Though we may feel comfortable browsing the internet curled up on the couch in our pajamas or clicking through webpages at work, the web is not as secure or private as it may seem. In fact, there are plenty of criminals out there looking to steal our identities, including our financial information, when we least expect it.
Fortunately, encryption can provide an added layer of protection against hackers and crooks, and it’s quickly becoming a worldwide priority. As of February 2017, it is estimated that more than 50 percent of internet communication is encrypted, in part because Google prioritizes more secure domains with https in the URL in organic search results.1
Although it sounds complex, encryption isn’t as incomprehensible as some would have you believe, and you can start applying encryption tactics right now to protect your information.
What Is Encryption?
Encryption, a form of cryptography, is the process of jumbling data in order to make it inscrutable to outside viewers. It is meant to provide security to those sending sensitive or confidential information via the internet, such as credit card numbers, PINs or Social Security numbers. You have likely benefited from the protection encryption offers if you’ve ever banked, purchased something or applied for a job online.
What Are the Basics of Encryption?
You can think of encryption as a computer version of concealing information with a secret code. For example, when chatting with your friend as a child, you may have invented your own gibberish language to keep your conversations private. The language could only be understood because you both had a “key.” The key told you how to swap the nonsensical letters with the true letters, thereby spelling out the real message.
Of course, this is a simple example, and much less secure than real encryption. However, you can see how a secret message between two people could be hidden by replacing the real letters and words with jumbled letters and gibberish words, only to be decoded using the answer key.
The friend’s “true message” in this analogy is the equivalent of plaintext. Plaintext is what it sounds like: the plain, legible text that someone types into their computer, such as an easily readable Social Security number. Encryption turns this plaintext into ciphertext, a random looking “gibberish” that cannot be easily read by people hoping to steal your information. It does this by means of a cipher, an algorithm that converts the plaintext to ciphertext through mathematics. This cipher is akin to the rules you and your friend used to conceal your message. Finally, ciphertext is decrypted and made into plaintext again through use of a key, just like you and your friend used a key to decode your conversation. The longer the key is, the harder it will be for anyone to decipher the information through brute force.
How Does Encryption Work?
There are two basic types of encryption: symmetric key (or private key) encryption and asymmetric key (or public key) encryption. They are differentiated by which keys are used for encryption and decryption and who has access to the keys.
Symmetric key encryption is the older and faster of the two types. In simple terms, only one private key is needed to both encrypt and decrypt the information. Both parties have access to this one key so they can send secure information back and forth to each other. No one else can see the true information without the key. However, if a malevolent party gets their hands on this key (virtually, of course), they can effectively read the information as well as send new encrypted messages.
Asymmetric key encryption is slower but may be more secure and appropriate depending on the type of information sent. In this form, the two parties need a key pair, including both a private and a public key. The public key is truly public – anyone has access to it – and it serves to encrypt the message for the recipient. Once the recipient receives the encrypted information, they can only decrypt it using a private key.
In addition to the keys themselves, encryption is further secured by authentication. Authentication is the way both parties know that the other one is legitimate and has access to the appropriate key. On the server side, a user will know the server is authentic because of the certificate they have. On the user side, a server will confirm the user’s identity with digital signatures, passwords, fingerprint scans, etc.
How Do I Encrypt My Information?
Now that you know how encryption makes your information more secure, it’s time to put that knowledge to good use. Try making these simple changes to start protecting you or your business’s information today.
- Create a passcode or strengthen an existing one – Yes, passcodes are annoying and difficult to remember, but they are necessary for the most basic defense against information thieves. Choose a longer passphrase, as opposed to a single password, for the best protection. Be sure not to keep your passcode in a conspicuous area or share it with others.
- Embrace the existing encryption settings on your devices – Many phones and tablets already have encryption capabilities built in, or at least encryption settings that can be turned on or off. Make use of these settings for the best possible safety. You will find the most thorough instructions for how to encrypt your device from the manufacturer’s website.
- Start using an encryption tool to protect your computer – Why would you bother encrypting files when your computer is yours and yours alone? Simply put, you cannot control who tries to steal your computer or log in when you aren’t around. Encrypting either your files or your drive ensures your information is more secure. You can do this with any number of software tools, including VeraCrypt, AxCrypt and BitLocker.
Earn a Degree in Information Security from Washington Technology University
If you are fascinated by encryption and wish to build a career in information security, Washington Technology University can provide you the education you need to take that next step. Our program is designed for students who already have some undergraduate credits or an existing associate degree and wish to earn their Bachelor of Science in Information Security (BSISec) to bolster their career.
We understand many our students have full lives where they balance family and work with their education. That’s why we’ve opted for a block schedule that can accommodate a variety of lifestyles. We also offer a cohort model where students graduate as a class to unite them in their educational goals.
If you are interested in entering the lucrative information security field, call us at (425) 223-5812 or apply today!