How Encryption Protects Against Corporate Data Breaches

Daniel Tobok
E: dtobok@cytelligence.com
Posted on: March 20, 2019

In today’s business environment, data breaches are inevitable. No business is immune, as seen by the big companies falling victim to attacks in the news, almost every day. LinkedIn, Yahoo, and Equifax (just to name a few) are all massive enterprises that would seem capable of implementing the resources necessary to protect against data breaches.

And it’s not just large enterprises at risk of a major data breach. Small businesses that might not have the financial resources necessary to make significant investments in cyber protection can fall victim just as, if not more, easily. Outside of the detriments to their operations, the costs of recovering from an attack can be significant and impact the business’ well-being and potential for growth.

Attempting to prevent breaches outright is no longer a viable option, due mainly to the rise of public cloud computing and bring-your-own-device in the enterprise. The pace at which threat technology moves is so fast that hackers have the upper hand in outstripping defenders, leaving them in permanent catch-up mode.

Data encryption, however, provides organizations a solution that’s protecting sensitive information even in the event of a breach.

So, What is a Data Breach?

A data breach is a cybersecurity incident in which an unauthorized individual(s) copies, transmits, views, steals or uses sensitive, protected or confidential data. Leaked information could include personal or customer credit card number, passwords,

A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, or used by an individual who is unauthorized to do so.

The information that is leaked could be your credit card numbers, passwords, social insurance/security numbers or other information you would consider private. Repercussions include credit card fraud, identity theft and hacked user accounts.

There are strict regulatory requirements that restrict how organizations handle sensitive customer data, including that related to payment cards (credit, debit, etc.) and healthcare information, such as social security/health card numbers and health history. Those companies that fall victim to a data breach and are found to have failed to comply with regulatory requirements are often imposed with heavy fines.

What is Encryption And Why is it so Important?

Data encryption involves transforming digital information in a way that becomes unreadable, creating a threshold that keeps unauthorized users from gainst access to a computer housing sensitive personal or corporate data. Even in the event that someone gains access to a computer with sensitive information on it, they won’t able to do anything to the data (unless they have the original data key).

Encryption, in its most basic function, translates normal text into ciphertext to keep data from being accessed by the wrong people and that it isn’t altered.

The need for data encryption is more important than ever. There’s a number of factors driving this increased interest in using it as a frontline defense against unwanted data disclosures, such as:

1.Regulatory requirements mandating data privacy protections, particularly where encryption is a key solution

2.Increased use of mobile connections for professional use, such as BYOD and mobility

3.Concerns related to government surveillance and interception of personal and corporate electronic communications

4.The growing number of high-profile data breaches, such as those against Tier 1 service providers including Google, PayPal and eBay

5.The Internet of Things connecting a massive number of devices to IP networks to share data

Methods of encryption include:

Hashing, which creates a unique and fixed-length signature for a message or data set. Every hash is unique to specific messages, making minor change easy to track. Data encrypted using the hashing method can’t be reversed or cyphered.

Symmetric encryption (or private-key cryptography) is a method in which a key used to encrypt and decrypt any message must remain secure as anyone with access to it can decrypt the data. A sender will encrypt the data with one key, send the ciphertext and then the receiver must use the key to decrypt the data included in the message.

Asymmetric encryption (public-key cryptography) is different from symmetric encryption because it uses two keys to encrypt or decrypt data. A public key is available to anyone and used to encrypt message, while a different private key is used by recipients to decrypt messages.

How Your Organization Can Avoid a Data Breach

Build a secure network. The first step most hackers make to gain access to your data is to breach your network. Protect your network with encrypted communication, VPNs, firewalls, vulnerability scans, and penetration testing. Cleaning up a data breach is almost always more expensive than actions you can take to prevent one.

Encrypt your data. Almost two-thirds of companies that are the victims of a data breach hadn’t encrypted their data.

Make employee
cyber security training a priority
. Your network and data is only as safe as your employee’s ability to protect is. Make it habit of regularly updating employees on best practices to ensure your data is as protected as it can possibly be.

Train your employees to help protect sensitive data by:

  • Creating awareness about the types of Personally Identifiable Information (PII) your company stores, such as social security/insurance numbers, credit card information, and driver’s license numbers.
  • Teaching employees how to identify phishing emails and websites
  • Practicing strong password security
  • Educating employees on the risks of using their personal devices to send or store company data.

Encrypt data in transit. It is often a requirement to share data with clients periodically and a common misconception is that the data sent over a secured channel is secured. This is not true, and every file that is sent over the network needs to be encrypted.

Secure employee devices. Supplying employees with company-issued phones and laptops may help them be more efficient at work, but it also puts your systems at risk when employees aren’t on your internal network. Use identification, tracking and encryption to secure smartphones, USB drives, tablets and laptops.

Manages user privileges. SQL server is a very powerful tool that empowers users to do a lot more than just query a database. For instance, you can do many file system tasks and even control network events. Therefore, it is very important to limit user access to only what they absolutely need.

Inventory data locations. Data is everywhere: in the cloud, filing cabinets, even stick notes. It’s important to locate, understand and limit where sensitive data resides.

Strong Data Security is Possible

Data security isn’t all doom and gloom. While people are becoming desensitized to data breaches because of the frequency at which they now occur, it’s possible to encrypt your sensitive corporate data properly and drastically decrease your likelihood of an attack. And doing so doesn’t mean reinventing the wheel: learn from mistakes, educate yourself and your employees on the importance of data security and allow encryption to be your strongest ally against hackers.