security-network

Tips To Use Encryption The Right Way

Encryption Tips

Encryption is the most important part when it comes to securing your data online. For those of you who are still alien to this concept, encryption converts data into an unreadable format called cipher text with the help of a secret key called the encryption key. And you cannot get access to the primary data unless you can get access to the encryption key or guess it.

Encryption

If you use cloud services to store or backup your data, you should understand what encryption is and how to use it the right way. All the cloud companies based in the US are liable to share their cloud data with the government, and if you don’t want NSA snooping through your data, you should encrypt your data before moving to the cloud.

Here are some tips to use encryption the right way:

  1. Check the strength of encryption provided

Each cloud-based service has a different kind of encryption, and you should know what each one of them means before storing your data on the cloud. Also, while some cloud services are transparent about how they encrypt data, some aren’t so clear.

cloud-cloudtweaks-comic

For instance, Apple clearly states that iCloud uses a 128-bit AES encryption, but Google does not specify how the data is encrypted on Google Drive. In fact, most of the cloud backup services that you will come across will determine the kind of encryption they use. One of the strongest cloud backup encryption services offered right now is by Crashplan, which offers 448-bit Blowfish encryption.

  1. Use long passphrases as encryption key

When Edward Snowden, a former NSA employee and a whistleblower was asked about what kind of passwords to use, he came up with a rather interesting response. According to Snowden, instead of using words as your passwords, you should use a minimum of 8-letter passphrases. And of course, a number a special character, which should not be in the end but somewhere in the middle.

The idea is that it's easy to guess 6-letter words by algorithms but guessing 8-letter words get much, much tougher for the algorithms.

  1. Data should be encrypted before its uploaded

Just because a cloud service says that it encrypts your data, doesn’t mean your data is completely secure. First of all, data can be encrypted at three locations – on the local machines, in transit, and on the cloud server.

Now, some services encrypt your data on all the three locations, while most of the cloud services only encrypt your data when it's in transit, using an SSL encryption. This leaves your data open for all the hackers. It's always safe to encrypt the data yourself with a strong encryption key before you upload it to the cloud. This way, you are in charge of your data’s safety.

  1. Check for regulations and compliances

Encrypting data is actually the easy part; the difficult part is making sure your data follows all the right regulations and compliances, and it is secure and safe. In fact, the biggest threat your organization might face is cyber security. Your organization’s infrastructure can be vulnerable. Check with the compliances that your company needs to follow and also, make sure it follows all the security guidelines.

  1. Email encryptions

Emails are private, and it can be threatening when hackers get access to an organization's emails. Employees don’t just discuss regular day-to-day stuff; they also discuss about critical company details. And of course, there are also emails between employees and clients. Email hacks have been very common and more than 100 GB of email data has been hacked till now.

email-security

(Image Source: Shutterstock)

There are many encryption add-ins that can be used and integrated with Microsoft Outlook. It makes sure that your emails are encrypted when they are being transferred.

  1. Use digital signatures

A digital signature uses asymmetric cryptography to encrypt the message. When the user is signing the message, he uses a private key to encrypt it, and the receivers use a public key to decrypt the message.

Using a digital signature does not just assure that it is you who sent the message, but it also states that the message has not been tampered with, and it is in the original form.

As we move more and more of our data on the cloud, encryption will become even more important. With the NSA already snooping through user data, you need to be extra careful before you upload your data to the cloud.

By Ritika Tiwari

Ritika Tiwari

Ritika is a Software Engineer by degree and a self proclaimed geek. She quit her IT job to become a writer and now, she writes about everything tech.

CONTRIBUTORS

Six Major Data Breach Trends From 2017

Six Major Data Breach Trends From 2017

Major Data Breach Trends It seems like the moment the security industry collectively comes to grips with the latest publicly ...
Cloud Services Providers - Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from ...
Waiting for IT? Rise Up Citizen Coders! Cloud Now Eliminates the Need for Developers

Waiting for IT? Rise Up Citizen Coders! Cloud Now Eliminates the Need for Developers

SaaS Application Development All we seem to hear about is the shortage of developers, people who can code. Times are ...
The Cloudification of Healthcare: Benefits and Risks

The Cloudification of Healthcare: Benefits and Risks

Cloud Healthcare: Benefits and Risks Many organizations are moving most of their business-critical applications and workloads to the cloud. The ...
Follow the Lead: 5 Data Security Tips Small Businesses Should Mimic From Larger Enterprises

Follow the Lead: 5 Data Security Tips Small Businesses Should Mimic From Larger Enterprises

Data Security Tips Small Businesses Should Mimic As more and more companies begin to switch to the cloud, cyber attacks ...
Tweaking with Application Assessment Tools

Tweaking with Application Assessment Tools

Application Assessment We have all seen the TV commercial where impossible situations are solved quickly by simply pressing a button ...
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...
Three Tips To Simplify Governance, Risk and Compliance

Three Tips To Simplify Governance, Risk and Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In ...
How Modern Architects Transform the Messy Mix of Hybrid Cloud into a Force Multiplier

How Modern Architects Transform the Messy Mix of Hybrid Cloud into a Force Multiplier

Modern Architects Transform The next BriefingsDirect cloud strategies insights interview focuses on how IT architecture and new breeds of service providers ...
4 Tech Cleanups For National Cyber Security Awareness

4 Tech Cleanups For National Cyber Security Awareness

National Cyber Security Awareness October is Cyber Security Awareness Month, and President Obama recently called upon the American people to ...

NEWS

DigitalOcean Announces New Compute Plans to Provide Best Price-to-Performance for Production Applications

DigitalOcean Announces New Compute Plans to Provide Best Price-to-Performance for Production Applications

Changes Position DigitalOcean as Most Competitive, Simple Pricing Solution in Cloud Infrastructure Industry NEW YORK, Jan. 16, 2018 (GLOBE NEWSWIRE) ...
Google classroom

Google to expand cloud infrastructure with new regions, submarine cables

(Reuters) - Alphabet Inc’s Google said on Tuesday it would add five regions and build three new submarine cables as ...
Cogeco Peer 1 Adds Managed Microsoft Azure Services to Cloud Portfolio

Cogeco Peer 1 Adds Managed Microsoft Azure Services to Cloud Portfolio

Cogeco Peer 1 Adds Managed Microsoft Azure Services Flexible services optimize customer's Azure investments, handle the day-to-day management of the ...