to read and create encrypted files. Once you download and install the application, all you have to do is choose the locations for your "TrueCrypt Volume" and storage of your encrypted files.
Although setting up encryption can be reasonably easy for those familiar with the technology, there are those who may not feel entirely comfortable with encoding files and drives. You can always call on the expertise of your IT provider for advice on the best solution for your business.
Useful links: