Is encryption key to cyber security?

The confidentiality of data has never been more of a concern for organisations. In the age of the Internet, email and the World Wide Web, never before has there been a greater risk that data can be stolen, lost or accessed without proper authorisation.

With news of the US government’s PRISM programme hitting the headlines, it has put the whole issue of the confidentiality of data front and centre in people’s minds. If the US government can access their data easily, who else may be snooping on their confidential data? Hackers, cyber criminals? The list of possibilities is endless.

‘Distrust and caution are the parents of security.’
Benjamin Franklin

But what can we really do to prevent our data from being accessed by unauthorised parties? The answer is pretty simple really. The most basic step is to encrypt any confidential information. Any information that would damage your organisation, should it leak out of the organisation, should be encrypted.

Referring back to the case of PRISM, Google are now trialling the use of encryption software on their Google Drive service as a way of boosting customer confidence that their information will remain confidential, as reported by CNET.

Encryption has traditionally been seen as a highly technical solution to the issue of maintaining the confidentiality of information. But this isn’t the case anymore, there are suppliers of cloud encryption services such as Alertsec Endpoint Protect that enable SMEs to roll out encryption quickly and easily using pre-defined policies.

Whilst there are more complex encryption solutions for larger organisations available, such as Sophos or Symantec PGP, the only thing that complicates their use is the policies individual organisations decide to pursue with regard to encryption.

Encryption isn’t the complete solution to cyber security. PEOPLE and PROCESSES are equally as important, but it will help to enable organisations to protect their data effectively!