Posted August 24, 2017
It's late and the evening train is packed with commuters. Eager to get home, you hurry out the carriage at your stop, leaving the remaining people to jostle for the free space. In your haste, however, you drop your USB key. The man you sat next to you picks it up, curious to see how he can profit from his discovery.
How anxious does the scenario above make you? Do you have anything stored on your USB that a criminal could use to rob, blackmail or publicly embarrass you? I'd wager there's something valuable there. It could be personal or professional, but if it's easily accessible, it's vulnerable.
The Vulnerability of Data
In the Information Age, data is our most precious asset. It’s both our competitive advantage and the substance of our work. What's more, it's prolific. It's on our smartphones, tablets, laptops, USB drives and cloud accounts. In our rush for productivity and convenience, we've left a lot of lucrative targets for criminals.
You may say "well, who would be interested in me?" But protection through obscurity is a gamble. Although someone could grab your device whilst you're not looking, like in the example above, it’s also possible to use malware to infect your device via the Internet. These tools can be automated and used on a staggering scale, just like ransomware. You don't have to be specifically targeted to be a victim. Rather, you just need to have left yourself vulnerable. Additionally, as useful as large cloud services like Dropbox and Google Drive are, their size also makes them a constant target for opportunists, who try to break into our accounts on a daily basis. In this light, we are all potential targets.
We owe it to ourselves to protect our data. So how do we do it? We use encryption, the process of randomising data so that nobody without the right key can read the gibberish produced. By combining a mathematical algorithm with a secure password of your choosing (more on passwords in a future blog), encryption can lock your data in a way that would take criminals decades to break into, even with strong technology. It’s as if your files were all written in a secret language that only you knew. Using encryption, even if somebody breaks into your cloud account or steals your device, what they find on there will be useless to them. Encryption’s strength is actually well recognised, it’s already used to protect online banking, e-commerce, critical infrastructure like power plants, passwords for online services, corporate secrets and classified government documents. So, how can we follow their good example?
There are more types of encryption and ways to use them than one blog post can describe, but we recommend you look for services that implement ‘AES-258’. Advanced Encryption Standard is named so because it is considered an industry standard for security. As a starting point, consider encrypting your most sensitive files (banking data, business documents) that you have on your computer, USB drives and cloud accounts. In addition, make sure that you use secure communication services when talking about company secrets.