How encryption can protect sensitive data

1 August 2020 Editor's Choice

You probably store all kinds of sensitive information on your personal computer or your smartphone. For good measure, you may even store your data in the cloud. And like the responsible netizen that you are, you’ve probably secured access to your devices with a passphrase, a biometric lock or even a combination of both.

That’s all well and good, but what if you lose your device or it is stolen? That’s where encryption comes in, adding an extra safeguard. To be sure, encryption isn’t just limited to storing your data; you can also encrypt your communications and your web traffic, as well as your passwords. All of these can be considered best practices to secure your private data, and we’ll walk you through some of the choices you have.

Disk encryption

Most computers still have removable hard disks that aren’t soldered onto the motherboard; alternatively, as extra storage, people use external disks. That’s why having full-disk encryption is a great extra security layer; if you misplace your disk or it is stolen, then no one can access any of the information on it. The disk is fully encrypted, including all your data, your software and the operating system you’re running. Unless you can enter the key at boot-up, your whole computer essentially becomes quite an expensive paperweight. There are several commercial options with advanced features, open source projects and built-in options in most major operating systems.

When it comes to smartphones and tablets, the equivalent functionality to look for is device encryption, which is built in, and commonly enabled by default, on contemporary devices. There are many easily found online guides that explain checking for and, if necessary, enabling device encryption for Android or iOS devices.

Cloud encryption

Most of us use cloud storage for its ease of access; you can do it from anywhere at any time so long as you have an Internet connection. Unfortunately, that accessibility introduces its own set of challenges. Over the years, cloud storage services have experienced security breaches, either due to human error or targeted attack by ne’er-do-wells. Therefore, encrypting your files before uploading them to the cloud should be a no-brainer.

Even if there is a breach or the cloud provider’s system is compromised, the data bad actors may obtain will be useless to them without the decryption key. You can choose from a variety of products based on your needs and the offered encryption features. Look at those that offer AES encryption at the very least. There are a number of free and commercial options, all with various limitations and a range of price options among the paid-for products and services.

Encrypt your web traffic

One of the easiest ways you start with is by setting up a Virtual Private Network (VPN), which works as an encrypted tunnel for Internet traffic. Let’s say you’re working from a coffee shop and you are going to share some sensitive data with a client; a VPN will allow you to share that data over an encrypted network without anyone intercepting it. Another example is that you can securely access data stored on your home network even if you are physically on the other side of the globe.

Another way to protect your privacy involves using an anonymity network, such as Tor (https://www.torproject.org/). The Tor network directs your traffic through a volunteer overlay network of relays and wraps it in multiple layers of encryption. The idea is, of course, to protect your identity and your browsing habits from anyone snooping around.

Another thing you should also always watch out for is that the website you’re accessing uses the HTTPS protocol. The S stands for secure and means that all the communication taking place between the visitor (you) and the web server is encrypted. Most of the world’s top websites now use HTTPS by default.

Encrypt your messages

When it comes to messaging apps, you have a variety to choose from and while the most popular do offer end-to-end encryption, not all of them have it turned on by default. For example, to turn on end-to-end encryption in Facebook Messenger you have to start a secret conversation by clicking on the profile picture of the user and choosing “Go to secret conversation”; only after that do your messages with that specific recipient become encrypted.

WhatsApp, for one, has the option turned on by default; so does Telegram, but it also provides an extra layer of security with its Secret Chat feature, which allows you to set self-destruct on the messages and files you send.

Signal remains one of the most highly rated options by cryptographers, due to its open-source code allowing extensive examination and easy auditing by area specialists. You can also encrypt your email communications as well, with the sender needing your public key to encrypt a message, so that only you can decrypt and read it using your private key, and you needing their public key so they can decrypt encrypted messages you send to them. Again, there are several options, with the most common being PGP or GPG, and S/MIME. There are several plug-ins for, or built-in options in, popular email apps.

Also worth considering is using a secure email platform, such as ProtonMail and others, that provides end-to-end email encryption. Some are ‘closed shop’ in that you can only send encrypted emails to others using the service, and ‘ordinary’ emails to those with other providers, while some provide mechanisms to exchange encrypted messages regardless of the email service of your interlocutors.

Encrypt your passwords

Password managers are a popular choice for people who don’t want to (or can’t) memorise all their passwords while refraining from recycling them. A password manager functions as a vault that stores all of your passwords: it is secured like a bank vault is, but in this case, it uses fiendish mathematics instead of steel-reinforced concrete.

Most of the cloud-based services keep a copy of your vault on their servers protected with heavy-duty encryption, and, for an extra layer of security, allow their users to use multi-factor authentication (MFA). It is a much more secure way to store your passwords than on sticky notes or docs in your computer or even using a one-password-fits-all solution.

Final thoughts

Although at first glance you may think that the number of things you can do to secure your digital existence is a bit overwhelming, you should never underestimate the value of good cybersecurity measures securing your digital existence. As the old saying goes, an ounce of prevention is worth a pound of cure, and in the digital world that goes double. A responsible approach to securing your data today can save you from a huge migraine in the future.

For more information contact ESET-SA, +27 21 659 2000, info@eset.co.za, www.eset.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The year resilience paid off
Issue 8 2020, ContinuitySA , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions spoke to Michael Davies about business continuity and resilience in a year when everything was put to the test.

Read more...
Retail solutions beyond security
Issue 8 2020, Axis Communications SA, Technews Publishing, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring
The need for security technology to deliver more than videos of people falling or stealing from retail stores is greater than ever.

Read more...
Impossible is only an opinion
Issue 8 2020, IRIS - AI , Editor's Choice
Gerhard Furter has carved a niche for himself in the world of artificial intelligence, machine learning and decision systems by doing what others write off as impossible.

Read more...
Wearable access technology
Issue 8 2020, HID Global , Editor's Choice
HID Global enables employees to open doors and authenticate to systems, hands-free, using Nymi workplace wearables.

Read more...
Implementing low dosage full body X-ray systems
Issue 8 2020, Leaderware , Editor's Choice
Low dosage full body X-rays provide a unique and effective means to protect companies and countries from theft and other illegal activities.

Read more...
Security & Safety Things announces Ecosystem Conference 2020
Issue 8 2020 , Editor's Choice
Virtual event will offer perspectives on market shifts and how end users can leverage capabilities of AI, machine learning and open platforms with security cameras.

Read more...
Taking a hands-on approach to community security
Issue 7 2020 , Editor's Choice
Taking a more hands-on approach to community security is definitely paying dividends for Gallo Manor residents.

Read more...
Adaptors can be a danger to the South African consumer
Issue 7 2020 , Editor's Choice
The increased use of devices and appliances has resulted in the increased use of adaptors as well as adaptors-on-adaptors in South Africa.

Read more...
Five tips to enhance resilience
Issue 8 2020, ContinuitySA , Editor's Choice
Amidst global economic pressures, many organisations do not have the funds, resources and time available to develop and implement comprehensive programmes to enhance resilience.

Read more...
The future of open standards
CCTV Handbook 2020, Milestone Systems, Technews Publishing, Avigilon , Editor's Choice
Despite the many benefits of open standards, some companies still produce proprietary solutions. Are the surveillance and broader security markets still committed to open standards?

Read more...