Encryption and its role in data security

Encryption and its role in data security

Data security is arguably one of the most important parts of running a business, especially when personally identifiable or confidential information is being shared across your network. Today, it’s nearly impossible to do business of any kind without personal data ending up in a networked computer system, which is why it’s important to know how to help keep that data safe. As a result, encryption is becoming less of an added option and more of a must-have element in any security strategy, for its ability to slow down and deter hackers from stealing sensitive information.

Encryption, based on the ancient art of cryptography, uses computers and algorithms to turn plain text into an unreadable, jumbled code or ciphertext. To decrypt that ciphertext into plain text, you need an encryption key; a series of bits that decode the text. The key is something only you and the intended recipient have in their possession.

Why is encryption vital for all organisations?

Leaving data unencrypted on your network is an open invitation to cybercriminals, and one that could potentially bankrupt your business. But hackers can’t profit from data they can’t read. As a result, more organisations and individuals are using encryption to protect sensitive data stored on computers, servers and mobile devices like phones or tablets.

While the primary purpose of encryption is to protect the confidentiality of digital data stored on computer systems or transmitted via the internet or any other computer network, when implemented properly, it can also:

  1. Improve security
    While IT security seeks to protect our physical assets – networked computers, databases, servers, etc – encryption protects the data that lives on and between those assets. It’s one of the most powerful ways to keep your data safe from the constant threat of cyber attacks, and while it isn’t impenetrable, it’s a major deterrent to hackers. Even if data does end up getting stolen, it will be unreadable and nearly useless if it’s encrypted. And while data is most vulnerable when it is being moved from one location to another, encryption works during data transport or at rest, making it an ideal solution no matter where data is stored or how it is used.
  2. Maintain integrity
    Hackers don’t just steal information, they can also benefit from altering data to commit fraud. While it is possible for skilled individuals to alter encrypted data, recipients of the data will be able to detect the corruption, which allows for a quick response to the cyber attack.
  3. Help compliance
    Storage encryption is a requirement of many laws and regulations in the UK that seek to enforce data privacy and security. For example, a key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ and – where appropriate – look to use methods such as pseudonymisation (the practice of replacing identifying data with artificial values) and encryption. It’s therefore important that an organisation’s IT, security and legal teams work together to define what data their business needs to store, where it needs to be stored and the level of encryption that’s going to be used.
  4. Protect data across devices
    Mobiles and devices such as laptops, iPads and home computers are a big part of our lives and transferring data from device to device is a risky proposition. Encryption technology can help protect stored data across all devices, even during transfer.
  5. Protect privacy and increase customer trust
    When you work with services that require sensitive information, don’t you expect that your information will remain secure? Just as it makes sense for a service like PayPal or Amazon to keep your payment credentials encrypted and secure from hacking attacks, your own clients expect the same for their data. Encryption can be used to protect sensitive data, including personal information for individuals, helping to ensure anonymity and privacy, and increasing customer trust.

But while encryption is the most effective form of data security, on the whole it is still woefully underutilised. One reason for this may be that demand for computer science skills far outstrips the supply of qualified graduates.

The University of York’s MSc Computer Science with Cyber Security online Masters programme is designed to advance computational thinking; software development skills and develop a broad-based knowledge of computer science to equip working professionals and graduates for a range of positions in software and web development, IT systems, support and programming. The 100% online programme allows you to study around your existing work and home commitments, at different times and locations, and has six start dates a year. There is a pay-per-module option available, and students may be eligible for a government backed postgraduate loans which cover the cost of the course.

Find out more and begin your application.