In our everyday online life, we are constantly in contact with the subject of encrypting data – even unconsciously. For example, when you visit our website with https, you are part of a secure connection.
Data encryption lacks awareness
In Germany, however, there is often still a lack of awareness for the encryption of one’s own files, both in private and in business dealings. Particularly in view of rising cybercrime and at the same time growing attention to compliance with data protection, the issue is gaining in importance both in private and professional environments. Today, emails with applications, account statements or contracts are often sent unencrypted. This is not only frivolous, but in many cases even punishable. The requirement for an encrypted storage and transmission of personal data is demanded by the specifications of the European Union in the GDPR.
We have compiled the most important answers to questions on the secure encryption of data here – from “Why” to “How”.
Why should I encrypt data?
The question why you should encrypt data can be answered with a simple comparison: Imagine sending a postcard instead of an e-mail. Since a postcard can easily be read by uninvolved persons, its content is usually not private. The weather or the food at the holiday resort are of little relevance.
Especially in a professional context, the situation is quite different with e-mails. It has become a matter of course to communicate confidential topics or send sensitive data by e-mail. But e-mails are not much safer than postcards. Here, criminals can intercept and read content with little effort.
But wherever you store your data, it should never be unencrypted. An access password to your computer is not sufficient protection to protect your confidential data from unauthorized access. If your computer is stolen, you lose your smartphone or dispose of an old device, it is no problem for technical experts to read all your stored data. For this reason, it always makes sense to store all your data encrypted on your own computer. Modern operating systems like Microsoft Windows with BitLocker or MacOS with FileVault offer this possibility even without additional costs or additional programs.
Of course, the complete encryption of your data, which you store on external data carriers such as external hard disks, USB drives or in the cloud, is particularly important. There you have little control over what happens to your data. Only if you store your data encrypted and keep control over your keys are your data really protected.
How should I encrypt data?
The origins of the encrypted partition in the running system are even older than the postcard mentioned above. Cryptography has been used for centuries to encrypt diplomatic messages or secret letters. The simplest method is to exchange characters to make the message unreadable – unless you know the corresponding key. With digital communication, encryption methods have also become more digital and complex. As with texts, text, image or audio files are also encrypted, i.e. made illegible with the help of a key.
In principle, the encryption of data can now be divided into two different areas:
- In the encryption of files that are to be stored, e.g. virtual drives, USB sticks or external hard disks. Also known as “Data at Rest”.
- In the encryption of files that are to be sent (for example using an e-mail address), the so-called “transport encryption / connection encryption” also called “Data in Transit”.
Different encryption requirements can be derived from this. It is important to recognize the gaps in security.
Encryption should always be appropriate to the occasion and meet the requirements for the desired level of security. Systems and applications that, like TeamDrive, execute automatic encryption and also provide transparent and automatic key management are best suited.
Encrypting data correctly with symmetric encryption
In many cases, symmetric encryption (AES-256) is used for the secure storage of individual files or folders. Here the same key is used for encrypting and decrypting a file. A typical example is access by password, which of course should also be sufficiently complex for storage – for example on a hard disk. The better a password, the better for your files. The worse the password, the higher the risk. In the case of keys, the longer a key, the higher the level of security. AES-256 keys are 256 characters long and are considered secure today.
If a symmetrically protected file is to be passed on, the key must also be passed so that the recipient can open the file – a potential security risk. For this reason, the so-called asymmetric encryption is used to send files, in which two separate keys are used. The sender encrypts the file with a public key of the recipient. The sender can then cancel the encryption of the file with a private key.
The correct combination of these two encryption methods allows the respective advantages to be used and weak points or gaps to be closed. It is therefore important to consider the entire communication process.
Which data should I encrypt?
In principle, any type of file, folder or file system can be protected. Especially for storing and sharing personal data in the cloud, it is worth using a provider like TeamDrive, which automatically encrypts all data and its transport. Private users can use the software license-free to securely store personal and sensitive data, such as photos, in the cloud or on compatible servers and share it with friends or family.
Business customers are forced to encrypt by legal requirements and should therefore deal intensively with the topic, because violations due to omitted encryption are sometimes sanctioned with considerable penalties. The end-to-end encryption that TeamDrive uses as standard ensures that files are always protected from the eyes and access of unauthorized third parties.
Encrypting data in the enterprise
While data protection is usually a wish for private users, this topic is an absolute necessity for companies. Between compliance requirements and the German Data Protection Ordinance (GDPR), the encryption of files has become a priority. Particularly confidential and customer-related data should be encrypted – both for internal storage and for sending by e-mail. Please note that “123” is not a secure password and unencrypted files are an open book. Anyone without a great deal of programming knowledge can safely protect their own data from unauthorized access.