Don’t Think You Need Encryption? Think Again.
There is a good reason why major platforms such as Google, Facebook, and Amazon are carefully encrypting all data flowing between their websites and those of their users.
And it’s the same reason you should be encrypting your data.
Security.
Recent stats show more companies are getting on board with this security measure.
The 2019 Global Encryption Trends Study undertaken in tandem with the Ponemon Institute shows that the move to encrypt data is gaining momentum among small to medium business owners.
The study included 14 countries across 13 industries and involved more than six thousand respondents.
The findings revealed the following:
- Record year-over-year growth in HSM (hardware security module) usage from 41% in 2018 to 47%.
- Almost half (45%) of organizations reported having a consistent, enterprise-wide encryption strategy.
- Businesses across the technology and software, communications, and financial services sectors had the highest encryption use.
While some (SMBs) may have begun the process of encryption, most have probably not taken on the encryption of their inactive data, also known as data at rest. This constitutes anything stored physically in its digital forms such as data in off-site backups, archives, random access memory (RAM) and information stored that is accessible by mobile devices such as phones and USB drives.
While this inactive data is sometimes considered to be less vulnerable or valuable than data in transit, attackers often find data-at-rest a more valuable target than data in motion. Stored data is where your customers’ personal information resides.
The risk profile for data in transit or data at rest depends on the security measures that are in place to secure data in either state. If there aren’t any, you are at risk.
Encrypting your data and devices
Figuring out how to encrypt all your at-rest or in-transmission data can be a time consuming, and complicated task. We recommend breaking down the procedure into bite-size pieces and undertaking the tasks involved over time.
One straightforward task you can, and should assume right away, is the encryption of your most vulnerable devices such as laptops, memory sticks, tablets, and mobile phones.
These are all data-loaded items that leave your office regularly.
Which is all the more reason to encrypt them now.
If a laptop is stolen or even lost the thief or dishonest finder can easily bypass your login credentials and access your files, personal information and accounts by simply removing your laptop’s internal drive and attaching it to another machine.
That’s it! They do not need to crack your security password, know your secret 2Factor Authentication Code, or your mother’s maiden name.
If you think it’s unlikely your laptop will be lost or stolen, think again.
According to statistics from a Kensington study:
• One laptop is stolen every 53 seconds.
• 70 million smartphones are lost each year, with only 7 percent recovered.
• 4.3 percent of company-issued smartphones are lost or stolen every year.
• 52 percent of devices are taken from the office/workplace, and 24 percent from conferences.
The ensuing risk to a company’s confidential data is staggering and the most significant worry for IT, security, and risk managers.
This theft happened right here at home on the lower mainland.
Here is the story:
“My brother in law (will call him Mike) never imagined he’d lose his laptop. He is always so careful. Mike owns a small business and left his bag hidden in his truck in what he thought was a secure parking facility. When he returned, his windshield had been smashed and his bag containing the laptop, his daytimer and a book with all his meeting notes for the last five months was gone. Later that same day he took the truck into a glass repair place where they informed him that he was the eighth customer that day that had experienced a break-in. And that was just at one windshield repair shop!
Mike has a new laptop on order, and he did have it backed up, so there was less impact for him. However, someone has all his data, his daytimer, and his appointment notes.
They also have personal information and photographs, information on his family, his customers, and his suppliers. Now Mike is left to wonder what they plan on doing with that information.”
How long does it take to steal a laptop in broad daylight? Watch this.
An unsuspecting business owner (and client) was in San Francisco in late 2018. He and his wife and another couple parked their SUV and went across the street to buy an ice cream cone.
Watch the following video and see just how quickly thieves stole their laptops, camera equipment, luggage, and purses. While you are watching, take notice of how many cars are driving by and how many people are walking down the street.
Note, this is not a simulation; this is an actual crime in process.
Passers-by paid no attention.
This business now has encryption on all its portable devices!
Encrypting your devices – first steps – check for BitLocker or FileVault
Take a look at this list. You likely have encryption capabilities already built into your machine. All you have to do is enable them.
The following Windows systems include BitLocker, Microsoft’s built-in disc encryption:
• Ultimate and Enterprise editions of Windows Vista and Windows 7
• Pro and Enterprise editions of Windows 8 and 8.1[9][10]
• Pro, Enterprise, and Education editions of Windows 10[11]
• Windows Server 2008[12] and later [13][9]
Apple MAC introduced encryption capabilities with FileVault in OS X Panther and then upgraded it to FileVault 2.
Why Netcetera adds a 3rd part encryption key manager.
For our Netcetera clients, we recommend using a 3rd party encryption key manager such as Sophos Disc Encryption Manager. This 3rd party key allows the System Administrator or individual users to recover the encryption key if they forget what it is.
You must remember your encryption key.
If you do not use a third party manager and forget what your encryption key is, well that’s a whole other problem. You will be locked out of accessing your data, just like the criminals.
You’ll find definitive and comprehensive information in our next blog.
As we mentioned earlier, breaking this complex topic into small bites makes it easier to grasp.
In a future blog, we will dive deeper into the topic, including an explanation of how encryption is the cryptographic process of encoding information in such a way that only authorized people can read it.
And how you will be one of the authorized people for your SMB.
If you have any questions about encrypting data for your SMB, don’t hesitate to call on the experts at Netcetera. We’re knowledgeable and always happy to help.
You can contact us here by phone and email, or by stopping in for a visit.