Encryption 101

The need for encryption and stringent security is at an all-time high, with advancements in tech comes increased risks to individuals; encryption is needed on all fronts. Encryption is not part of the innovation wave as encryption dates back to ancient times. The Romans and Greeks would send confidential and coded messages substituting letters only comprehensible with a specific key, i.e. encrypted messages.

Simply put, the incredible transformation in the past 20 years has fueled businesses and consumers to change the way they live, breathe, work, eat, travel, communicate, purchase/sell, you get the point. In one way or another, the internet has affected every single industry that is still functioning. When you order something over the internet, whether it is Uber Eats or a new TV from Amazon, you are required to enter a significant amount of personal information; people’s full names, email addresses, physical addresses, phone number, credit and debit card information, and passwords/pins. With the capabilities of present day hackers, all of this information is vulnerable to attack.

According to Bernard Marr from Forbes.com, “There are 2.5 quintillion bytes of data created each day.” That fact alone is mind-boggling. Let’s face it. There is a considerable amount of data –currently– in the world. Some would say that we do not necessarily know what to do with it. One thing we do know, there is whole lot of information that we do not want other people to see.

In more definitive terms, when we use the internet, we are not just sitting there clicking around and passively taking in information. We are actually involved in a great deal of traffic and trade. Whenever someone orders something off the internet, the order requires an online account that requires having you create an account and enter in a decent amount of sensitive information. So as I said before, a typical transaction can include more than just our names, email addresses, home addresses, and phone numbers but also passwords, pins, and credit card information.

The internet processes more information in a day than you can even imagine. According to an IBM Marketing Cloud study, “10% of the world’s EXISTING Data was created before 2016.” Meaning, the world is currently churning out data at an alarming rate, and it will only increase. People, businesses, and devices have all become data factories that are pumping out incredible amounts of information to the web each day. The internet has changed the way humans interact with one another by bringing change to the way we have lived and worked in the past. With the world more connected than ever before, security becomes a major concern.

There are two major types of encryption, i.e. Symmetric-key encryption – each computer has a secret key that it can use to encrypt a packet of information before it is sent over. This key requires that the individual explicitly know which computers will be communicating with one another so that they may install the same key on each one. And, Public Key Encryption, which is thought to be a present day solution to Symmetric Key Encryption.

Also known as, “Asymmetric Key Encryption” which ultimately uses two different keys at once, one being private and the other public. The private key combo is known exclusively by your computer while the public key is distributed out to whomever you choose to share it with in order to encrypt. In order to de-encrypt a message, a computer must use the private key. Simply stated, the public key is only able to encrypt or encode information, and the private key is required in order to decode information.

The internet is a worldwide and public network. With so much information at our fingertips, and with that stockpile of data infinitely growing, there is no way to predict the future comings of what it will bring. Meaning, all of the data that makes up the grid must travel vast distances across different servers and networks that have no guarantee that you will be protected. That said, if you want your data to remain YOUR data, you will want to use said encryptions so that your data cannot be deciphered while in travel.

I often speak to my corporate team at Granite (or to anyone that will listen) about the vulnerabilities of public networks. With little to no protection, public networks are prone to attack. Simply put, anybody that uses those networks are directly exposing themselves to unnecessary risk. You may ask yourself, “How dangerous is it really to check my online bank account on my phone at Starbucks using their free Wi-Fi?”

First and foremost, all public networks allow for snooping due to the open nature of their programming. Secondly, most public networks are outdated and may already be infected with malware. Third, the network may be an aesthetic or memorable title but secretly malicious. Meaning it could be a fake hotspot meant to lure users into connecting. Therefore, using an openVPN tunnel which is a fancy way of saying you encrypt your connection to the internet, should be the standard we all aspire to. At a minimum never use the free public option offered by the vendor, it is comparable to a game of Russian roulette.

One of the simplest ways to protect yourself is by using encrypted websites. In other words, make sure –when browsing—that the website you are viewing has a HTTPS and lock symbol (rather than HTTP) in the start and end of their URL. There are plenty of sites that do not use HTTPS, I strongly urge you to stay away from them if you can. Entering data on an insecure website is like leaving your unlocked car filled with cash in the shopping center parking lot and expect the money to be there when you return.  I say this because as 2019 is coming to an end, these bad actors are only becoming more and more sophisticated. Anyone with the right skills and wrong intentions could easily intercept your data and manipulate it to their advantage.

Although you may not realize it, each and every one of us rely on encryption in our daily life. The importance of encryption cannot be over emphasized. As I have outlined above, encryption wears many faces weather you choose to encrypt sensitive files on your compute or not, use an encrypted secure mail service for sensitive email messages, or even encrypt your entire connection to the internet, or encrypt your entire hard drive it is one of the best defenses in protecting your sensitive and confidential information.

As always, think before you click.

Leave a Comment

You must be logged in to post a comment.