A Practical Guide to Data Encryption

A Practical Guide to Data Encryption

Written by Scott Hall on . Posted in Computer Security

There are few organizations that do not hold some kind of sensitive data, be it something as simple as customer addresses for delivery, or something as serious as patient medical records. Breaches of this data are happening every day, and not knowing the consequences of a successful breach is not a valid defense in modern times.

If a breach occurs in an industry with any government oversight at all, any organization found to be careless or deviating from industry best practices on security can face substantial penalties, not only reputational damages but monetary fines as well.

On the other side, maintaining proper security protocols can open up a number of business opportunities. For example, a start-up engages in a partnership with an established company that needs to ensure its new vendors are taking security seriously as to not jeopardize their own operations. This is but one case where failure to adhere to security standards can impact your organization.

For whatever reason a company would need to encrypt their data, it may seem like a daunting and intensive task, however critical it may be. It doesn’t have to be difficult at all. Ideally, encryption functions best when it is absolutely unobtrusive and invisible to daily users.

While large company data breaches make the headlines and cable news, it’s often small and medium businesses that are harmed by these intrusions. Potential fines, loss of reputation and lack of consumer confidence can be an often fatal blow to SMBs, whereas larger enterprises can absorb that kind of damage. When taking the potential loss into account, encryption and data security is critical in the small to medium business space.

There are many technical methods of data security, and while these are essential, they work best in tandem with employee awareness and training. Employees can minimize the organization’s risk profile and even limit the data’s exposure to the world at large, just by being aware of best practices and the consequences of mishandling.

Developing non-obtrusive methods of data encryption & security are imperative, as humans naturally seek out ways to be most productive, even if it means cutting corners for access to critical data in the name of efficiency. These process shortcuts can sometimes become the very method of attack used by criminals to steal data, or insert malicious programs behind firewalls.  Common issues that occur are passwords written and left in proximity to the PC or device they belong to, or removing hardware from a secured facility to an unsecure one, and not preventing access by unauthorized persons, such as ex-employees or vendors. Recognizing your vulnerabilities through an objective assessment can go a long way in minimizing your risk profile and ensuring that even in the event of a breach, your organization has taken great care in adopting standard practices to ensure data security is taken seriously.

Contact the professionals at SOS if you believe your organization can benefit from an in-depth review of data security practices.

Tech Headaches? We can help! Contact us now »