You have probably heard people talk about using encryption to protect themselves and their information. In this article, we will explain what encryption is, how it protects you and how to implement it properly.
Why Use Encryption?
You might have sensitive information on your devices, such as documents, pictures and emails. If one of your devices were to be stolen, all of your sensitive information would be in someone else’s hands. Encryption protects you in these situations by helping ensure unauthorized people cannot access or modify your information.
How It Works
Encryption converts information into a non-readable format called ciphertext. Today’s encryption works by using complex math operations and a unique secret key, converting information into ciphertext. The key locks or unlocks the encrypted information. Your key could be a file stored on your computer, a password or a combination of the two.
What Can You Encrypt?
There are two types of data to encrypt:
Data at rest – such as the data stored on your mobile device
Data in motion – such as receiving email or messaging
Encrypting data at rest is vital to protect information in case your computer or mobile device is lost or stolen. Full disk encryption (FDE) is a widely used encryption technique that encrypts the entire drive in your system. This means that everything on the system is automatically encrypted for you. Today, most computers come with FDE but you might have to manually turn it on or enable it. FileVault is used on Mac computers while Windows computers can use Bitlocker or device encryption. Mobile phone encryption for the iPhone and iPads automatically enable FDE once a passcode has been set. Starting with Android 6.0 (Marshmallow), Google is requiring FDE be enabled by default provided the hardware meets certain minimum standards. Please check with your device manufacturer to determine if it supports FDE.
Information in motion is also vulnerable. If data is not encrypted it can be monitored, modified, and captured online. This is why you want to make sure that all sensitive online transactions and communications are encrypted. A common type of encryption for data in motion is HTTPS. This means that traffic between your browser and a website is encrypted. Look for https:// in the URL, a lock icon on your browser or your URL bar turning green.
Key Things to Remember
Your encryption is only as strong as your key.
If using a passcode or password for your key, make sure it is a strong, unique password.
The longer your password the harder it is for an attacker to guess or brute force it.
If you can’t remember all of your passwords we recommend a password manager to securely store your passwords.
If your device has been compromised or is infected by malware, cyber attackers can bypass your encryption or leverage your secret key to decrypt the data if your key is not stored securely. It is important you take other steps to secure your devices including using anti-virus, strong passwords, and keeping them updated.
Malware, also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or otherwise annoying or disrupting the victim. Malware has become the most significant external threat to most systems, causing widespread damage and disruption, and necessitating extensive recovery efforts within most organizations.
There are five types of malware:
Ransomware – Ransomware is a subcategory of malware which typically will block access to computers or data until a payment is made.
Trojan – A Trojan is a self-contained, non-replicating program that, while appearing harmless, actually has a hidden malicious purpose. Trojans either replace existing files with malicious versions or add new malicious files to hosts.
Spyware – Spyware is a type of malware used to covertly observe a user’s activity and gather information about a user without their knowledge or consent.
Virus – A virus self-replicates by inserting copies of itself into host programs, data files or propagating through network file sharing. Viruses are often triggered through user interaction, such as opening a file or running a program.
Worm – A worm is a self-replicating, self-contained program that usually executes itself without user intervention.
Signs to Look Out For:
Unexpected computer crashes
Pop-up ads (even when no browser is open)
Excessive hard drive activity
New browser homepage or toolbars
Unexpected Antivirus disabling
Ways To Avoid An Attack:
Do not open suspicious emails oremail attachments, click on hyperlinks, etc. from unknown or known senders, or visit websites that are likely to contain malicious content
Do not click on suspicious web browser popup windows
Do not open files with file extensions that are likely to be associated with malware (e.g., .bat, .com, .exe, .pif, .vbs)
Do not disable malware security control mechanisms (e.g., antivirus software, content filtering software, reputation software, personal firewall) and ensure that they are continuously updated
Do not use administrator-level accounts for regular host operation
Do not download or execute applications from untrusted sources
One of today’s most effective cyber-attack methods is to take advantage of the human tendency to trust.
Social engineering, a form of psychological manipulation where an attacker cons users into divulging information or doing something they want the user to do, can occur through phone calls, email, text messaging, social media and online chats.
Indicators of social engineering attacks include:
A tremendous sense of urgency, or pressure to make a quick decision
Someone asking for information they should already know
Something too good to be true
To avoid social engineering attacks, never share your passwords and don’t share too much personal information on social media, which can give attackers information to mislead you. If someone asks for something personal, verify their contact information first.